aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-12-21 23:27:12 -0500
committerEric W. Biederman <ebiederm@xmission.com>2012-12-25 19:10:05 -0500
commitc876ad7682155958d0c9c27afe9017925c230d64 (patch)
tree926064bd7909f60daed3b6b963555e57cab7b520 /include/linux
parent8382fcac1b813ad0a4e68a838fc7ae93fa39eda0 (diff)
pidns: Stop pid allocation when init dies
Oleg pointed out that in a pid namespace the sequence. - pid 1 becomes a zombie - setns(thepidns), fork,... - reaping pid 1. - The injected processes exiting. Can lead to processes attempting access their child reaper and instead following a stale pointer. That waitpid for init can return before all of the processes in the pid namespace have exited is also unfortunate. Avoid these problems by disabling the allocation of new pids in a pid namespace when init dies, instead of when the last process in a pid namespace is reaped. Pointed-out-by: Oleg Nesterov <oleg@redhat.com> Reviewed-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/pid.h1
-rw-r--r--include/linux/pid_namespace.h4
2 files changed, 4 insertions, 1 deletions
diff --git a/include/linux/pid.h b/include/linux/pid.h
index b152d44fb18..2381c973d89 100644
--- a/include/linux/pid.h
+++ b/include/linux/pid.h
@@ -121,6 +121,7 @@ int next_pidmap(struct pid_namespace *pid_ns, unsigned int last);
121 121
122extern struct pid *alloc_pid(struct pid_namespace *ns); 122extern struct pid *alloc_pid(struct pid_namespace *ns);
123extern void free_pid(struct pid *pid); 123extern void free_pid(struct pid *pid);
124extern void disable_pid_allocation(struct pid_namespace *ns);
124 125
125/* 126/*
126 * ns_of_pid() returns the pid namespace in which the specified pid was 127 * ns_of_pid() returns the pid namespace in which the specified pid was
diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h
index bf285999273..215e5e3dda1 100644
--- a/include/linux/pid_namespace.h
+++ b/include/linux/pid_namespace.h
@@ -21,7 +21,7 @@ struct pid_namespace {
21 struct kref kref; 21 struct kref kref;
22 struct pidmap pidmap[PIDMAP_ENTRIES]; 22 struct pidmap pidmap[PIDMAP_ENTRIES];
23 int last_pid; 23 int last_pid;
24 int nr_hashed; 24 unsigned int nr_hashed;
25 struct task_struct *child_reaper; 25 struct task_struct *child_reaper;
26 struct kmem_cache *pid_cachep; 26 struct kmem_cache *pid_cachep;
27 unsigned int level; 27 unsigned int level;
@@ -42,6 +42,8 @@ struct pid_namespace {
42 42
43extern struct pid_namespace init_pid_ns; 43extern struct pid_namespace init_pid_ns;
44 44
45#define PIDNS_HASH_ADDING (1U << 31)
46
45#ifdef CONFIG_PID_NS 47#ifdef CONFIG_PID_NS
46static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns) 48static inline struct pid_namespace *get_pid_ns(struct pid_namespace *ns)
47{ 49{