diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-12-21 23:27:12 -0500 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-12-25 19:10:05 -0500 |
| commit | c876ad7682155958d0c9c27afe9017925c230d64 (patch) | |
| tree | 926064bd7909f60daed3b6b963555e57cab7b520 /include/linux/pid.h | |
| parent | 8382fcac1b813ad0a4e68a838fc7ae93fa39eda0 (diff) | |
pidns: Stop pid allocation when init dies
Oleg pointed out that in a pid namespace the sequence.
- pid 1 becomes a zombie
- setns(thepidns), fork,...
- reaping pid 1.
- The injected processes exiting.
Can lead to processes attempting access their child reaper and
instead following a stale pointer.
That waitpid for init can return before all of the processes in
the pid namespace have exited is also unfortunate.
Avoid these problems by disabling the allocation of new pids in a pid
namespace when init dies, instead of when the last process in a pid
namespace is reaped.
Pointed-out-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'include/linux/pid.h')
| -rw-r--r-- | include/linux/pid.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/pid.h b/include/linux/pid.h index b152d44fb181..2381c973d897 100644 --- a/include/linux/pid.h +++ b/include/linux/pid.h | |||
| @@ -121,6 +121,7 @@ int next_pidmap(struct pid_namespace *pid_ns, unsigned int last); | |||
| 121 | 121 | ||
| 122 | extern struct pid *alloc_pid(struct pid_namespace *ns); | 122 | extern struct pid *alloc_pid(struct pid_namespace *ns); |
| 123 | extern void free_pid(struct pid *pid); | 123 | extern void free_pid(struct pid *pid); |
| 124 | extern void disable_pid_allocation(struct pid_namespace *ns); | ||
| 124 | 125 | ||
| 125 | /* | 126 | /* |
| 126 | * ns_of_pid() returns the pid namespace in which the specified pid was | 127 | * ns_of_pid() returns the pid namespace in which the specified pid was |