diff options
Diffstat (limited to 'kernel/fork.c')
| -rw-r--r-- | kernel/fork.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/kernel/fork.c b/kernel/fork.c index a31b823b3c2d..c535f33bbb9c 100644 --- a/kernel/fork.c +++ b/kernel/fork.c | |||
| @@ -1166,6 +1166,14 @@ static struct task_struct *copy_process(unsigned long clone_flags, | |||
| 1166 | current->signal->flags & SIGNAL_UNKILLABLE) | 1166 | current->signal->flags & SIGNAL_UNKILLABLE) |
| 1167 | return ERR_PTR(-EINVAL); | 1167 | return ERR_PTR(-EINVAL); |
| 1168 | 1168 | ||
| 1169 | /* | ||
| 1170 | * If the new process will be in a different pid namespace | ||
| 1171 | * don't allow the creation of threads. | ||
| 1172 | */ | ||
| 1173 | if ((clone_flags & (CLONE_VM|CLONE_NEWPID)) && | ||
| 1174 | (task_active_pid_ns(current) != current->nsproxy->pid_ns)) | ||
| 1175 | return ERR_PTR(-EINVAL); | ||
| 1176 | |||
| 1169 | retval = security_task_create(clone_flags); | 1177 | retval = security_task_create(clone_flags); |
| 1170 | if (retval) | 1178 | if (retval) |
| 1171 | goto fork_out; | 1179 | goto fork_out; |
| @@ -1660,8 +1668,10 @@ SYSCALL_DEFINE5(clone, unsigned long, clone_flags, unsigned long, newsp, | |||
| 1660 | int, tls_val) | 1668 | int, tls_val) |
| 1661 | #endif | 1669 | #endif |
| 1662 | { | 1670 | { |
| 1663 | return do_fork(clone_flags, newsp, 0, | 1671 | long ret = do_fork(clone_flags, newsp, 0, parent_tidptr, child_tidptr); |
| 1664 | parent_tidptr, child_tidptr); | 1672 | asmlinkage_protect(5, ret, clone_flags, newsp, |
| 1673 | parent_tidptr, child_tidptr, tls_val); | ||
| 1674 | return ret; | ||
| 1665 | } | 1675 | } |
| 1666 | #endif | 1676 | #endif |
| 1667 | 1677 | ||