1 files changed, 20 insertions, 11 deletions

diff --git a/kernel/fork.c b/kernel/fork.c
index 85f6d536608d..8d932b1c9056 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -413,7 +413,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
                 tmp->vm_next = tmp->vm_prev = NULL;
                 file = tmp->vm_file;
                 if (file) {
-                        struct inode *inode = file->f_path.dentry->d_inode;
+                        struct inode *inode = file_inode(file);
                         struct address_space *mapping = file->f_mapping;
 
                         get_file(file);
@@ -1166,6 +1166,14 @@ static struct task_struct *copy_process(unsigned long clone_flags,
                                 current->signal->flags & SIGNAL_UNKILLABLE)
                 return ERR_PTR(-EINVAL);
 
+        /*
+         * If the new process will be in a different pid namespace
+         * don't allow the creation of threads.
+         */
+        if ((clone_flags & (CLONE_VM|CLONE_NEWPID)) &&
+            (task_active_pid_ns(current) != current->nsproxy->pid_ns))
+                return ERR_PTR(-EINVAL);
+
         retval = security_task_create(clone_flags);
         if (retval)
                 goto fork_out;
@@ -1225,6 +1233,12 @@ static struct task_struct *copy_process(unsigned long clone_flags,
 #ifndef CONFIG_VIRT_CPU_ACCOUNTING
         p->prev_cputime.utime = p->prev_cputime.stime = 0;
 #endif
+#ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN
+        seqlock_init(&p->vtime_seqlock);
+        p->vtime_snap = 0;
+        p->vtime_snap_whence = VTIME_SLEEPING;
+#endif
+
 #if defined(SPLIT_RSS_COUNTING)
         memset(&p->rss_stat, 0, sizeof(p->rss_stat));
 #endif
@@ -1613,7 +1627,6 @@ long do_fork(unsigned long clone_flags,
         return nr;
 }
 
-#ifdef CONFIG_GENERIC_KERNEL_THREAD
 /*
  * Create a kernel thread.
  */
@@ -1622,7 +1635,6 @@ pid_t kernel_thread(int (*fn)(void *), void *arg, unsigned long flags)
         return do_fork(flags|CLONE_VM|CLONE_UNTRACED, (unsigned long)fn,
                 (unsigned long)arg, NULL, NULL);
 }
-#endif
 
 #ifdef __ARCH_WANT_SYS_FORK
 SYSCALL_DEFINE0(fork)
@@ -1662,8 +1674,10 @@ SYSCALL_DEFINE5(clone, unsigned long, clone_flags, unsigned long, newsp,
                  int, tls_val)
 #endif
 {
-        return do_fork(clone_flags, newsp, 0,
-                parent_tidptr, child_tidptr);
+        long ret = do_fork(clone_flags, newsp, 0, parent_tidptr, child_tidptr);
+        asmlinkage_protect(5, ret, clone_flags, newsp,
+                        parent_tidptr, child_tidptr, tls_val);
+        return ret;
 }
 #endif
 
@@ -1847,10 +1861,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
                         exit_sem(current);
                 }
 
-                if (new_nsproxy) {
+                if (new_nsproxy)
                         switch_task_namespaces(current, new_nsproxy);
-                        new_nsproxy = NULL;
-                }
 
                 task_lock(current);
 
@@ -1880,9 +1892,6 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
                 }
         }
 
-        if (new_nsproxy)
-                put_nsproxy(new_nsproxy);
-
 bad_unshare_cleanup_cred:
         if (new_cred)
                 put_cred(new_cred);