Commit 0f245285 authored by Serge E. Hallyn's avatar Serge E. Hallyn Committed by Linus Torvalds

[PATCH] namespaces: fix task exit disaster

This is based on a patch by Eric W.  Biederman, who pointed out that pid
namespaces are still fake, and we only have one ever active.

So for the time being, we can modify any code which could access
tsk->nsproxy->pid_ns during task exit to just use &init_pid_ns instead,
and move the exit_task_namespaces call in do_exit() back above
exit_notify(), so that an exiting nfs server has a valid tsk->sighand to
work with.

Long term, pulling pid_ns out of nsproxy might be the cleanest solution.
Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>

[ Eric's patch fixed to take care of free_pid() too ]
Signed-off-by: default avatarSerge E. Hallyn <serue@us.ibm.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 444f378b
...@@ -39,7 +39,7 @@ static inline void put_pid_ns(struct pid_namespace *ns) ...@@ -39,7 +39,7 @@ static inline void put_pid_ns(struct pid_namespace *ns)
static inline struct task_struct *child_reaper(struct task_struct *tsk) static inline struct task_struct *child_reaper(struct task_struct *tsk)
{ {
return tsk->nsproxy->pid_ns->child_reaper; return init_pid_ns.child_reaper;
} }
#endif /* _LINUX_PID_NS_H */ #endif /* _LINUX_PID_NS_H */
...@@ -938,8 +938,8 @@ fastcall NORET_TYPE void do_exit(long code) ...@@ -938,8 +938,8 @@ fastcall NORET_TYPE void do_exit(long code)
tsk->exit_code = code; tsk->exit_code = code;
proc_exit_connector(tsk); proc_exit_connector(tsk);
exit_notify(tsk);
exit_task_namespaces(tsk); exit_task_namespaces(tsk);
exit_notify(tsk);
#ifdef CONFIG_NUMA #ifdef CONFIG_NUMA
mpol_free(tsk->mempolicy); mpol_free(tsk->mempolicy);
tsk->mempolicy = NULL; tsk->mempolicy = NULL;
......
...@@ -197,7 +197,7 @@ fastcall void free_pid(struct pid *pid) ...@@ -197,7 +197,7 @@ fastcall void free_pid(struct pid *pid)
hlist_del_rcu(&pid->pid_chain); hlist_del_rcu(&pid->pid_chain);
spin_unlock_irqrestore(&pidmap_lock, flags); spin_unlock_irqrestore(&pidmap_lock, flags);
free_pidmap(current->nsproxy->pid_ns, pid->nr); free_pidmap(&init_pid_ns, pid->nr);
call_rcu(&pid->rcu, delayed_put_pid); call_rcu(&pid->rcu, delayed_put_pid);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment