| fork.c (a6184f8e0bb1ba8b444836926cd6967ea176fd31) | fork.c (769071ac9f20b6a447410c7eaa55d1a5233ef40c) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * linux/kernel/fork.c 4 * 5 * Copyright (C) 1991, 1992 Linus Torvalds 6 */ 7 8/* --- 1818 unchanged lines hidden (view full) --- 1827 int node, 1828 struct kernel_clone_args *args) 1829{ 1830 int pidfd = -1, retval; 1831 struct task_struct *p; 1832 struct multiprocess_signals delayed; 1833 struct file *pidfile = NULL; 1834 u64 clone_flags = args->flags; | 1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * linux/kernel/fork.c 4 * 5 * Copyright (C) 1991, 1992 Linus Torvalds 6 */ 7 8/* --- 1818 unchanged lines hidden (view full) --- 1827 int node, 1828 struct kernel_clone_args *args) 1829{ 1830 int pidfd = -1, retval; 1831 struct task_struct *p; 1832 struct multiprocess_signals delayed; 1833 struct file *pidfile = NULL; 1834 u64 clone_flags = args->flags; |
| 1835 struct nsproxy *nsp = current->nsproxy; |
|
| 1835 1836 /* 1837 * Don't allow sharing the root directory with processes in a different 1838 * namespace 1839 */ 1840 if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS)) 1841 return ERR_PTR(-EINVAL); 1842 --- 26 unchanged lines hidden (view full) --- 1869 return ERR_PTR(-EINVAL); 1870 1871 /* 1872 * If the new process will be in a different pid or user namespace 1873 * do not allow it to share a thread group with the forking task. 1874 */ 1875 if (clone_flags & CLONE_THREAD) { 1876 if ((clone_flags & (CLONE_NEWUSER | CLONE_NEWPID)) || | 1836 1837 /* 1838 * Don't allow sharing the root directory with processes in a different 1839 * namespace 1840 */ 1841 if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS)) 1842 return ERR_PTR(-EINVAL); 1843 --- 26 unchanged lines hidden (view full) --- 1870 return ERR_PTR(-EINVAL); 1871 1872 /* 1873 * If the new process will be in a different pid or user namespace 1874 * do not allow it to share a thread group with the forking task. 1875 */ 1876 if (clone_flags & CLONE_THREAD) { 1877 if ((clone_flags & (CLONE_NEWUSER | CLONE_NEWPID)) || |
| 1877 (task_active_pid_ns(current) != 1878 current->nsproxy->pid_ns_for_children)) | 1878 (task_active_pid_ns(current) != nsp->pid_ns_for_children)) |
| 1879 return ERR_PTR(-EINVAL); 1880 } 1881 | 1879 return ERR_PTR(-EINVAL); 1880 } 1881 |
| 1882 /* 1883 * If the new process will be in a different time namespace 1884 * do not allow it to share VM or a thread group with the forking task. 1885 */ 1886 if (clone_flags & (CLONE_THREAD | CLONE_VM)) { 1887 if (nsp->time_ns != nsp->time_ns_for_children) 1888 return ERR_PTR(-EINVAL); 1889 } 1890 |
|
| 1882 if (clone_flags & CLONE_PIDFD) { 1883 /* 1884 * - CLONE_DETACHED is blocked so that we can potentially 1885 * reuse it later for CLONE_PIDFD. 1886 * - CLONE_THREAD is blocked until someone really needs it. 1887 */ 1888 if (clone_flags & (CLONE_DETACHED | CLONE_THREAD)) 1889 return ERR_PTR(-EINVAL); --- 683 unchanged lines hidden (view full) --- 2573 if (!legacy_clone_args_valid(&args)) 2574 return -EINVAL; 2575 2576 return _do_fork(&args); 2577} 2578#endif 2579 2580#ifdef __ARCH_WANT_SYS_CLONE3 | 1891 if (clone_flags & CLONE_PIDFD) { 1892 /* 1893 * - CLONE_DETACHED is blocked so that we can potentially 1894 * reuse it later for CLONE_PIDFD. 1895 * - CLONE_THREAD is blocked until someone really needs it. 1896 */ 1897 if (clone_flags & (CLONE_DETACHED | CLONE_THREAD)) 1898 return ERR_PTR(-EINVAL); --- 683 unchanged lines hidden (view full) --- 2582 if (!legacy_clone_args_valid(&args)) 2583 return -EINVAL; 2584 2585 return _do_fork(&args); 2586} 2587#endif 2588 2589#ifdef __ARCH_WANT_SYS_CLONE3 |
| 2581 2582/* 2583 * copy_thread implementations handle CLONE_SETTLS by reading the TLS value from 2584 * the registers containing the syscall arguments for clone. This doesn't work 2585 * with clone3 since the TLS value is passed in clone_args instead. 2586 */ 2587#ifndef CONFIG_HAVE_COPY_THREAD_TLS 2588#error clone3 requires copy_thread_tls support in arch 2589#endif 2590 | |
| 2591noinline static int copy_clone_args_from_user(struct kernel_clone_args *kargs, 2592 struct clone_args __user *uargs, 2593 size_t usize) 2594{ 2595 int err; 2596 struct clone_args args; 2597 pid_t *kset_tid = kargs->set_tid; 2598 --- 217 unchanged lines hidden (view full) --- 2816/* 2817 * Check constraints on flags passed to the unshare system call. 2818 */ 2819static int check_unshare_flags(unsigned long unshare_flags) 2820{ 2821 if (unshare_flags & ~(CLONE_THREAD|CLONE_FS|CLONE_NEWNS|CLONE_SIGHAND| 2822 CLONE_VM|CLONE_FILES|CLONE_SYSVSEM| 2823 CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWNET| | 2590noinline static int copy_clone_args_from_user(struct kernel_clone_args *kargs, 2591 struct clone_args __user *uargs, 2592 size_t usize) 2593{ 2594 int err; 2595 struct clone_args args; 2596 pid_t *kset_tid = kargs->set_tid; 2597 --- 217 unchanged lines hidden (view full) --- 2815/* 2816 * Check constraints on flags passed to the unshare system call. 2817 */ 2818static int check_unshare_flags(unsigned long unshare_flags) 2819{ 2820 if (unshare_flags & ~(CLONE_THREAD|CLONE_FS|CLONE_NEWNS|CLONE_SIGHAND| 2821 CLONE_VM|CLONE_FILES|CLONE_SYSVSEM| 2822 CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWNET| |
| 2824 CLONE_NEWUSER|CLONE_NEWPID|CLONE_NEWCGROUP)) | 2823 CLONE_NEWUSER|CLONE_NEWPID|CLONE_NEWCGROUP| 2824 CLONE_NEWTIME)) |
| 2825 return -EINVAL; 2826 /* 2827 * Not implemented, but pretend it works if there is nothing 2828 * to unshare. Note that unsharing the address space or the 2829 * signal handlers also need to unshare the signal queues (aka 2830 * CLONE_THREAD). 2831 */ 2832 if (unshare_flags & (CLONE_THREAD | CLONE_SIGHAND | CLONE_VM)) { --- 229 unchanged lines hidden --- | 2825 return -EINVAL; 2826 /* 2827 * Not implemented, but pretend it works if there is nothing 2828 * to unshare. Note that unsharing the address space or the 2829 * signal handlers also need to unshare the signal queues (aka 2830 * CLONE_THREAD). 2831 */ 2832 if (unshare_flags & (CLONE_THREAD | CLONE_SIGHAND | CLONE_VM)) { --- 229 unchanged lines hidden --- |