| Message ID | 20230308111343.510970-5-rodrigo@sdfg.com.ar (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Tests for idmapped tmpfs | expand |
On Wed, Mar 08, 2023 at 12:13:38PM +0100, Rodrigo Campos wrote: > There is a race when we clone: we call a function that just returns > while at the same time we try to get the userns via /proc/pid/ns/user. > The thing is that when the function returns, in the kernel do_exit() > from kernel/exit.c is called, which calls exit_task_namespaces() to destroy > the namespaces. > > So, let's wait indefinitely there and add an _exit() call to avoid > warnings. We are already sending a SIGKILL to this pid, so nothing else > remaining to not leak the process. > > Signed-off-by: Rodrigo Campos <rodrigo@sdfg.com.ar> > --- Looks good, Reviewed-by: Christian Brauner <brauner@kernel.org>
diff --git src/vfs/utils.c src/vfs/utils.c index ea7536c1..2331a3b7 100644 --- src/vfs/utils.c +++ src/vfs/utils.c @@ -60,7 +60,9 @@ pid_t do_clone(int (*fn)(void *), void *arg, int flags) static int get_userns_fd_cb(void *data) { - return 0; + for (;;) + pause(); + _exit(0); } int wait_for_pid(pid_t pid)
There is a race when we clone: we call a function that just returns while at the same time we try to get the userns via /proc/pid/ns/user. The thing is that when the function returns, in the kernel do_exit() from kernel/exit.c is called, which calls exit_task_namespaces() to destroy the namespaces. So, let's wait indefinitely there and add an _exit() call to avoid warnings. We are already sending a SIGKILL to this pid, so nothing else remaining to not leak the process. Signed-off-by: Rodrigo Campos <rodrigo@sdfg.com.ar> --- src/vfs/utils.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)