d3d9a8
check: try to call clone with CLONE_NEWPID and CLONE_PARENT
d3d9a8
d3d9a8
This combination was forbidden in 3.12
d3d9a8
commit 40a0d32d1eaffe6aac7324ca92604b6b3977eb0e :
d3d9a8
"fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks"
d3d9a8
d3d9a8
and then it was permited again in 3.13:
d3d9a8
commit 1f7f4dde5c945f41a7abc2285be43d918029ecc5
d3d9a8
fork:  Allow CLONE_PARENT after setns(CLONE_NEWPID)
d3d9a8
d3d9a8
Cc: Adrian Reber <adrian@lisas.de>
d3d9a8
Signed-off-by: Andrey Vagin <avagin@openvz.org>
d3d9a8
---
d3d9a8
 cr-check.c | 28 ++++++++++++++++++++++++++++
d3d9a8
 1 file changed, 28 insertions(+)
d3d9a8
d3d9a8
diff --git a/cr-check.c b/cr-check.c
d3d9a8
index 7cf796a..bf1b729 100644
d3d9a8
--- a/cr-check.c
d3d9a8
+++ b/cr-check.c
d3d9a8
@@ -688,6 +688,33 @@ static int check_fdinfo_lock(void)
d3d9a8
 	return 0;
d3d9a8
 }
d3d9a8
 
d3d9a8
+struct clone_arg {
d3d9a8
+	/*
d3d9a8
+	 * Reserve some space for clone() to locate arguments
d3d9a8
+	 * and retcode in this place
d3d9a8
+	 */
d3d9a8
+	char stack[128] __attribute__((aligned (8)));
d3d9a8
+	char stack_ptr[0];
d3d9a8
+};
d3d9a8
+
d3d9a8
+static int clone_cb(void *_arg) {
d3d9a8
+	exit(0);
d3d9a8
+}
d3d9a8
+
d3d9a8
+static int check_clone_parent_vs_pid()
d3d9a8
+{
d3d9a8
+	struct clone_arg ca;
d3d9a8
+	pid_t pid;
d3d9a8
+
d3d9a8
+	pid = clone(clone_cb, ca.stack_ptr, CLONE_NEWPID | CLONE_PARENT, &ca);
d3d9a8
+	if (pid < 0) {
d3d9a8
+		pr_err("CLONE_PARENT | CLONE_NEWPID don't work together\n");
d3d9a8
+		return -1;
d3d9a8
+	}
d3d9a8
+
d3d9a8
+	return 0;
d3d9a8
+}
d3d9a8
+
d3d9a8
 static int (*chk_feature)(void);
d3d9a8
 
d3d9a8
 int cr_check(void)
d3d9a8
@@ -741,6 +768,7 @@ int cr_check(void)
d3d9a8
 	ret |= check_mnt_id();
d3d9a8
 	ret |= check_aio_remap();
d3d9a8
 	ret |= check_fdinfo_lock();
d3d9a8
+	ret |= check_clone_parent_vs_pid();
d3d9a8
 
d3d9a8
 out:
d3d9a8
 	if (!ret)
d3d9a8
-- 
d3d9a8
2.1.0
d3d9a8