As CLONE_NEWVE is shared with signal mask (CSIGNAL) (to make it work
with setns() and unshare()) we should also exclude it from CSIGNAL check
in clone3() arguments validation path.
Fixes: 8a771a3d6bea ("ve: Introduce VE namespace")
https://virtuozzo.atlassian.net/browse/VSTOR-118289
Signed-off-by: Pavel Tikhomirov <[email protected]>
Feature: ve: ve generic structures
---
v2: new patch
---
kernel/fork.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/fork.c b/kernel/fork.c
index b4e09af18288..9eeddc849c06 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -3065,7 +3065,7 @@ static bool clone3_args_valid(struct kernel_clone_args
*kargs)
* - make the CLONE_DETACHED bit reusable for clone3
* - make the CSIGNAL bits reusable for clone3
*/
- if (kargs->flags & (CLONE_DETACHED | (CSIGNAL & (~CLONE_NEWTIME))))
+ if (kargs->flags & (CLONE_DETACHED | (CSIGNAL & (~(CLONE_NEWTIME |
CLONE_NEWVE)))))
return false;
if ((kargs->flags & (CLONE_SIGHAND | CLONE_CLEAR_SIGHAND)) ==
--
2.52.0
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
