• Sukadev Bhattiprolu's avatar
    pidns: fix a leak in /proc dentries and inodes with pid namespaces. · 29f12ca3
    Sukadev Bhattiprolu authored
    Daniel Lezcano reported a leak in 'struct pid' and 'struct pid_namespace'
    that is discussed in:
    
    	http://lkml.org/lkml/2009/10/2/159.
    
    To summarize the thread, when container-init is terminated, it sets the
    PF_EXITING flag, zaps other processes in the container and waits to reap
    them.  As a part of reaping, the container-init should flush any /proc
    dentries associated with the processes.  But because the container-init is
    itself exiting and the following PF_EXITING check, the dentries are not
    flushed, resulting in leak in /proc inodes and dentries.
    
    This fix reverts the commit 7766755a ("Fix /proc dcache deadlock
    in do_exit") which introduced the check for PF_EXITING.  At the time of
    the commit, shrink_dcache_parent() flushed dentries from other filesystems
    also and could have caused a deadlock which the commit fixed.  But as
    pointed out by Eric Biederman, after commit 0feae5c4,
    shrink_dcache_parent() no longer affects other filesystems.  So reverting
    the commit is now safe.
    
    As pointed out by Jan Kara, the leak is not as critical since the
    unclaimed space will be reclaimed under memory pressure or by:
    
    	echo 3 > /proc/sys/vm/drop_caches
    
    But since this check is no longer required, its best to remove it.
    Signed-off-by: default avatarSukadev Bhattiprolu <sukadev@us.ibm.com>
    Reported-by: default avatarDaniel Lezcano <dlezcano@fr.ibm.com>
    Acked-by: default avatarEric W. Biederman <ebiederm@xmission.com>
    Acked-by: default avatarJan Kara <jack@ucw.cz>
    Cc: Andrea Arcangeli <andrea@cpushare.com>
    Cc: Serge Hallyn <serue@us.ibm.com>
    Cc: <stable@kernel.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    29f12ca3
base.c 74.5 KB