• Oleg Nesterov's avatar
    exit: fix the setns() && PR_SET_CHILD_SUBREAPER interaction · c6c70f44
    Oleg Nesterov authored
    find_new_reaper() checks same_thread_group(reaper, child_reaper) to
    prevent the cross-namespace reparenting but this is not enough if the
    exiting parent was injected by setns() + fork().
    
    Suppose we have a process P in the root namespace and some namespace X.
    P does setns() to enter the X namespace, and forks the child C.
    C forks a grandchild G and exits.
    
    The grandchild G should be re-parented to X->child_reaper, but in this
    case the ->real_parent chain does not lead to ->child_reaper, so it will
    be wrongly reparanted to P's sub-reaper or a global init.
    Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
    Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
    c6c70f44
exit.c 43.6 KB