From: Eric W. Biederman <ebiederm@xmission.com>
Date: Tue, 13 Jul 2010 01:50:25 +0000 (-0700)
Subject: pidns: Don't allow new processes in a dead pid namespace.
X-Git-Tag: v3.8-rc1~77^2~27
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5e1182deb81ae8c68494017c4a8a71811659c870;p=pandora-kernel.git

pidns: Don't allow new processes in a dead pid namespace.

Set nr_hashed to -1 just before we schedule the work to cleanup proc.
Test nr_hashed just before we hash a new pid and if nr_hashed is < 0
fail.

This guaranteees that processes never enter a pid namespaces after we
have cleaned up the state to support processes in a pid namespace.

Currently sending SIGKILL to all of the process in a pid namespace as
init exists gives us this guarantee but we need something a little
stronger to support unsharing and joining a pid namespace.

Acked-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---

Reading git-diff-tree failed