* [PATCH] clone.2: Mention that CLONE_PARENT is off-limits for inits @ 2019-11-20 10:45 Christian Brauner 2019-11-21 9:53 ` Michael Kerrisk (man-pages) 0 siblings, 1 reply; 3+ messages in thread From: Christian Brauner @ 2019-11-20 10:45 UTC (permalink / raw) To: mtk.manpages Cc: adrian, akpm, arnd, avagin, christian.brauner, dhowells, fweimer, jannh, keescook, linux-api, linux-kernel, linux-man, mingo, oleg, xemul From: Christian Brauner <christian.brauner@ubuntu.com> The CLONE_PARENT flag cannot but used by init processes. Let's mention this in the manpages to prevent suprises. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> --- man2/clone.2 | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/man2/clone.2 b/man2/clone.2 index f0f29d6f1..aa98ab79b 100644 --- a/man2/clone.2 +++ b/man2/clone.2 @@ -646,6 +646,13 @@ if .B CLONE_PARENT is set, then the parent of the calling process, rather than the calling process itself, will be signaled. +.IP +The kernel will not allow global init and init processes in pid +namespaces to use the +.B CLONE_PARENT +flag. This is done to prevent the creation of multi-rooted process +trees. It also avoids unreapable zombies in the initial pid +namespace. .TP .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)" Store the child thread ID at the location pointed to by -- 2.24.0 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] clone.2: Mention that CLONE_PARENT is off-limits for inits 2019-11-20 10:45 [PATCH] clone.2: Mention that CLONE_PARENT is off-limits for inits Christian Brauner @ 2019-11-21 9:53 ` Michael Kerrisk (man-pages) 2019-11-21 11:27 ` Christian Brauner 0 siblings, 1 reply; 3+ messages in thread From: Michael Kerrisk (man-pages) @ 2019-11-21 9:53 UTC (permalink / raw) To: Christian Brauner Cc: mtk.manpages, adrian, akpm, arnd, avagin, christian.brauner, dhowells, fweimer, jannh, keescook, linux-api, linux-kernel, linux-man, mingo, oleg, xemul Hello Christian, On 11/20/19 11:45 AM, Christian Brauner wrote: > From: Christian Brauner <christian.brauner@ubuntu.com> > > The CLONE_PARENT flag cannot but used by init processes. Let's mention > this in the manpages to prevent suprises. > > Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> > --- > man2/clone.2 | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/man2/clone.2 b/man2/clone.2 > index f0f29d6f1..aa98ab79b 100644 > --- a/man2/clone.2 > +++ b/man2/clone.2 > @@ -646,6 +646,13 @@ if > .B CLONE_PARENT > is set, then the parent of the calling process, rather than the > calling process itself, will be signaled. > +.IP > +The kernel will not allow global init and init processes in pid > +namespaces to use the > +.B CLONE_PARENT > +flag. This is done to prevent the creation of multi-rooted process > +trees. It also avoids unreapable zombies in the initial pid > +namespace. > .TP > .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)" > Store the child thread ID at the location pointed to by Thank. I applied, and then tweaked the text a little, and noted the associated EINVAL error. In the end, the change is as below. Cheers, Michael index 60e746151..382f6b791 100644 --- a/man2/clone.2 +++ b/man2/clone.2 @@ -648,6 +648,14 @@ if .B CLONE_PARENT is set, then the parent of the calling process, rather than the calling process itself, will be signaled. +.IP +The +.B CLONE_PARENT +flag can't be used in clone calls by the +global init process (PID 1 in the initial PID namespace) +and init processes in other PID namespaces. +This restriction prevents the creation of multi-rooted process trees +as well as the creation of unreapable zombies in the initial PID namespace. .TP .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)" Store the child thread ID at the location pointed to by @@ -1273,6 +1281,11 @@ were specified in the .IR flags mask. .TP +.BR EINVAL " (since Linux 2.6.32)" +.\" commit 123be07b0b399670a7cc3d82fef0cb4f93ef885c +.BR CLONE_PARENT +was specified, and the caller is an init process. +.TP .B EINVAL Returned by the glibc .BR clone () -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/ ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] clone.2: Mention that CLONE_PARENT is off-limits for inits 2019-11-21 9:53 ` Michael Kerrisk (man-pages) @ 2019-11-21 11:27 ` Christian Brauner 0 siblings, 0 replies; 3+ messages in thread From: Christian Brauner @ 2019-11-21 11:27 UTC (permalink / raw) To: Michael Kerrisk (man-pages) Cc: Christian Brauner, adrian, akpm, arnd, avagin, dhowells, fweimer, jannh, keescook, linux-api, linux-kernel, linux-man, mingo, oleg, xemul On Thu, Nov 21, 2019 at 10:53:50AM +0100, Michael Kerrisk (man-pages) wrote: > Hello Christian, > > On 11/20/19 11:45 AM, Christian Brauner wrote: > > From: Christian Brauner <christian.brauner@ubuntu.com> > > > > The CLONE_PARENT flag cannot but used by init processes. Let's mention > > this in the manpages to prevent suprises. > > > > Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> > > --- > > man2/clone.2 | 7 +++++++ > > 1 file changed, 7 insertions(+) > > > > diff --git a/man2/clone.2 b/man2/clone.2 > > index f0f29d6f1..aa98ab79b 100644 > > --- a/man2/clone.2 > > +++ b/man2/clone.2 > > @@ -646,6 +646,13 @@ if > > .B CLONE_PARENT > > is set, then the parent of the calling process, rather than the > > calling process itself, will be signaled. > > +.IP > > +The kernel will not allow global init and init processes in pid > > +namespaces to use the > > +.B CLONE_PARENT > > +flag. This is done to prevent the creation of multi-rooted process > > +trees. It also avoids unreapable zombies in the initial pid > > +namespace. > > .TP > > .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)" > > Store the child thread ID at the location pointed to by > > Thank. I applied, and then tweaked the text a little, > and noted the associated EINVAL error. In the end, the > change is as below. Thanks! Christian ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-11-21 11:27 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-11-20 10:45 [PATCH] clone.2: Mention that CLONE_PARENT is off-limits for inits Christian Brauner 2019-11-21 9:53 ` Michael Kerrisk (man-pages) 2019-11-21 11:27 ` Christian Brauner
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).