[Devel] [PATCH VZ10 12/12] ve_namespace: Make CLONE_NEWVE work with clone3
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Wed Dec 10 13:34:33 MSK 2025
As CLONE_NEWVE is shared with signal mask (CSIGNAL) (to make it work
with setns() and unshare()) we should also exclude it from CSIGNAL check
in clone3() arguments validation path.
Fixes: 8a771a3d6bea ("ve: Introduce VE namespace")
https://virtuozzo.atlassian.net/browse/VSTOR-118289
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Feature: ve: ve generic structures
---
v2: new patch
---
kernel/fork.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/fork.c b/kernel/fork.c
index b4e09af18288..9eeddc849c06 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -3065,7 +3065,7 @@ static bool clone3_args_valid(struct kernel_clone_args *kargs)
* - make the CLONE_DETACHED bit reusable for clone3
* - make the CSIGNAL bits reusable for clone3
*/
- if (kargs->flags & (CLONE_DETACHED | (CSIGNAL & (~CLONE_NEWTIME))))
+ if (kargs->flags & (CLONE_DETACHED | (CSIGNAL & (~(CLONE_NEWTIME | CLONE_NEWVE)))))
return false;
if ((kargs->flags & (CLONE_SIGHAND | CLONE_CLEAR_SIGHAND)) ==
--
2.52.0
More information about the Devel
mailing list