dup_mnt_ns() and clone_uts_ns() return NULL on failure. This is wrong,
create_new_namespaces() uses ERR_PTR() to catch an error. This means that the
subsequent create_new_namespaces() will hit BUG_ON() in copy_mnt_ns() or
copy_utsname().
Modify create_new_namespaces() to also use the errors returned by the
copy_*_ns routines and not to systematically return ENOMEM.
[oleg@tv-sign.ru: better changelog]
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: Badari Pulavarty <pbadari@us.ibm.com>
Cc: Pavel Emelianov <xemul@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
if (!new_ns)
new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
if (!new_ns)
+ return ERR_PTR(-ENOMEM);
atomic_set(&new_ns->count, 1);
INIT_LIST_HEAD(&new_ns->list);
atomic_set(&new_ns->count, 1);
INIT_LIST_HEAD(&new_ns->list);
if (!new_ns->root) {
up_write(&namespace_sem);
kfree(new_ns);
if (!new_ns->root) {
up_write(&namespace_sem);
kfree(new_ns);
+ return ERR_PTR(-ENOMEM);;
}
spin_lock(&vfsmount_lock);
list_add_tail(&new_ns->list, &new_ns->root->mnt_list);
}
spin_lock(&vfsmount_lock);
list_add_tail(&new_ns->list, &new_ns->root->mnt_list);
struct fs_struct *new_fs)
{
struct nsproxy *new_nsp;
struct fs_struct *new_fs)
{
struct nsproxy *new_nsp;
new_nsp = clone_nsproxy(tsk->nsproxy);
if (!new_nsp)
return ERR_PTR(-ENOMEM);
new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
new_nsp = clone_nsproxy(tsk->nsproxy);
if (!new_nsp)
return ERR_PTR(-ENOMEM);
new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
- if (IS_ERR(new_nsp->mnt_ns))
+ if (IS_ERR(new_nsp->mnt_ns)) {
+ err = PTR_ERR(new_nsp->mnt_ns);
new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns);
new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns);
- if (IS_ERR(new_nsp->uts_ns))
+ if (IS_ERR(new_nsp->uts_ns)) {
+ err = PTR_ERR(new_nsp->uts_ns);
new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns);
new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns);
- if (IS_ERR(new_nsp->ipc_ns))
+ if (IS_ERR(new_nsp->ipc_ns)) {
+ err = PTR_ERR(new_nsp->ipc_ns);
new_nsp->pid_ns = copy_pid_ns(flags, tsk->nsproxy->pid_ns);
new_nsp->pid_ns = copy_pid_ns(flags, tsk->nsproxy->pid_ns);
- if (IS_ERR(new_nsp->pid_ns))
+ if (IS_ERR(new_nsp->pid_ns)) {
+ err = PTR_ERR(new_nsp->pid_ns);
new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns);
new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns);
- if (IS_ERR(new_nsp->user_ns))
+ if (IS_ERR(new_nsp->user_ns)) {
+ err = PTR_ERR(new_nsp->user_ns);
put_mnt_ns(new_nsp->mnt_ns);
out_ns:
kfree(new_nsp);
put_mnt_ns(new_nsp->mnt_ns);
out_ns:
kfree(new_nsp);
- return ERR_PTR(-ENOMEM);
ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
if (!ns)
ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
if (!ns)
+ return ERR_PTR(-ENOMEM);
ns->root_user = alloc_uid(ns, 0);
if (!ns->root_user) {
kfree(ns);
ns->root_user = alloc_uid(ns, 0);
if (!ns->root_user) {
kfree(ns);
+ return ERR_PTR(-ENOMEM);
}
/* Reset current->user with a new one */
}
/* Reset current->user with a new one */
if (!new_user) {
free_uid(ns->root_user);
kfree(ns);
if (!new_user) {
free_uid(ns->root_user);
kfree(ns);
+ return ERR_PTR(-ENOMEM);
#include <linux/uts.h>
#include <linux/utsname.h>
#include <linux/version.h>
#include <linux/uts.h>
#include <linux/utsname.h>
#include <linux/version.h>
/*
* Clone a new ns copying an original utsname, setting refcount to 1
/*
* Clone a new ns copying an original utsname, setting refcount to 1
struct uts_namespace *ns;
ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL);
struct uts_namespace *ns;
ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL);
- if (ns) {
- memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
- kref_init(&ns->kref);
- }
+ if (!ns)
+ return ERR_PTR(-ENOMEM);
+
+ memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
+ kref_init(&ns->kref);