From: Sukadev Bhattiprolu Date: Fri, 19 Oct 2007 06:40:13 +0000 (-0700) Subject: pid namespaces: allow signalling cgroup-init X-Git-Tag: v2.6.24-rc1~210 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0fbc26a6cfab9f377e82e28225f2c0c6b4661e5c;p=linux-2.6 pid namespaces: allow signalling cgroup-init Only the global-init process must be special - any other cgroup-init process must be killable to prevent run-away processes in the system. TODO: Ideally we should allow killing the cgroup-init only from parent cgroup and prevent it being killed from within the cgroup. But that is a more complex change and will be addressed by a follow-on patch. For now allow the cgroup-init to be terminated by any process with sufficient privileges. Signed-off-by: Sukadev Bhattiprolu Acked-by: Pavel Emelyanov Cc: Oleg Nesterov Cc: Sukadev Bhattiprolu Cc: Paul Menage Cc: "Eric W. Biederman" Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/kernel/signal.c b/kernel/signal.c index 8214ffad54..98923882ba 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -1835,11 +1835,9 @@ relock: continue; /* - * Init of a pid space gets no signals it doesn't want from - * within that pid space. It can of course get signals from - * its parent pid space. + * Global init gets no signals it doesn't want. */ - if (current == task_child_reaper(current)) + if (is_global_init(current)) continue; if (sig_kernel_stop(signr)) {