From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Wen Yang <wenyang@linux.alibaba.com>
Cc: Sasha Levin <sashal@kernel.org>,
"Eric W . Biederman" <ebiederm@xmission.com>,
stable@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: Stable backport request for fixing the issue of not being able to create a new pid_ns
Date: Fri, 9 Oct 2020 11:23:36 +0200 [thread overview]
Message-ID: <20201009092336.GA415570@kroah.com> (raw)
In-Reply-To: <20201008130021.79829-1-wenyang@linux.alibaba.com>
On Thu, Oct 08, 2020 at 09:00:21PM +0800, Wen Yang wrote:
> After the process exits, the following three dentries still refer to the pid:
> /proc/<pid>
> /proc/<pid>/ns
> /proc/<pid>/ns/pid
>
> https://bugzilla.kernel.org/show_bug.cgi?id=208613
>
> According to the commit f333c700c610 ("pidns: Add a limit on the number of
> pid namespaces"), if the pid cannot be released, it may result in the
> inability to create a new pid_ns.
>
> Please backport the following patches to the kernel stable trees (from 4.9.y
> to 5.6.y):
> 7bc3e6e55acf ("proc: Use a list of inodes to flush from proc")
> 26dbc60f385f ("proc: Generalize proc_sys_prune_dcache into proc_prune_siblings_dcache")
> f90f3cafe8d5 ("proc: Use d_invalidate in proc_prune_siblings_dcache")
>
> Signed-off-by: Wen Yang <wenyang@linux.alibaba.com>
> Cc: Eric W. Biederman <ebiederm@xmission.com>
> Cc: stable@vger.kernel.org
> Cc: linux-kernel@vger.kernel.org
How well did you test these backports? I see at least one fix for them
that you missed, odds are there might have been more. Please verify
that the above list of patches _really_ is what you want to have
applied, and that you have tested it properly.
thanks,
greg k-h
prev parent reply other threads:[~2020-10-09 9:22 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-08 13:00 Stable backport request for fixing the issue of not being able to create a new pid_ns Wen Yang
2020-10-09 9:23 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201009092336.GA415570@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
--cc=wenyang@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.