Andries Brouwer spotted this. If copy_namespace() returns -EPERM,
copy_process() will then return -ENOMEM by mistake.
Fix all that up by making things return appropriate error codes and
propagating them back correctly.
25-akpm/kernel/fork.c | 32 +++++++++++++++-----------------
1 files changed, 15 insertions(+), 17 deletions(-)
diff -puN kernel/fork.c~clone-retval-fix kernel/fork.c
--- 25/kernel/fork.c~clone-retval-fix Mon Apr 21 15:40:50 2003
+++ 25-akpm/kernel/fork.c Mon Apr 21 15:40:50 2003
@@ -379,7 +379,6 @@ static struct mm_struct * mm_init(struct
free_mm(mm);
return NULL;
}
-
/*
* Allocate and initialize an mm_struct.
@@ -543,7 +542,7 @@ static inline struct fs_struct *__copy_f
} else {
fs->altrootmnt = NULL;
fs->altroot = NULL;
- }
+ }
read_unlock(&old->lock);
}
return fs;
@@ -562,14 +561,14 @@ static inline int copy_fs(unsigned long
}
tsk->fs = __copy_fs_struct(current->fs);
if (!tsk->fs)
- return -1;
+ return -ENOMEM;
return 0;
}
static int count_open_files(struct files_struct *files, int size)
{
int i;
-
+
/* Find the last open fd */
for (i = size/(8*sizeof(long)); i > 0; ) {
if (files->open_fds->fds_bits[--i])
@@ -669,7 +668,7 @@ static int copy_files(unsigned long clon
if (newf->max_fdset > open_files) {
int left = (newf->max_fdset-open_files)/8;
int start = open_files / (8 * sizeof(unsigned long));
-
+
memset(&newf->open_fds->fds_bits[start], 0, left);
memset(&newf->close_on_exec->fds_bits[start], 0, left);
}
@@ -697,7 +696,7 @@ static inline int copy_sighand(unsigned
sig = kmem_cache_alloc(sighand_cachep, GFP_KERNEL);
tsk->sighand = sig;
if (!sig)
- return -1;
+ return -ENOMEM;
spin_lock_init(&sig->siglock);
atomic_set(&sig->count, 1);
memcpy(sig->action, current->sighand->action, sizeof(sig->action));
@@ -715,7 +714,7 @@ static inline int copy_signal(unsigned l
sig = kmem_cache_alloc(signal_cachep, GFP_KERNEL);
tsk->signal = sig;
if (!sig)
- return -1;
+ return -ENOMEM;
atomic_set(&sig->count, 1);
sig->group_exit = 0;
sig->group_exit_code = 0;
@@ -800,7 +799,7 @@ static struct task_struct *copy_process(
*/
if (nr_threads >= max_threads)
goto bad_fork_cleanup_count;
-
+
if (!try_module_get(p->thread_info->exec_domain->module))
goto bad_fork_cleanup_count;
@@ -860,23 +859,22 @@ static struct task_struct *copy_process(
p->security = NULL;
retval = -ENOMEM;
- if (security_task_alloc(p))
+ if ((retval = security_task_alloc(p)))
goto bad_fork_cleanup;
/* copy all the process information */
- if (copy_semundo(clone_flags, p))
+ if ((retval = copy_semundo(clone_flags, p)))
goto bad_fork_cleanup_security;
- if (copy_files(clone_flags, p))
+ if ((retval = copy_files(clone_flags, p)))
goto bad_fork_cleanup_semundo;
- if (copy_fs(clone_flags, p))
+ if ((retval = copy_fs(clone_flags, p)))
goto bad_fork_cleanup_files;
- if (copy_sighand(clone_flags, p))
+ if ((retval = copy_sighand(clone_flags, p)))
goto bad_fork_cleanup_fs;
- if (copy_signal(clone_flags, p))
+ if ((retval = copy_signal(clone_flags, p)))
goto bad_fork_cleanup_sighand;
- if (copy_mm(clone_flags, p))
+ if ((retval = copy_mm(clone_flags, p)))
goto bad_fork_cleanup_signal;
- retval = copy_namespace(clone_flags, p);
- if (retval)
+ if ((retval = copy_namespace(clone_flags, p)))
goto bad_fork_cleanup_mm;
retval = copy_thread(0, clone_flags, stack_start, stack_size, p, regs);
if (retval)
_