Re: [PATCH v4 2/4] pid: check init is created first after idr alloc

Next message: Ravi Jonnalagadda: "Re: [RFC PATCH v3 3/4] mm/damon: add node_eligible_mem_bp and node_ineligible_mem_bp goal metrics"
Previous message: Viacheslav Dubeyko: "Re: [PATCH] ramfs: convert alloc_pages() to folio_alloc() in ramfs_nommu_expand_for_mapping()"
In reply to: Pavel Tikhomirov: "[PATCH v4 2/4] pid: check init is created first after idr alloc"
Next in thread: Pavel Tikhomirov: "[PATCH v4 3/4] pid_namespace: allow opening pid_for_children before init was created"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Andrei Vagin

Date: Wed Feb 25 2026 - 13:46:58 EST

On Wed, Feb 25, 2026 at 5:33 AM Pavel Tikhomirov
<ptikhomirov@xxxxxxxxxxxxx> wrote:
>
> This moves the condition (tid != 1 && !tmp->child_reaper) to after idr
> alloc, so it not only covers that first process in pid namespace has pid
> 1 in case of clone3(set_tid) requesting wrong pid, but also if idr
> itself gives wrong pid for some reason.
>
> This could've been the case before this patch, when creating first
> process the alloc_pid()->pidfs_add_pid() code path fails, so that the
> idr->idr_next is non zero anymore and next process calling to
> alloc_pid(), will get 2 as a pid from idr_alloc_cyclic(). Though thanks
> to PIDNS_ADDING logic, free_pid() disables further pid allocation in
> this case and it does not lead to any real problem.
>
> Note: This is also a preparation for the next patch in the series, which
> will introduce an ability of creating init from the task different to
> the task which had created the pid namespace. Needed to make sure that
> init is always first, even in this new case.
>
> Suggested-by: Oleg Nesterov <oleg@xxxxxxxxxx>
> Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
> Signed-off-by: Pavel Tikhomirov <ptikhomirov@xxxxxxxxxxxxx>

Acked-by: Andrei Vagin <avagin@xxxxxxxxxx>

Thanks,
Andrei