[RFC] lsm: namespace hooks

Lukasz Pawelczyk l.pawelczyk at samsung.com
Thu Nov 27 14:35:28 UTC 2014


On czw, 2014-11-27 at 15:18 +0100, Richard Weinberger wrote:
> On Thu, Nov 27, 2014 at 3:01 PM, Lukasz Pawelczyk
> <l.pawelczyk at samsung.com> wrote:
> > -/* 0x02000000 was previously the unused CLONE_STOPPED (Start in stopped state)
> > -   and is now available for re-use. */
> > +#define CLONE_NEWLSM           0x02000000      /* New LSM namespace */
> 
> FYI, CLONE_NEWCGROUP also claims last flag [1].

Yes, I'm perfectly aware of that. I've seen those patches.
This is RFC for now and CGROUP NS is not merged yet. I'll rebase when
time comes.

> As it looks we will get more and more namespaces, more than clone() can handle.
> 
> [1] https://lkml.org/lkml/2014/7/17/588
> 

-- 
Lukasz Pawelczyk
Samsung R&D Institute Poland
Samsung Electronics





More information about the Containers mailing list