diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2016-08-08 13:41:24 -0500 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2016-08-08 13:41:24 -0500 |
commit | b376c3e1b6770ddcb4f0782be16358095fcea0b6 (patch) | |
tree | 30789f9f1e84abe4d25a52e2fcad209504c181bf /kernel/fork.c | |
parent | dbec28460a89aa7c02c3301e9e108d98272549d2 (diff) |
userns: Add a limit on the number of user namespaces
Export the export the maximum number of user namespaces as
/proc/sys/userns/max_user_namespaces.
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'kernel/fork.c')
-rw-r--r-- | kernel/fork.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/kernel/fork.c b/kernel/fork.c index 52e725d4a866..daa6a82b4900 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -321,6 +321,8 @@ void __init fork_init(void) init_task.signal->rlim[RLIMIT_NPROC].rlim_max = max_threads/2; init_task.signal->rlim[RLIMIT_SIGPENDING] = init_task.signal->rlim[RLIMIT_NPROC]; + + init_user_ns.max_user_namespaces = max_threads; } int __weak arch_dup_task_struct(struct task_struct *dst, |