From: Christian Brauner Date: Fri, 20 Mar 2026 13:44:31 +0000 (+0100) Subject: Merge patch series "pid_namespace: make init creation more flexible" X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=68b953730e94c0b3417573b7288d78995a48be4b;p=thirdparty%2Fkernel%2Flinux.git Merge patch series "pid_namespace: make init creation more flexible" Pavel Tikhomirov says: The first patch properly annotates accesses to ->child_reaper with _ONCE macroses, to protect unlocked accesses from possible cpu/compiler optimization problems. The second patch makes sure that the init is always a first process in the pid namespace, previously this was only checked for set_tid case. The third patch allows to join pid namespace before pid namespace init is created, that allows to create pid namespace by one process and then create pid namespace init from another process after setns(). Please see the detailed description in the patch commit message. It depends on the second patch. The forth and the final patch is a comprehansive test, that tests both basic usecase of creating pid namespace and init separately, and a more specific usecase which shows how we can improve clone3(set_tid) usability after this change. This change is generally useful as it makes clone3(set_tid) more universal, and let's it work in all the cases evenly. Also it is highly useful to CRIU to handle nested containers. * patches from https://patch.msgid.link/20260318122157.280595-1-ptikhomirov@virtuozzo.com: MAINTAINERS: add a new entry for testing pidns init creation via setns selftests: Add tests for creating pidns init via setns pid_namespace: allow opening pid_for_children before init was created pid: check init is created first after idr alloc pid_namespace: avoid optimization of accesses to ->child_reaper Link: https://patch.msgid.link/20260318122157.280595-1-ptikhomirov@virtuozzo.com Signed-off-by: Christian Brauner --- 68b953730e94c0b3417573b7288d78995a48be4b