From: Miklos Szeredi cgroup_clone() calls vfs_mkdir() to create a directory in the cgroup filesystem. Replace with explicit call to cgroup_mkdir() and fsnotify_mkdir(). This is equivalent, except that the following functions are not called before cgroup_mkdir(): - may_create() - security_inode_mkdir() - DQUOT_INIT() Permission to clone the cgroup has already been checked in copy_namespaces() (requiring CAP_SYS_ADMIN). Additional file system related capability checks are inappropriate and confusing. The quota check is unnecessary, as quotas don't make any sense for this filesystem. Signed-off-by: Miklos Szeredi CC: Paul Menage --- kernel/cgroup.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) Index: linux-2.6/kernel/cgroup.c =================================================================== --- linux-2.6.orig/kernel/cgroup.c 2008-07-23 00:10:13.000000000 +0200 +++ linux-2.6/kernel/cgroup.c 2008-07-23 00:10:20.000000000 +0200 @@ -25,6 +25,7 @@ #include #include #include +#include #include #include #include @@ -2928,7 +2929,9 @@ int cgroup_clone(struct task_struct *tsk } /* Create the cgroup directory, which also creates the cgroup */ - ret = vfs_mkdir(inode, dentry, S_IFDIR | 0755); + ret = cgroup_mkdir(inode, dentry, S_IFDIR); + if (!ret) + fsnotify_mkdir(inode, dentry); child = __d_cgrp(dentry); dput(dentry); if (ret) { -- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/