/*
   *  linux/kernel/fork.c
   *
   *  Copyright (C) 1991, 1992  Linus Torvalds
   */
  
  /*
   *  'fork.c' contains the help-routines for the 'fork' system call
   * (see also entry.S and others).
   * Fork is rather simple, once you get the hang of it, but the memory
   * management can be a bitch. See 'mm/memory.c': 'copy_page_range()'
   */

  #include <linux/slab.h>
  #include <linux/init.h>
  #include <linux/unistd.h>

  #include <linux/module.h>
  #include <linux/vmalloc.h>
  #include <linux/completion.h>

  #include <linux/personality.h>
  #include <linux/mempolicy.h>
  #include <linux/sem.h>
  #include <linux/file.h>

  #include <linux/fdtable.h>

  #include <linux/iocontext.h>

  #include <linux/key.h>
  #include <linux/binfmts.h>
  #include <linux/mman.h>

  #include <linux/mmu_notifier.h>

  #include <linux/fs.h>

  #include <linux/nsproxy.h>

  #include <linux/capability.h>

  #include <linux/cpu.h>

  #include <linux/cgroup.h>

  #include <linux/security.h>

  #include <linux/hugetlb.h>

  #include <linux/swap.h>
  #include <linux/syscalls.h>
  #include <linux/jiffies.h>

  #include <linux/tracehook.h>

  #include <linux/futex.h>

  #include <linux/compat.h>

  #include <linux/task_io_accounting_ops.h>

  #include <linux/rcupdate.h>

  #include <linux/ptrace.h>
  #include <linux/mount.h>
  #include <linux/audit.h>

  #include <linux/memcontrol.h>

  #include <linux/ftrace.h>

  #include <linux/profile.h>
  #include <linux/rmap.h>

  #include <linux/ksm.h>

  #include <linux/acct.h>

  #include <linux/tsacct_kern.h>

  #include <linux/cn_proc.h>

  #include <linux/freezer.h>

  #include <linux/delayacct.h>

  #include <linux/taskstats_kern.h>

  #include <linux/random.h>

  #include <linux/tty.h>

  #include <linux/proc_fs.h>

  #include <linux/blkdev.h>

  #include <linux/fs_struct.h>

  #include <linux/magic.h>

  #include <linux/perf_event.h>

  #include <linux/posix-timers.h>

  #include <linux/user-return-notifier.h>

  
  #include <asm/pgtable.h>
  #include <asm/pgalloc.h>
  #include <asm/uaccess.h>
  #include <asm/mmu_context.h>
  #include <asm/cacheflush.h>
  #include <asm/tlbflush.h>

  #include <trace/events/sched.h>

  /*
   * Protected counters by write_lock_irq(&tasklist_lock)
   */
  unsigned long total_forks;	/* Handle normal Linux uptimes. */
  int nr_threads; 		/* The idle threads do not count.. */
  
  int max_threads;		/* tunable limit on nr_threads */
  
  DEFINE_PER_CPU(unsigned long, process_counts) = 0;

  __cacheline_aligned DEFINE_RWLOCK(tasklist_lock);  /* outer */

  
  #ifdef CONFIG_PROVE_RCU
  int lockdep_tasklist_lock_is_held(void)
  {
  	return lockdep_is_held(&tasklist_lock);
  }
  EXPORT_SYMBOL_GPL(lockdep_tasklist_lock_is_held);
  #endif /* #ifdef CONFIG_PROVE_RCU */

  
  int nr_processes(void)
  {
  	int cpu;
  	int total = 0;

  	for_each_possible_cpu(cpu)

  		total += per_cpu(process_counts, cpu);
  
  	return total;
  }
  
  #ifndef __HAVE_ARCH_TASK_STRUCT_ALLOCATOR
  # define alloc_task_struct()	kmem_cache_alloc(task_struct_cachep, GFP_KERNEL)
  # define free_task_struct(tsk)	kmem_cache_free(task_struct_cachep, (tsk))

  static struct kmem_cache *task_struct_cachep;

  #endif

  #ifndef __HAVE_ARCH_THREAD_INFO_ALLOCATOR
  static inline struct thread_info *alloc_thread_info(struct task_struct *tsk)
  {
  #ifdef CONFIG_DEBUG_STACK_USAGE
  	gfp_t mask = GFP_KERNEL | __GFP_ZERO;
  #else
  	gfp_t mask = GFP_KERNEL;
  #endif
  	return (struct thread_info *)__get_free_pages(mask, THREAD_SIZE_ORDER);
  }
  
  static inline void free_thread_info(struct thread_info *ti)
  {
  	free_pages((unsigned long)ti, THREAD_SIZE_ORDER);
  }
  #endif

  /* SLAB cache for signal_struct structures (tsk->signal) */

  static struct kmem_cache *signal_cachep;

  
  /* SLAB cache for sighand_struct structures (tsk->sighand) */

  struct kmem_cache *sighand_cachep;

  
  /* SLAB cache for files_struct structures (tsk->files) */

  struct kmem_cache *files_cachep;

  
  /* SLAB cache for fs_struct structures (tsk->fs) */

  struct kmem_cache *fs_cachep;

  
  /* SLAB cache for vm_area_struct structures */

  struct kmem_cache *vm_area_cachep;

  
  /* SLAB cache for mm_struct structures (tsk->mm) */

  static struct kmem_cache *mm_cachep;

  static void account_kernel_stack(struct thread_info *ti, int account)
  {
  	struct zone *zone = page_zone(virt_to_page(ti));
  
  	mod_zone_page_state(zone, NR_KERNEL_STACK, account);
  }

  void free_task(struct task_struct *tsk)
  {

  	prop_local_destroy_single(&tsk->dirties);

  	account_kernel_stack(tsk->stack, -1);

  	free_thread_info(tsk->stack);

  	rt_mutex_debug_task_free(tsk);

  	ftrace_graph_exit_task(tsk);

  	free_task_struct(tsk);
  }
  EXPORT_SYMBOL(free_task);

  void __put_task_struct(struct task_struct *tsk)

  {

  	WARN_ON(!tsk->exit_state);

  	WARN_ON(atomic_read(&tsk->usage));
  	WARN_ON(tsk == current);

  	exit_creds(tsk);

  	delayacct_tsk_free(tsk);

  
  	if (!profile_handoff_task(tsk))
  		free_task(tsk);
  }

  /*
   * macro override instead of weak attribute alias, to workaround
   * gcc 4.1.0 and 4.1.1 bugs with weak attribute and empty functions.
   */
  #ifndef arch_task_cache_init
  #define arch_task_cache_init()
  #endif

  void __init fork_init(unsigned long mempages)
  {
  #ifndef __HAVE_ARCH_TASK_STRUCT_ALLOCATOR
  #ifndef ARCH_MIN_TASKALIGN
  #define ARCH_MIN_TASKALIGN	L1_CACHE_BYTES
  #endif
  	/* create a slab on which task_structs can be allocated */
  	task_struct_cachep =
  		kmem_cache_create("task_struct", sizeof(struct task_struct),

  			ARCH_MIN_TASKALIGN, SLAB_PANIC | SLAB_NOTRACK, NULL);

  #endif

  	/* do the arch specific task caches init */
  	arch_task_cache_init();

  	/*
  	 * The default maximum number of threads is set to a safe
  	 * value: the thread structures can take up at most half
  	 * of memory.
  	 */
  	max_threads = mempages / (8 * THREAD_SIZE / PAGE_SIZE);
  
  	/*
  	 * we need to allow at least 20 threads to boot a system
  	 */
  	if(max_threads < 20)
  		max_threads = 20;
  
  	init_task.signal->rlim[RLIMIT_NPROC].rlim_cur = max_threads/2;
  	init_task.signal->rlim[RLIMIT_NPROC].rlim_max = max_threads/2;
  	init_task.signal->rlim[RLIMIT_SIGPENDING] =
  		init_task.signal->rlim[RLIMIT_NPROC];
  }

  int __attribute__((weak)) arch_dup_task_struct(struct task_struct *dst,
  					       struct task_struct *src)
  {
  	*dst = *src;
  	return 0;
  }

  static struct task_struct *dup_task_struct(struct task_struct *orig)
  {
  	struct task_struct *tsk;
  	struct thread_info *ti;

  	unsigned long *stackend;

  	int err;

  
  	prepare_to_copy(orig);
  
  	tsk = alloc_task_struct();
  	if (!tsk)
  		return NULL;
  
  	ti = alloc_thread_info(tsk);
  	if (!ti) {
  		free_task_struct(tsk);
  		return NULL;
  	}

   	err = arch_dup_task_struct(tsk, orig);
  	if (err)
  		goto out;

  	tsk->stack = ti;

  
  	err = prop_local_init_single(&tsk->dirties);

  	if (err)
  		goto out;

  	setup_thread_stack(tsk, orig);

  	clear_user_return_notifier(tsk);

  	stackend = end_of_stack(tsk);
  	*stackend = STACK_END_MAGIC;	/* for overflow detection */

  #ifdef CONFIG_CC_STACKPROTECTOR
  	tsk->stack_canary = get_random_int();
  #endif

  	/* One for us, one for whoever does the "release_task()" (usually parent) */
  	atomic_set(&tsk->usage,2);

  	atomic_set(&tsk->fs_excl, 0);

  #ifdef CONFIG_BLK_DEV_IO_TRACE

  	tsk->btrace_seq = 0;

  #endif

  	tsk->splice_pipe = NULL;

  
  	account_kernel_stack(ti, 1);

  	return tsk;

  
  out:
  	free_thread_info(ti);
  	free_task_struct(tsk);
  	return NULL;

  }
  
  #ifdef CONFIG_MMU

  static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)

  {

  	struct vm_area_struct *mpnt, *tmp, **pprev;

  	struct rb_node **rb_link, *rb_parent;
  	int retval;
  	unsigned long charge;
  	struct mempolicy *pol;
  
  	down_write(&oldmm->mmap_sem);

  	flush_cache_dup_mm(oldmm);

  	/*
  	 * Not linked in yet - no deadlock potential:
  	 */
  	down_write_nested(&mm->mmap_sem, SINGLE_DEPTH_NESTING);

  	mm->locked_vm = 0;
  	mm->mmap = NULL;
  	mm->mmap_cache = NULL;
  	mm->free_area_cache = oldmm->mmap_base;

  	mm->cached_hole_size = ~0UL;

  	mm->map_count = 0;

  	cpumask_clear(mm_cpumask(mm));

  	mm->mm_rb = RB_ROOT;
  	rb_link = &mm->mm_rb.rb_node;
  	rb_parent = NULL;
  	pprev = &mm->mmap;

  	retval = ksm_fork(mm, oldmm);
  	if (retval)
  		goto out;

  	for (mpnt = oldmm->mmap; mpnt; mpnt = mpnt->vm_next) {

  		struct file *file;
  
  		if (mpnt->vm_flags & VM_DONTCOPY) {

  			long pages = vma_pages(mpnt);
  			mm->total_vm -= pages;

  			vm_stat_account(mm, mpnt->vm_flags, mpnt->vm_file,

  								-pages);

  			continue;
  		}
  		charge = 0;
  		if (mpnt->vm_flags & VM_ACCOUNT) {
  			unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
  			if (security_vm_enough_memory(len))
  				goto fail_nomem;
  			charge = len;
  		}

  		tmp = kmem_cache_alloc(vm_area_cachep, GFP_KERNEL);

  		if (!tmp)
  			goto fail_nomem;
  		*tmp = *mpnt;

  		INIT_LIST_HEAD(&tmp->anon_vma_chain);

  		pol = mpol_dup(vma_policy(mpnt));

  		retval = PTR_ERR(pol);
  		if (IS_ERR(pol))
  			goto fail_nomem_policy;
  		vma_set_policy(tmp, pol);

  		if (anon_vma_fork(tmp, mpnt))
  			goto fail_nomem_anon_vma_fork;

  		tmp->vm_flags &= ~VM_LOCKED;
  		tmp->vm_mm = mm;
  		tmp->vm_next = NULL;

  		file = tmp->vm_file;
  		if (file) {

  			struct inode *inode = file->f_path.dentry->d_inode;

  			struct address_space *mapping = file->f_mapping;

  			get_file(file);
  			if (tmp->vm_flags & VM_DENYWRITE)
  				atomic_dec(&inode->i_writecount);

  			spin_lock(&mapping->i_mmap_lock);
  			if (tmp->vm_flags & VM_SHARED)
  				mapping->i_mmap_writable++;

  			tmp->vm_truncate_count = mpnt->vm_truncate_count;

  			flush_dcache_mmap_lock(mapping);
  			/* insert tmp into the share list, just after mpnt */

  			vma_prio_tree_add(tmp, mpnt);

  			flush_dcache_mmap_unlock(mapping);
  			spin_unlock(&mapping->i_mmap_lock);

  		}
  
  		/*

  		 * Clear hugetlb-related page reserves for children. This only
  		 * affects MAP_PRIVATE mappings. Faults generated by the child
  		 * are not guaranteed to succeed, even if read-only
  		 */
  		if (is_vm_hugetlb_page(tmp))
  			reset_vma_resv_huge_pages(tmp);
  
  		/*

  		 * Link in the new vma and copy the page table entries.

  		 */

  		*pprev = tmp;
  		pprev = &tmp->vm_next;
  
  		__vma_link_rb(mm, tmp, rb_link, rb_parent);
  		rb_link = &tmp->vm_rb.rb_right;
  		rb_parent = &tmp->vm_rb;
  
  		mm->map_count++;

  		retval = copy_page_range(mm, oldmm, mpnt);

  
  		if (tmp->vm_ops && tmp->vm_ops->open)
  			tmp->vm_ops->open(tmp);
  
  		if (retval)
  			goto out;
  	}

  	/* a new mm has just been created */
  	arch_dup_mmap(oldmm, mm);

  	retval = 0;

  out:

  	up_write(&mm->mmap_sem);

  	flush_tlb_mm(oldmm);

  	up_write(&oldmm->mmap_sem);
  	return retval;

  fail_nomem_anon_vma_fork:
  	mpol_put(pol);

  fail_nomem_policy:
  	kmem_cache_free(vm_area_cachep, tmp);
  fail_nomem:
  	retval = -ENOMEM;
  	vm_unacct_memory(charge);
  	goto out;
  }
  
  static inline int mm_alloc_pgd(struct mm_struct * mm)
  {
  	mm->pgd = pgd_alloc(mm);
  	if (unlikely(!mm->pgd))
  		return -ENOMEM;
  	return 0;
  }
  
  static inline void mm_free_pgd(struct mm_struct * mm)
  {

  	pgd_free(mm, mm->pgd);

  }
  #else
  #define dup_mmap(mm, oldmm)	(0)
  #define mm_alloc_pgd(mm)	(0)
  #define mm_free_pgd(mm)
  #endif /* CONFIG_MMU */

  __cacheline_aligned_in_smp DEFINE_SPINLOCK(mmlist_lock);

  #define allocate_mm()	(kmem_cache_alloc(mm_cachep, GFP_KERNEL))

  #define free_mm(mm)	(kmem_cache_free(mm_cachep, (mm)))

  static unsigned long default_dump_filter = MMF_DUMP_FILTER_DEFAULT;
  
  static int __init coredump_filter_setup(char *s)
  {
  	default_dump_filter =
  		(simple_strtoul(s, NULL, 0) << MMF_DUMP_FILTER_SHIFT) &
  		MMF_DUMP_FILTER_MASK;
  	return 1;
  }
  
  __setup("coredump_filter=", coredump_filter_setup);

  #include <linux/init_task.h>

  static void mm_init_aio(struct mm_struct *mm)
  {
  #ifdef CONFIG_AIO
  	spin_lock_init(&mm->ioctx_lock);
  	INIT_HLIST_HEAD(&mm->ioctx_list);
  #endif
  }

  static struct mm_struct * mm_init(struct mm_struct * mm, struct task_struct *p)

  {
  	atomic_set(&mm->mm_users, 1);
  	atomic_set(&mm->mm_count, 1);
  	init_rwsem(&mm->mmap_sem);
  	INIT_LIST_HEAD(&mm->mmlist);

  	mm->flags = (current->mm) ?
  		(current->mm->flags & MMF_INIT_MASK) : default_dump_filter;

  	mm->core_state = NULL;

  	mm->nr_ptes = 0;

  	memset(&mm->rss_stat, 0, sizeof(mm->rss_stat));

  	spin_lock_init(&mm->page_table_lock);

  	mm->free_area_cache = TASK_UNMAPPED_BASE;

  	mm->cached_hole_size = ~0UL;

  	mm_init_aio(mm);

  	mm_init_owner(mm, p);

  
  	if (likely(!mm_alloc_pgd(mm))) {
  		mm->def_flags = 0;

  		mmu_notifier_mm_init(mm);

  		return mm;
  	}

  	free_mm(mm);
  	return NULL;
  }
  
  /*
   * Allocate and initialize an mm_struct.
   */
  struct mm_struct * mm_alloc(void)
  {
  	struct mm_struct * mm;
  
  	mm = allocate_mm();
  	if (mm) {
  		memset(mm, 0, sizeof(*mm));

  		mm = mm_init(mm, current);

  	}
  	return mm;
  }
  
  /*
   * Called when the last reference to the mm
   * is dropped: either by a lazy thread or by
   * mmput. Free the page directory and the mm.
   */

  void __mmdrop(struct mm_struct *mm)

  {
  	BUG_ON(mm == &init_mm);
  	mm_free_pgd(mm);
  	destroy_context(mm);

  	mmu_notifier_mm_destroy(mm);

  	free_mm(mm);
  }

  EXPORT_SYMBOL_GPL(__mmdrop);

  
  /*
   * Decrement the use count and release all resources for an mm.
   */
  void mmput(struct mm_struct *mm)
  {

  	might_sleep();

  	if (atomic_dec_and_test(&mm->mm_users)) {
  		exit_aio(mm);

  		ksm_exit(mm);

  		exit_mmap(mm);

  		set_mm_exe_file(mm, NULL);

  		if (!list_empty(&mm->mmlist)) {
  			spin_lock(&mmlist_lock);
  			list_del(&mm->mmlist);
  			spin_unlock(&mmlist_lock);
  		}
  		put_swap_token(mm);

  		if (mm->binfmt)
  			module_put(mm->binfmt->module);

  		mmdrop(mm);
  	}
  }
  EXPORT_SYMBOL_GPL(mmput);
  
  /**
   * get_task_mm - acquire a reference to the task's mm
   *

   * Returns %NULL if the task has no mm.  Checks PF_KTHREAD (meaning

   * this kernel workthread has transiently adopted a user mm with use_mm,
   * to do its AIO) is not set and if so returns a reference to it, after
   * bumping up the use count.  User must release the mm via mmput()
   * after use.  Typically used by /proc and ptrace.
   */
  struct mm_struct *get_task_mm(struct task_struct *task)
  {
  	struct mm_struct *mm;
  
  	task_lock(task);
  	mm = task->mm;
  	if (mm) {

  		if (task->flags & PF_KTHREAD)

  			mm = NULL;
  		else
  			atomic_inc(&mm->mm_users);
  	}
  	task_unlock(task);
  	return mm;
  }
  EXPORT_SYMBOL_GPL(get_task_mm);
  
  /* Please note the differences between mmput and mm_release.
   * mmput is called whenever we stop holding onto a mm_struct,
   * error success whatever.
   *
   * mm_release is called after a mm_struct has been removed
   * from the current process.
   *
   * This difference is important for error handling, when we
   * only half set up a mm_struct for a new process and need to restore
   * the old one.  Because we mmput the new mm_struct before
   * restoring the old one. . .
   * Eric Biederman 10 January 1998
   */
  void mm_release(struct task_struct *tsk, struct mm_struct *mm)
  {
  	struct completion *vfork_done = tsk->vfork_done;

  	/* Get rid of any futexes when releasing the mm */
  #ifdef CONFIG_FUTEX

  	if (unlikely(tsk->robust_list)) {

  		exit_robust_list(tsk);

  		tsk->robust_list = NULL;
  	}

  #ifdef CONFIG_COMPAT

  	if (unlikely(tsk->compat_robust_list)) {

  		compat_exit_robust_list(tsk);

  		tsk->compat_robust_list = NULL;
  	}

  #endif

  	if (unlikely(!list_empty(&tsk->pi_state_list)))
  		exit_pi_state_list(tsk);

  #endif

  	/* Get rid of any cached register state */
  	deactivate_mm(tsk, mm);
  
  	/* notify parent sleeping on vfork() */
  	if (vfork_done) {
  		tsk->vfork_done = NULL;
  		complete(vfork_done);
  	}

  
  	/*
  	 * If we're exiting normally, clear a user-space tid field if
  	 * requested.  We leave this alone when dying by signal, to leave
  	 * the value intact in a core dump, and to save the unnecessary
  	 * trouble otherwise.  Userland only wants this done for a sys_exit.
  	 */

  	if (tsk->clear_child_tid) {
  		if (!(tsk->flags & PF_SIGNALED) &&
  		    atomic_read(&mm->mm_users) > 1) {
  			/*
  			 * We don't check the error code - if userspace has
  			 * not set up a proper pointer then tough luck.
  			 */
  			put_user(0, tsk->clear_child_tid);
  			sys_futex(tsk->clear_child_tid, FUTEX_WAKE,
  					1, NULL, NULL, 0);
  		}

  		tsk->clear_child_tid = NULL;

  	}
  }

  /*
   * Allocate a new mm structure and copy contents from the
   * mm structure of the passed in task structure.
   */

  struct mm_struct *dup_mm(struct task_struct *tsk)

  {
  	struct mm_struct *mm, *oldmm = current->mm;
  	int err;
  
  	if (!oldmm)
  		return NULL;
  
  	mm = allocate_mm();
  	if (!mm)
  		goto fail_nomem;
  
  	memcpy(mm, oldmm, sizeof(*mm));

  	/* Initializing for Swap token stuff */
  	mm->token_priority = 0;
  	mm->last_interval = 0;

  	if (!mm_init(mm, tsk))

  		goto fail_nomem;
  
  	if (init_new_context(tsk, mm))
  		goto fail_nocontext;

  	dup_mm_exe_file(oldmm, mm);

  	err = dup_mmap(mm, oldmm);
  	if (err)
  		goto free_pt;
  
  	mm->hiwater_rss = get_mm_rss(mm);
  	mm->hiwater_vm = mm->total_vm;

  	if (mm->binfmt && !try_module_get(mm->binfmt->module))
  		goto free_pt;

  	return mm;
  
  free_pt:

  	/* don't put binfmt in mmput, we haven't got module yet */
  	mm->binfmt = NULL;

  	mmput(mm);
  
  fail_nomem:
  	return NULL;
  
  fail_nocontext:
  	/*
  	 * If init_new_context() failed, we cannot use mmput() to free the mm
  	 * because it calls destroy_context()
  	 */
  	mm_free_pgd(mm);
  	free_mm(mm);
  	return NULL;
  }

  static int copy_mm(unsigned long clone_flags, struct task_struct * tsk)
  {
  	struct mm_struct * mm, *oldmm;
  	int retval;
  
  	tsk->min_flt = tsk->maj_flt = 0;
  	tsk->nvcsw = tsk->nivcsw = 0;

  #ifdef CONFIG_DETECT_HUNG_TASK
  	tsk->last_switch_count = tsk->nvcsw + tsk->nivcsw;
  #endif

  
  	tsk->mm = NULL;
  	tsk->active_mm = NULL;
  
  	/*
  	 * Are we cloning a kernel thread?
  	 *
  	 * We need to steal a active VM for that..
  	 */
  	oldmm = current->mm;
  	if (!oldmm)
  		return 0;
  
  	if (clone_flags & CLONE_VM) {
  		atomic_inc(&oldmm->mm_users);
  		mm = oldmm;

  		goto good_mm;
  	}
  
  	retval = -ENOMEM;

  	mm = dup_mm(tsk);

  	if (!mm)
  		goto fail_nomem;

  good_mm:

  	/* Initializing for Swap token stuff */
  	mm->token_priority = 0;
  	mm->last_interval = 0;

  	tsk->mm = mm;
  	tsk->active_mm = mm;
  	return 0;

  fail_nomem:
  	return retval;

  }

  static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)

  {

  	struct fs_struct *fs = current->fs;

  	if (clone_flags & CLONE_FS) {

  		/* tsk->fs is already what we want */
  		write_lock(&fs->lock);
  		if (fs->in_exec) {
  			write_unlock(&fs->lock);
  			return -EAGAIN;
  		}
  		fs->users++;
  		write_unlock(&fs->lock);

  		return 0;
  	}

  	tsk->fs = copy_fs_struct(fs);

  	if (!tsk->fs)
  		return -ENOMEM;
  	return 0;
  }

  static int copy_files(unsigned long clone_flags, struct task_struct * tsk)
  {
  	struct files_struct *oldf, *newf;
  	int error = 0;
  
  	/*
  	 * A background process may not have any files ...
  	 */
  	oldf = current->files;
  	if (!oldf)
  		goto out;
  
  	if (clone_flags & CLONE_FILES) {
  		atomic_inc(&oldf->count);
  		goto out;
  	}

  	newf = dup_fd(oldf, &error);
  	if (!newf)
  		goto out;
  
  	tsk->files = newf;
  	error = 0;
  out:
  	return error;
  }

  static int copy_io(unsigned long clone_flags, struct task_struct *tsk)

  {
  #ifdef CONFIG_BLOCK
  	struct io_context *ioc = current->io_context;
  
  	if (!ioc)
  		return 0;

  	/*
  	 * Share io context with parent, if CLONE_IO is set
  	 */
  	if (clone_flags & CLONE_IO) {
  		tsk->io_context = ioc_task_link(ioc);
  		if (unlikely(!tsk->io_context))
  			return -ENOMEM;
  	} else if (ioprio_valid(ioc->ioprio)) {

  		tsk->io_context = alloc_io_context(GFP_KERNEL, -1);
  		if (unlikely(!tsk->io_context))
  			return -ENOMEM;

  		tsk->io_context->ioprio = ioc->ioprio;
  	}
  #endif
  	return 0;
  }

  static int copy_sighand(unsigned long clone_flags, struct task_struct *tsk)

  {
  	struct sighand_struct *sig;

  	if (clone_flags & CLONE_SIGHAND) {

  		atomic_inc(&current->sighand->count);
  		return 0;
  	}
  	sig = kmem_cache_alloc(sighand_cachep, GFP_KERNEL);

  	rcu_assign_pointer(tsk->sighand, sig);

  	if (!sig)
  		return -ENOMEM;

  	atomic_set(&sig->count, 1);
  	memcpy(sig->action, current->sighand->action, sizeof(sig->action));
  	return 0;
  }

  void __cleanup_sighand(struct sighand_struct *sighand)

  {

  	if (atomic_dec_and_test(&sighand->count))
  		kmem_cache_free(sighand_cachep, sighand);
  }

  
  /*
   * Initialize POSIX timer handling for a thread group.
   */
  static void posix_cpu_timers_init_group(struct signal_struct *sig)
  {

  	unsigned long cpu_limit;

  	/* Thread group counters. */
  	thread_group_cputime_init(sig);

  	cpu_limit = ACCESS_ONCE(sig->rlim[RLIMIT_CPU].rlim_cur);
  	if (cpu_limit != RLIM_INFINITY) {
  		sig->cputime_expires.prof_exp = secs_to_cputime(cpu_limit);

  		sig->cputimer.running = 1;
  	}

  	/* The timer lists. */
  	INIT_LIST_HEAD(&sig->cpu_timers[0]);
  	INIT_LIST_HEAD(&sig->cpu_timers[1]);
  	INIT_LIST_HEAD(&sig->cpu_timers[2]);
  }

  static int copy_signal(unsigned long clone_flags, struct task_struct *tsk)

  {
  	struct signal_struct *sig;

  	if (clone_flags & CLONE_THREAD)

  		return 0;

  	sig = kmem_cache_zalloc(signal_cachep, GFP_KERNEL);

  	tsk->signal = sig;
  	if (!sig)
  		return -ENOMEM;

  	atomic_set(&sig->count, 1);
  	atomic_set(&sig->live, 1);
  	init_waitqueue_head(&sig->wait_chldexit);

  	if (clone_flags & CLONE_NEWPID)
  		sig->flags |= SIGNAL_UNKILLABLE;

  	sig->curr_target = tsk;

  	init_sigpending(&sig->shared_pending);
  	INIT_LIST_HEAD(&sig->posix_timers);

  	hrtimer_init(&sig->real_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);

  	sig->real_timer.function = it_real_fn;

  	task_lock(current->group_leader);
  	memcpy(sig->rlim, current->signal->rlim, sizeof sig->rlim);
  	task_unlock(current->group_leader);

  	posix_cpu_timers_init_group(sig);

  	tty_audit_fork(sig);

  	sig->oom_adj = current->signal->oom_adj;

  	return 0;
  }

  void __cleanup_signal(struct signal_struct *sig)
  {

  	thread_group_cputime_free(sig);

  	tty_kref_put(sig->tty);

  	kmem_cache_free(signal_cachep, sig);
  }

  static void copy_flags(unsigned long clone_flags, struct task_struct *p)

  {
  	unsigned long new_flags = p->flags;

  	new_flags &= ~PF_SUPERPRIV;

  	new_flags |= PF_FORKNOEXEC;

  	new_flags |= PF_STARTING;

  	p->flags = new_flags;

  	clear_freeze_flag(p);

  }

  SYSCALL_DEFINE1(set_tid_address, int __user *, tidptr)

  {
  	current->clear_child_tid = tidptr;

  	return task_pid_vnr(current);

  }

  static void rt_mutex_init_task(struct task_struct *p)

  {

  	raw_spin_lock_init(&p->pi_lock);

  #ifdef CONFIG_RT_MUTEXES

  	plist_head_init_raw(&p->pi_waiters, &p->pi_lock);

  	p->pi_blocked_on = NULL;

  #endif
  }

  #ifdef CONFIG_MM_OWNER
  void mm_init_owner(struct mm_struct *mm, struct task_struct *p)
  {
  	mm->owner = p;
  }
  #endif /* CONFIG_MM_OWNER */

  /*

   * Initialize POSIX timer handling for a single task.
   */
  static void posix_cpu_timers_init(struct task_struct *tsk)
  {
  	tsk->cputime_expires.prof_exp = cputime_zero;
  	tsk->cputime_expires.virt_exp = cputime_zero;
  	tsk->cputime_expires.sched_exp = 0;
  	INIT_LIST_HEAD(&tsk->cpu_timers[0]);
  	INIT_LIST_HEAD(&tsk->cpu_timers[1]);
  	INIT_LIST_HEAD(&tsk->cpu_timers[2]);
  }
  
  /*

   * This creates a new process as a copy of the old one,
   * but does not actually start it yet.
   *
   * It copies the registers, and all the appropriate
   * parts of the process environment (as per the clone
   * flags). The actual kick-off is left to the caller.
   */

  static struct task_struct *copy_process(unsigned long clone_flags,
  					unsigned long stack_start,
  					struct pt_regs *regs,
  					unsigned long stack_size,

  					int __user *child_tidptr,

  					struct pid *pid,
  					int trace)

  {
  	int retval;

  	struct task_struct *p;

  	int cgroup_callbacks_done = 0;

  
  	if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS))
  		return ERR_PTR(-EINVAL);
  
  	/*
  	 * Thread groups must share signals as well, and detached threads
  	 * can only be started up within the thread group.
  	 */
  	if ((clone_flags & CLONE_THREAD) && !(clone_flags & CLONE_SIGHAND))
  		return ERR_PTR(-EINVAL);
  
  	/*
  	 * Shared signal handlers imply shared VM. By way of the above,
  	 * thread groups also imply shared VM. Blocking this case allows
  	 * for various simplifications in other code.
  	 */
  	if ((clone_flags & CLONE_SIGHAND) && !(clone_flags & CLONE_VM))
  		return ERR_PTR(-EINVAL);

  	/*
  	 * Siblings of global init remain as zombies on exit since they are
  	 * not reaped by their parent (swapper). To solve this and to avoid
  	 * multi-rooted process trees, prevent global and container-inits
  	 * from creating siblings.
  	 */
  	if ((clone_flags & CLONE_PARENT) &&
  				current->signal->flags & SIGNAL_UNKILLABLE)
  		return ERR_PTR(-EINVAL);

  	retval = security_task_create(clone_flags);
  	if (retval)
  		goto fork_out;
  
  	retval = -ENOMEM;
  	p = dup_task_struct(current);
  	if (!p)
  		goto fork_out;

  	ftrace_graph_init_task(p);

  	rt_mutex_init_task(p);

  #ifdef CONFIG_PROVE_LOCKING

  	DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled);
  	DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
  #endif

  	retval = -EAGAIN;

  	if (atomic_read(&p->real_cred->user->processes) >=

  			task_rlimit(p, RLIMIT_NPROC)) {

  		if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&

  		    p->real_cred->user != INIT_USER)

  			goto bad_fork_free;
  	}

  	retval = copy_creds(p, clone_flags);
  	if (retval < 0)
  		goto bad_fork_free;

  
  	/*
  	 * If multiple threads are within copy_process(), then this check
  	 * triggers too late. This doesn't hurt, the check is only there
  	 * to stop root fork bombs.
  	 */

  	retval = -EAGAIN;

  	if (nr_threads >= max_threads)
  		goto bad_fork_cleanup_count;

  	if (!try_module_get(task_thread_info(p)->exec_domain->module))

  		goto bad_fork_cleanup_count;

  	p->did_exec = 0;

  	delayacct_tsk_init(p);	/* Must remain after dup_task_struct() */

  	copy_flags(clone_flags, p);

  	INIT_LIST_HEAD(&p->children);
  	INIT_LIST_HEAD(&p->sibling);

  	rcu_copy_process(p);

  	p->vfork_done = NULL;
  	spin_lock_init(&p->alloc_lock);

  	init_sigpending(&p->pending);
  
  	p->utime = cputime_zero;
  	p->stime = cputime_zero;

  	p->gtime = cputime_zero;

  	p->utimescaled = cputime_zero;
  	p->stimescaled = cputime_zero;

  #ifndef CONFIG_VIRT_CPU_ACCOUNTING

  	p->prev_utime = cputime_zero;

  	p->prev_stime = cputime_zero;

  #endif

  #if defined(SPLIT_RSS_COUNTING)
  	memset(&p->rss_stat, 0, sizeof(p->rss_stat));
  #endif

  	p->default_timer_slack_ns = current->timer_slack_ns;

  	task_io_accounting_init(&p->ioac);

  	acct_clear_integrals(p);

  	posix_cpu_timers_init(p);

  
  	p->lock_depth = -1;		/* -1 = no lock */
  	do_posix_clock_monotonic_gettime(&p->start_time);

  	p->real_start_time = p->start_time;
  	monotonic_to_bootbased(&p->real_start_time);

  	p->io_context = NULL;

  	p->audit_context = NULL;

  	cgroup_fork(p);

  #ifdef CONFIG_NUMA

  	p->mempolicy = mpol_dup(p->mempolicy);

   	if (IS_ERR(p->mempolicy)) {
   		retval = PTR_ERR(p->mempolicy);
   		p->mempolicy = NULL;

   		goto bad_fork_cleanup_cgroup;

   	}

  	mpol_fix_fork_child_flag(p);

  #endif

  #ifdef CONFIG_TRACE_IRQFLAGS
  	p->irq_events = 0;

  #ifdef __ARCH_WANT_INTERRUPTS_ON_CTXSW
  	p->hardirqs_enabled = 1;
  #else

  	p->hardirqs_enabled = 0;

  #endif

  	p->hardirq_enable_ip = 0;
  	p->hardirq_enable_event = 0;
  	p->hardirq_disable_ip = _THIS_IP_;
  	p->hardirq_disable_event = 0;
  	p->softirqs_enabled = 1;
  	p->softirq_enable_ip = _THIS_IP_;
  	p->softirq_enable_event = 0;
  	p->softirq_disable_ip = 0;
  	p->softirq_disable_event = 0;
  	p->hardirq_context = 0;
  	p->softirq_context = 0;
  #endif

  #ifdef CONFIG_LOCKDEP
  	p->lockdep_depth = 0; /* no locks held yet */
  	p->curr_chain_key = 0;
  	p->lockdep_recursion = 0;
  #endif

  #ifdef CONFIG_DEBUG_MUTEXES
  	p->blocked_on = NULL; /* not blocked yet */
  #endif

  #ifdef CONFIG_CGROUP_MEM_RES_CTLR
  	p->memcg_batch.do_batch = 0;
  	p->memcg_batch.memcg = NULL;
  #endif

  
  	p->bts = NULL;

  	p->stack_start = stack_start;

  	/* Perform scheduler related setup. Assign this task to a CPU. */
  	sched_fork(p, clone_flags);

  	retval = perf_event_init_task(p);

  	if (retval)
  		goto bad_fork_cleanup_policy;

  	if ((retval = audit_alloc(p)))

  		goto bad_fork_cleanup_policy;

  	/* copy all the process information */
  	if ((retval = copy_semundo(clone_flags, p)))
  		goto bad_fork_cleanup_audit;
  	if ((retval = copy_files(clone_flags, p)))
  		goto bad_fork_cleanup_semundo;
  	if ((retval = copy_fs(clone_flags, p)))
  		goto bad_fork_cleanup_files;
  	if ((retval = copy_sighand(clone_flags, p)))
  		goto bad_fork_cleanup_fs;
  	if ((retval = copy_signal(clone_flags, p)))
  		goto bad_fork_cleanup_sighand;
  	if ((retval = copy_mm(clone_flags, p)))
  		goto bad_fork_cleanup_signal;

  	if ((retval = copy_namespaces(clone_flags, p)))

  		goto bad_fork_cleanup_mm;

  	if ((retval = copy_io(clone_flags, p)))

  		goto bad_fork_cleanup_namespaces;

  	retval = copy_thread(clone_flags, stack_start, stack_size, p, regs);

  	if (retval)

  		goto bad_fork_cleanup_io;

  	if (pid != &init_struct_pid) {
  		retval = -ENOMEM;

  		pid = alloc_pid(p->nsproxy->pid_ns);

  		if (!pid)

  			goto bad_fork_cleanup_io;

  
  		if (clone_flags & CLONE_NEWPID) {

  			retval = pid_ns_prepare_proc(p->nsproxy->pid_ns);

  			if (retval < 0)
  				goto bad_fork_free_pid;
  		}

  	}
  
  	p->pid = pid_nr(pid);
  	p->tgid = p->pid;
  	if (clone_flags & CLONE_THREAD)
  		p->tgid = current->tgid;

  	if (current->nsproxy != p->nsproxy) {
  		retval = ns_cgroup_clone(p, pid);
  		if (retval)

  			goto bad_fork_free_pid;

  	}

  	p->set_child_tid = (clone_flags & CLONE_CHILD_SETTID) ? child_tidptr : NULL;
  	/*
  	 * Clear TID on mm_release()?
  	 */
  	p->clear_child_tid = (clone_flags & CLONE_CHILD_CLEARTID) ? child_tidptr: NULL;

  #ifdef CONFIG_FUTEX

  	p->robust_list = NULL;
  #ifdef CONFIG_COMPAT
  	p->compat_robust_list = NULL;
  #endif

  	INIT_LIST_HEAD(&p->pi_state_list);
  	p->pi_state_cache = NULL;

  #endif

  	/*

  	 * sigaltstack should be cleared when sharing the same VM
  	 */
  	if ((clone_flags & (CLONE_VM|CLONE_VFORK)) == CLONE_VM)
  		p->sas_ss_sp = p->sas_ss_size = 0;
  
  	/*

  	 * Syscall tracing and stepping should be turned off in the
  	 * child regardless of CLONE_PTRACE.

  	 */

  	user_disable_single_step(p);

  	clear_tsk_thread_flag(p, TIF_SYSCALL_TRACE);

  #ifdef TIF_SYSCALL_EMU
  	clear_tsk_thread_flag(p, TIF_SYSCALL_EMU);
  #endif

  	clear_all_latency_tracing(p);

  	/* ok, now we should be set up.. */
  	p->exit_signal = (clone_flags & CLONE_THREAD) ? -1 : (clone_flags & CSIGNAL);
  	p->pdeath_signal = 0;
  	p->exit_state = 0;

  	/*
  	 * Ok, make it visible to the rest of the system.
  	 * We dont wake it up yet.
  	 */
  	p->group_leader = p;

  	INIT_LIST_HEAD(&p->thread_group);

  	/* Now that the task is set up, run cgroup callbacks if
  	 * necessary. We need to run them before the task is visible
  	 * on the tasklist. */
  	cgroup_fork_callbacks(p);
  	cgroup_callbacks_done = 1;

  	/* Need tasklist lock for parent etc handling! */
  	write_lock_irq(&tasklist_lock);

  	/* CLONE_PARENT re-uses the old parent */

  	if (clone_flags & (CLONE_PARENT|CLONE_THREAD)) {

  		p->real_parent = current->real_parent;

  		p->parent_exec_id = current->parent_exec_id;
  	} else {

  		p->real_parent = current;

  		p->parent_exec_id = current->self_exec_id;
  	}

  	spin_lock(&current->sighand->siglock);

  
  	/*
  	 * Process group and session signals need to be delivered to just the
  	 * parent before the fork or both the parent and the child after the
  	 * fork. Restart if a signal comes in before we add the new process to
  	 * it's process group.
  	 * A fatal signal pending means that current will exit, so the new
  	 * thread can't slip out of an OOM kill (or normal SIGKILL).
   	 */

  	recalc_sigpending();

  	if (signal_pending(current)) {
  		spin_unlock(&current->sighand->siglock);
  		write_unlock_irq(&tasklist_lock);
  		retval = -ERESTARTNOINTR;

  		goto bad_fork_free_pid;

  	}

  	if (clone_flags & CLONE_THREAD) {

  		atomic_inc(&current->signal->count);
  		atomic_inc(&current->signal->live);

  		p->group_leader = current->group_leader;

  		list_add_tail_rcu(&p->thread_group, &p->group_leader->thread_group);

  	}

  	if (likely(p->pid)) {

  		tracehook_finish_clone(p, clone_flags, trace);

  
  		if (thread_group_leader(p)) {

  			if (clone_flags & CLONE_NEWPID)

  				p->nsproxy->pid_ns->child_reaper = p;

  			p->signal->leader_pid = pid;

  			tty_kref_put(p->signal->tty);
  			p->signal->tty = tty_kref_get(current->signal->tty);

  			attach_pid(p, PIDTYPE_PGID, task_pgrp(current));
  			attach_pid(p, PIDTYPE_SID, task_session(current));

  			list_add_tail(&p->sibling, &p->real_parent->children);

  			list_add_tail_rcu(&p->tasks, &init_task.tasks);

  			__get_cpu_var(process_counts)++;

  		}

  		attach_pid(p, PIDTYPE_PID, pid);

  		nr_threads++;

  	}

  	total_forks++;

  	spin_unlock(&current->sighand->siglock);

  	write_unlock_irq(&tasklist_lock);

  	proc_fork_connector(p);

  	cgroup_post_fork(p);

  	perf_event_fork(p);

  	return p;

  bad_fork_free_pid:
  	if (pid != &init_struct_pid)
  		free_pid(pid);

  bad_fork_cleanup_io:

  	if (p->io_context)
  		exit_io_context(p);

  bad_fork_cleanup_namespaces:

  	exit_task_namespaces(p);

  bad_fork_cleanup_mm:
  	if (p->mm)
  		mmput(p->mm);
  bad_fork_cleanup_signal:

  	if (!(clone_flags & CLONE_THREAD))
  		__cleanup_signal(p->signal);

  bad_fork_cleanup_sighand:

  	__cleanup_sighand(p->sighand);

  bad_fork_cleanup_fs:
  	exit_fs(p); /* blocking */
  bad_fork_cleanup_files:
  	exit_files(p); /* blocking */
  bad_fork_cleanup_semundo:
  	exit_sem(p);
  bad_fork_cleanup_audit:
  	audit_free(p);

  bad_fork_cleanup_policy:

  	perf_event_free_task(p);

  #ifdef CONFIG_NUMA

  	mpol_put(p->mempolicy);

  bad_fork_cleanup_cgroup:

  #endif

  	cgroup_exit(p, cgroup_callbacks_done);

  	delayacct_tsk_free(p);

  	module_put(task_thread_info(p)->exec_domain->module);

  bad_fork_cleanup_count:

  	atomic_dec(&p->cred->user->processes);

  	exit_creds(p);

  bad_fork_free:
  	free_task(p);

  fork_out:
  	return ERR_PTR(retval);

  }

  noinline struct pt_regs * __cpuinit __attribute__((weak)) idle_regs(struct pt_regs *regs)

  {
  	memset(regs, 0, sizeof(struct pt_regs));
  	return regs;
  }

  struct task_struct * __cpuinit fork_idle(int cpu)

  {

  	struct task_struct *task;

  	struct pt_regs regs;

  	task = copy_process(CLONE_VM, 0, idle_regs(&regs), 0, NULL,

  			    &init_struct_pid, 0);

  	if (!IS_ERR(task))
  		init_idle(task, cpu);

  	return task;
  }

  /*
   *  Ok, this is the main fork-routine.
   *
   * It copies the process, and if successful kick-starts
   * it and waits for it to finish using the VM if required.
   */
  long do_fork(unsigned long clone_flags,
  	      unsigned long stack_start,
  	      struct pt_regs *regs,
  	      unsigned long stack_size,
  	      int __user *parent_tidptr,
  	      int __user *child_tidptr)
  {
  	struct task_struct *p;
  	int trace = 0;

  	long nr;

  	/*

  	 * Do some preliminary argument and permissions checking before we
  	 * actually start allocating stuff
  	 */
  	if (clone_flags & CLONE_NEWUSER) {
  		if (clone_flags & CLONE_THREAD)
  			return -EINVAL;
  		/* hopefully this check will go away when userns support is
  		 * complete
  		 */

  		if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SETUID) ||
  				!capable(CAP_SETGID))

  			return -EPERM;
  	}
  
  	/*

  	 * We hope to recycle these flags after 2.6.26
  	 */
  	if (unlikely(clone_flags & CLONE_STOPPED)) {
  		static int __read_mostly count = 100;
  
  		if (count > 0 && printk_ratelimit()) {
  			char comm[TASK_COMM_LEN];
  
  			count--;
  			printk(KERN_INFO "fork(): process `%s' used deprecated "
  					"clone flags 0x%lx
  ",
  				get_task_comm(comm, current),
  				clone_flags & CLONE_STOPPED);
  		}
  	}

  	/*
  	 * When called from kernel_thread, don't do user tracing stuff.
  	 */
  	if (likely(user_mode(regs)))
  		trace = tracehook_prepare_clone(clone_flags);

  	p = copy_process(clone_flags, stack_start, regs, stack_size,

  			 child_tidptr, NULL, trace);

  	/*
  	 * Do this prior waking up the new thread - the thread pointer
  	 * might get invalid after that point, if the thread exits quickly.
  	 */
  	if (!IS_ERR(p)) {
  		struct completion vfork;

  		trace_sched_process_fork(current, p);

  		nr = task_pid_vnr(p);

  
  		if (clone_flags & CLONE_PARENT_SETTID)
  			put_user(nr, parent_tidptr);

  		if (clone_flags & CLONE_VFORK) {
  			p->vfork_done = &vfork;
  			init_completion(&vfork);
  		}

  		audit_finish_fork(p);

  		tracehook_report_clone(regs, clone_flags, nr, p);

  
  		/*
  		 * We set PF_STARTING at creation in case tracing wants to
  		 * use this to distinguish a fully live task from one that
  		 * hasn't gotten to tracehook_report_clone() yet.  Now we
  		 * clear it and set the child going.
  		 */
  		p->flags &= ~PF_STARTING;
  
  		if (unlikely(clone_flags & CLONE_STOPPED)) {

  			/*
  			 * We'll start up with an immediate SIGSTOP.
  			 */
  			sigaddset(&p->pending.signal, SIGSTOP);
  			set_tsk_thread_flag(p, TIF_SIGPENDING);

  			__set_task_state(p, TASK_STOPPED);

  		} else {
  			wake_up_new_task(p, clone_flags);

  		}

  		tracehook_report_clone_complete(trace, regs,
  						clone_flags, nr, p);

  		if (clone_flags & CLONE_VFORK) {

  			freezer_do_not_count();

  			wait_for_completion(&vfork);

  			freezer_count();

  			tracehook_report_vfork_done(p, nr);

  		}
  	} else {

  		nr = PTR_ERR(p);

  	}

  	return nr;

  }

  #ifndef ARCH_MIN_MMSTRUCT_ALIGN
  #define ARCH_MIN_MMSTRUCT_ALIGN 0
  #endif

  static void sighand_ctor(void *data)

  {
  	struct sighand_struct *sighand = data;

  	spin_lock_init(&sighand->siglock);

  	init_waitqueue_head(&sighand->signalfd_wqh);

  }

  void __init proc_caches_init(void)
  {
  	sighand_cachep = kmem_cache_create("sighand_cache",
  			sizeof(struct sighand_struct), 0,

  			SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_DESTROY_BY_RCU|
  			SLAB_NOTRACK, sighand_ctor);

  	signal_cachep = kmem_cache_create("signal_cache",
  			sizeof(struct signal_struct), 0,

  			SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL);

  	files_cachep = kmem_cache_create("files_cache",

  			sizeof(struct files_struct), 0,

  			SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL);

  	fs_cachep = kmem_cache_create("fs_cache",

  			sizeof(struct fs_struct), 0,

  			SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL);

  	mm_cachep = kmem_cache_create("mm_struct",

  			sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN,

  			SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL);

  	vm_area_cachep = KMEM_CACHE(vm_area_struct, SLAB_PANIC);

  	mmap_init();

  }

  /*
   * Check constraints on flags passed to the unshare system call and
   * force unsharing of additional process context as appropriate.
   */

  static void check_unshare_flags(unsigned long *flags_ptr)

  {
  	/*
  	 * If unsharing a thread from a thread group, must also
  	 * unshare vm.
  	 */
  	if (*flags_ptr & CLONE_THREAD)
  		*flags_ptr |= CLONE_VM;
  
  	/*
  	 * If unsharing vm, must also unshare signal handlers.
  	 */
  	if (*flags_ptr & CLONE_VM)
  		*flags_ptr |= CLONE_SIGHAND;
  
  	/*
  	 * If unsharing signal handlers and the task was created
  	 * using CLONE_THREAD, then must unshare the thread
  	 */
  	if ((*flags_ptr & CLONE_SIGHAND) &&
  	    (atomic_read(&current->signal->count) > 1))
  		*flags_ptr |= CLONE_THREAD;
  
  	/*
  	 * If unsharing namespace, must also unshare filesystem information.
  	 */
  	if (*flags_ptr & CLONE_NEWNS)
  		*flags_ptr |= CLONE_FS;
  }
  
  /*
   * Unsharing of tasks created with CLONE_THREAD is not supported yet
   */
  static int unshare_thread(unsigned long unshare_flags)
  {
  	if (unshare_flags & CLONE_THREAD)
  		return -EINVAL;
  
  	return 0;
  }
  
  /*

   * Unshare the filesystem structure if it is being shared

   */
  static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
  {
  	struct fs_struct *fs = current->fs;

  	if (!(unshare_flags & CLONE_FS) || !fs)
  		return 0;
  
  	/* don't need lock here; in the worst case we'll do useless copy */
  	if (fs->users == 1)
  		return 0;
  
  	*new_fsp = copy_fs_struct(fs);
  	if (!*new_fsp)
  		return -ENOMEM;

  
  	return 0;
  }
  
  /*

   * Unsharing of sighand is not supported yet

   */
  static int unshare_sighand(unsigned long unshare_flags, struct sighand_struct **new_sighp)
  {
  	struct sighand_struct *sigh = current->sighand;

  	if ((unshare_flags & CLONE_SIGHAND) && atomic_read(&sigh->count) > 1)

  		return -EINVAL;
  	else
  		return 0;
  }
  
  /*

   * Unshare vm if it is being shared

   */
  static int unshare_vm(unsigned long unshare_flags, struct mm_struct **new_mmp)
  {
  	struct mm_struct *mm = current->mm;
  
  	if ((unshare_flags & CLONE_VM) &&

  	    (mm && atomic_read(&mm->mm_users) > 1)) {

  		return -EINVAL;

  	}

  
  	return 0;

  }
  
  /*

   * Unshare file descriptor table if it is being shared

   */
  static int unshare_fd(unsigned long unshare_flags, struct files_struct **new_fdp)
  {
  	struct files_struct *fd = current->files;

  	int error = 0;

  
  	if ((unshare_flags & CLONE_FILES) &&

  	    (fd && atomic_read(&fd->count) > 1)) {
  		*new_fdp = dup_fd(fd, &error);
  		if (!*new_fdp)
  			return error;
  	}

  
  	return 0;
  }
  
  /*

   * unshare allows a process to 'unshare' part of the process
   * context which was originally shared using clone.  copy_*
   * functions used by do_fork() cannot be used here directly
   * because they modify an inactive task_struct that is being
   * constructed. Here we are modifying the current, active,
   * task_struct.
   */

  SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)

  {
  	int err = 0;
  	struct fs_struct *fs, *new_fs = NULL;

  	struct sighand_struct *new_sigh = NULL;

  	struct mm_struct *mm, *new_mm = NULL, *active_mm = NULL;
  	struct files_struct *fd, *new_fd = NULL;

  	struct nsproxy *new_nsproxy = NULL;

  	int do_sysvsem = 0;

  
  	check_unshare_flags(&unshare_flags);

  	/* Return -EINVAL for all unsupported flags */
  	err = -EINVAL;
  	if (unshare_flags & ~(CLONE_THREAD|CLONE_FS|CLONE_NEWNS|CLONE_SIGHAND|

  				CLONE_VM|CLONE_FILES|CLONE_SYSVSEM|

  				CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWNET))

  		goto bad_unshare_out;

  	/*
  	 * CLONE_NEWIPC must also detach from the undolist: after switching
  	 * to a new ipc namespace, the semaphore arrays from the old
  	 * namespace are unreachable.
  	 */
  	if (unshare_flags & (CLONE_NEWIPC|CLONE_SYSVSEM))

  		do_sysvsem = 1;

  	if ((err = unshare_thread(unshare_flags)))
  		goto bad_unshare_out;
  	if ((err = unshare_fs(unshare_flags, &new_fs)))
  		goto bad_unshare_cleanup_thread;

  	if ((err = unshare_sighand(unshare_flags, &new_sigh)))

  		goto bad_unshare_cleanup_fs;

  	if ((err = unshare_vm(unshare_flags, &new_mm)))
  		goto bad_unshare_cleanup_sigh;
  	if ((err = unshare_fd(unshare_flags, &new_fd)))
  		goto bad_unshare_cleanup_vm;

  	if ((err = unshare_nsproxy_namespaces(unshare_flags, &new_nsproxy,
  			new_fs)))

  		goto bad_unshare_cleanup_fd;

  	if (new_fs ||  new_mm || new_fd || do_sysvsem || new_nsproxy) {
  		if (do_sysvsem) {
  			/*
  			 * CLONE_SYSVSEM is equivalent to sys_exit().
  			 */
  			exit_sem(current);
  		}

  		if (new_nsproxy) {

  			switch_task_namespaces(current, new_nsproxy);
  			new_nsproxy = NULL;

  		}

  		task_lock(current);

  		if (new_fs) {
  			fs = current->fs;

  			write_lock(&fs->lock);

  			current->fs = new_fs;

  			if (--fs->users)
  				new_fs = NULL;
  			else
  				new_fs = fs;
  			write_unlock(&fs->lock);

  		}

  		if (new_mm) {
  			mm = current->mm;
  			active_mm = current->active_mm;
  			current->mm = new_mm;
  			current->active_mm = new_mm;
  			activate_mm(active_mm, new_mm);
  			new_mm = mm;
  		}
  
  		if (new_fd) {
  			fd = current->files;
  			current->files = new_fd;
  			new_fd = fd;
  		}
  
  		task_unlock(current);
  	}

  	if (new_nsproxy)

  		put_nsproxy(new_nsproxy);

  bad_unshare_cleanup_fd:
  	if (new_fd)
  		put_files_struct(new_fd);
  
  bad_unshare_cleanup_vm:
  	if (new_mm)
  		mmput(new_mm);
  
  bad_unshare_cleanup_sigh:
  	if (new_sigh)
  		if (atomic_dec_and_test(&new_sigh->count))
  			kmem_cache_free(sighand_cachep, new_sigh);

  bad_unshare_cleanup_fs:
  	if (new_fs)

  		free_fs_struct(new_fs);

  
  bad_unshare_cleanup_thread:
  bad_unshare_out:
  	return err;
  }

  
  /*
   *	Helper to unshare the files of the current task.
   *	We don't want to expose copy_files internals to
   *	the exec layer of the kernel.
   */
  
  int unshare_files(struct files_struct **displaced)
  {
  	struct task_struct *task = current;

  	struct files_struct *copy = NULL;

  	int error;
  
  	error = unshare_fd(CLONE_FILES, &copy);
  	if (error || !copy) {
  		*displaced = NULL;
  		return error;
  	}
  	*displaced = task->files;
  	task_lock(task);
  	task->files = copy;
  	task_unlock(task);
  	return 0;
  }