From: James Morris <jmorris@redhat.com>

The patch below removes the CLONE_FILES flag from the kernel_thread() call
which starts init.

This is to prevent other kernel threads from sharing file descriptors
opened by init (try 'lsof /dev/initctl' on a 2.6 system :-).

The reason this patch is being proposed is so that usermode helper apps
launched via kernel threads (e.g. modprobe, hotplug) do not then inherit
any such file descriptors.  This is not a problem in itself so far (other
than being messy), but it is a problem for SELinux, which will otherwise
need to grant access to /dev/initctl by modprobe and hotplug, a somewhat
undesirable scenario.

As far as I can tell, there is no reason why init needs to be spawned with
CLONE_FILES.  Please let me know if there are any objections to the
change, which I would like to propose for 2.6.0+ as a cleanup.