From cc381640902f1823bc1cc2a25ffb7f6f8a783324 Mon Sep 17 00:00:00 2001
From: Michael Crosby <michael@crosbymichael.com>
Date: Thu, 1 May 2014 13:55:23 -0700
Subject: [PATCH] Fix /proc/kcore mount of /dev/null
 Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com>
 (github: crosbymichael)

---
 libcontainer/security/restrict/restrict.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/libcontainer/security/restrict/restrict.go b/libcontainer/security/restrict/restrict.go
index 74de70a..411bc06 100644
--- a/libcontainer/security/restrict/restrict.go
+++ b/libcontainer/security/restrict/restrict.go
@@ -20,8 +20,7 @@ func Restrict() error {
 			return fmt.Errorf("unable to remount %s readonly: %s", dest, err)
 		}
 	}
-
-	if err := system.Mount("/proc/kcore", "/dev/null", "", syscall.MS_BIND, ""); err != nil {
+	if err := system.Mount("/dev/null", "/proc/kcore", "", syscall.MS_BIND, ""); err != nil {
 		return fmt.Errorf("unable to bind-mount /dev/null over /proc/kcore")
 	}