diff --git a/[refs] b/[refs]
index 63be96497674..12897e4e1131 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 8d65af789f3e2cf4cfbdbf71a0f7a61ebcd41d38
+refs/heads/master: 123be07b0b399670a7cc3d82fef0cb4f93ef885c
diff --git a/trunk/kernel/fork.c b/trunk/kernel/fork.c
index 51ad0b0b7266..b51fd2ccb2f1 100644
--- a/trunk/kernel/fork.c
+++ b/trunk/kernel/fork.c
@@ -979,6 +979,16 @@ static struct task_struct *copy_process(unsigned long clone_flags,
 	if ((clone_flags & CLONE_SIGHAND) && !(clone_flags & CLONE_VM))
 		return ERR_PTR(-EINVAL);
 
+	/*
+	 * Siblings of global init remain as zombies on exit since they are
+	 * not reaped by their parent (swapper). To solve this and to avoid
+	 * multi-rooted process trees, prevent global and container-inits
+	 * from creating siblings.
+	 */
+	if ((clone_flags & CLONE_PARENT) &&
+				current->signal->flags & SIGNAL_UNKILLABLE)
+		return ERR_PTR(-EINVAL);
+
 	retval = security_task_create(clone_flags);
 	if (retval)
 		goto fork_out;