pivot_root.2: Relegate text about what pivot_root() may or may not do to NOTES

The text stating that "pivot_root() may or may not change the
current root and the current working directory of any processes
or threads which use the old root directory" was written 19 years
ago, before the system call itself was even finalized in the
kernel. The implementation has never changed, and it won't
change in the future, since that would cause user-space breakage.
The existence of that text in DESCRIPTION, followed by qualifying
text stating what the implementation actually does (and has always
done) makes for confusing reading. Therefore, relegate this text
to a historical note in NOTES (so that readers with long memories
can see why the manual page was changed) and rework the text in
DESCRIPTION accordingly.

Reported-by: Philipp Wendler <ml@philippwendler.de>
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Reported-by: Reid Priedhorsky <reidpr@lanl.gov>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

man2/pivot_root.2

@@ -26,33 +26,6 @@ The calling process must have the
 capability in the user namespace that owns the caller's mount namespace.
 .PP
 .BR pivot_root ()
-may or may not change the current root and the current
-working directory of any processes or threads that
-use the old root directory and which are in
-the same mount namespace as the caller of
-.BR pivot_root ().
-The caller of
-.BR pivot_root ()
-should ensure that processes with root or current working directory
-at the old root operate correctly in either case.
-An easy way to ensure this is to change their
-root and current working directory to \fInew_root\fP before invoking
-.BR pivot_root ().
-Note also that
-.BR pivot_root ()
-may or may not affect the calling process's current working directory.
-It is therefore recommended to call
-\fBchdir("/")\fP immediately after
-.BR pivot_root ().
-.PP
-The paragraph above is intentionally vague because at the time when
-.BR pivot_root ()
-was first implemented, it was unclear whether its affect
-on other process's root and current working directories\(emand
-the caller's current working directory\(emmight change in the future.
-However, the behavior has remained consistent since this system call
-was first implemented:
-.BR pivot_root ()
 changes the root directory and the current working directory
 of each process or thread in the same mount namespace to
 .I new_root
@@ -256,6 +229,30 @@ starts with
 and then moves up the list of mounts stacked at
 .IR / ,
 with the result that old root mount point is unmounted.
+.\"
+.SS Historical notes
+For many years, this manual page carried the following text:
+.RS
+.PP
+.BR pivot_root ()
+may or may not change the current root and the current
+working directory of any processes or threads which use the old
+root directory.
+The caller of
+.BR pivot_root ()
+must ensure that processes with root or current working directory
+at the old root operate correctly in either case.
+An easy way to ensure this is to change their
+root and current working directory to \fInew_root\fP before invoking
+.BR pivot_root ().
+.RE
+.PP
+This text, written before the system call implementation was
+even finalized in the kernel, was probably intended to warn users
+at that time that the implementation might change before final release.
+However, the behavior stated in DESCRIPTION
+has remained consistent since this system call
+was first implemented and will not change now.
 .SH EXAMPLE
 .\" FIXME
 .\" Would it be better, because simpler, to use unshare(2)