From patchwork Tue Jun 28 10:44:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xi Ruoyao X-Patchwork-Id: 1649537 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=bExdS5r0; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LXQxl4kSKz9sG2 for ; Tue, 28 Jun 2022 23:51:55 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 49913380DF9C for ; Tue, 28 Jun 2022 13:51:48 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 49913380DF9C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1656424308; bh=MqxCWIrC8tgGidAuIUim93fKOitlK2GzHgxwalB8Njc=; h=Subject:To:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=bExdS5r0YVWXrBxcIflP/A9cAd9/Vxik52LDUz1cUIR2eEdbriiJ3Djr0c3q7q2o3 5p1zb/+tbxuRTKAPCgVIAYnkMefcMSUobXECT+bRdav4Ny7VTu3O+cWmQc/g6qYVTc aAeuJaTJZS7oRwTQQNqvgaHS3Zvv+S6WH7qFPaKw= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from xry111.site (xry111.site [IPv6:2001:470:683e::1]) by sourceware.org (Postfix) with ESMTPS id 78C56383577C for ; Tue, 28 Jun 2022 10:44:08 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 78C56383577C Received: from localhost.localdomain (xry111.site [IPv6:2001:470:683e::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) (Authenticated sender: xry111@xry111.site) by xry111.site (Postfix) with ESMTPSA id B069E6683F; Tue, 28 Jun 2022 06:44:05 -0400 (EDT) Message-ID: <7b43a10de23645581b7d9175eade4c0e66cbf4d6.camel@xry111.site> Subject: [PATCH v2] test-container: return UNSUPPORTED for ENOSPC on clone() To: DJ Delorie Date: Tue, 28 Jun 2022 18:44:03 +0800 In-Reply-To: References: User-Agent: Evolution 3.44.2 MIME-Version: 1.0 X-Spam-Status: No, score=-8.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FROM_SUSPICIOUS_NTLD, GIT_PATCH_0, LIKELY_SPAM_FROM, SPF_HELO_PASS, SPF_PASS, TXREP, T_PDS_OTHER_BAD_TLD, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Xi Ruoyao via Libc-alpha From: Xi Ruoyao Reply-To: Xi Ruoyao Cc: libc-alpha@sourceware.org Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Sender: "Libc-alpha" Hi DJ, Revised patch following. I don't have write access to glibc.git so I guess you need to push the patch. -- >8 -- Since Linux 4.9, the kernel provides /proc/sys/user/max_{mnt,pid,user}_namespace as a limitation of number of namespaces. Some distros (for example, Slint Linux 14.2.1) set them (or only max_user_namespace) to zero as a "security policy" for disabling namespaces. The clone() call will set errno to ENOSPC under such a limitation. We didn't check ENOSPC in the code so the test will FAIL, and report: unable to unshare user/fs: No space left on device This message is, unfortunately, very unhelpful. It leads people to check the memory or disk space, instead of finding the real issue. To improve the situation, we should check for ENOSPC and return UNSUPPORTED as the test result. Also refactor check_for_unshare_hints() to emit a proper message telling people how to make the test work, if they really need to run the namespaced tests. Reported-by: Philippe Delavalade URL: https://lists.linuxfromscratch.org/sympa/arc/lfs-support/2022-06/msg00022.html Signed-off-by: Xi Ruoyao Reviewed-by: DJ Delorie --- support/test-container.c | 67 +++++++++++++++++++++------------------- 1 file changed, 36 insertions(+), 31 deletions(-) diff --git a/support/test-container.c b/support/test-container.c index 7557aac441..b6a1158ae1 100644 --- a/support/test-container.c +++ b/support/test-container.c @@ -18,6 +18,7 @@ #define _FILE_OFFSET_BITS 64 +#include #include #include #include @@ -684,39 +685,43 @@ rsync (char *src, char *dest, int and_delete, int force_copies) /* See if we can detect what the user needs to do to get unshare support working for us. */ void -check_for_unshare_hints (void) +check_for_unshare_hints (int require_pidns) { + static struct { + const char *path; + int bad_value, good_value, for_pidns; + } files[] = { + /* Default Debian Linux disables user namespaces, but allows a way + to enable them. */ + { "/proc/sys/kernel/unprivileged_userns_clone", 0, 1, 0 }, + /* ALT Linux has an alternate way of doing the same. */ + { "/proc/sys/kernel/userns_restrict", 1, 0, 0 }, + /* Linux kernel >= 4.9 has a configurable limit on the number of + each namespace. Some distros set the limit to zero to disable the + corresponding namespace as a "security policy". */ + { "/proc/sys/user/max_user_namespaces", 0, 1024, 0 }, + { "/proc/sys/user/max_mnt_namespaces", 0, 1024, 0 }, + { "/proc/sys/user/max_pid_namespaces", 0, 1024, 1 }, + }; FILE *f; - int i; + int i, val; - /* Default Debian Linux disables user namespaces, but allows a way - to enable them. */ - f = fopen ("/proc/sys/kernel/unprivileged_userns_clone", "r"); - if (f != NULL) + for (i = 0; i < array_length (files); i++) { - i = 99; /* Sentinel. */ - fscanf (f, "%d", &i); - if (i == 0) - { - printf ("To enable test-container, please run this as root:\n"); - printf (" echo 1 > /proc/sys/kernel/unprivileged_userns_clone\n"); - } - fclose (f); - return; - } + if (!require_pidns && files[i].for_pidns) + continue; - /* ALT Linux has an alternate way of doing the same. */ - f = fopen ("/proc/sys/kernel/userns_restrict", "r"); - if (f != NULL) - { - i = 99; /* Sentinel. */ - fscanf (f, "%d", &i); - if (i == 1) - { - printf ("To enable test-container, please run this as root:\n"); - printf (" echo 0 > /proc/sys/kernel/userns_restrict\n"); - } - fclose (f); + f = fopen (files[i].path, "r"); + if (f == NULL) + continue; + + val = -1; /* Sentinel. */ + fscanf (f, "%d", &val); + if (val != files[i].bad_value) + continue; + + printf ("To enable test-container, please run this as root:\n"); + printf (" echo %d > %s\n", files[i].good_value, files[i].path); return; } } @@ -1117,11 +1122,11 @@ main (int argc, char **argv) { /* Older kernels may not support all the options, or security policy may block this call. */ - if (errno == EINVAL || errno == EPERM) + if (errno == EINVAL || errno == EPERM || errno == ENOSPC) { int saved_errno = errno; - if (errno == EPERM) - check_for_unshare_hints (); + if (errno == EPERM || errno == ENOSPC) + check_for_unshare_hints (require_pidns); FAIL_UNSUPPORTED ("unable to unshare user/fs: %s", strerror (saved_errno)); } /* We're about to exit anyway, it's "safe" to call unshare again