Skip to content

nsexec: retry unshare on EINVAL#3772

Merged
kolyshkin merged 1 commit intoopencontainers:mainfrom
kolyshkin:retry-unshare
Mar 17, 2023
Merged

nsexec: retry unshare on EINVAL#3772
kolyshkin merged 1 commit intoopencontainers:mainfrom
kolyshkin:retry-unshare

Conversation

@kolyshkin
Copy link
Contributor

@kolyshkin kolyshkin commented Mar 16, 2023
edited
Loading

Older kernels may return EINVAL on unshare when a process is reading runc's /proc/$PID/status or /proc/$PID/maps. This was fixed by kernel commit 12c641ab8270f ("unshare: Unsharing a thread does not require unsharing a vm") in Linux v4.3.

For CentOS 7, the fix was backported to CentOS 7.7 (kernel 3.10.0-1062).

To work around this kernel bug, let's retry on EINVAL a few times.

Not adding a test case as the fix is short and obvious, and the repro is somewhat complicated (see #3705).

Closes: #3705

@kolyshkin
nsexec: retry unshare on EINVAL
cecb039 
Older kernels may return EINVAL on unshare when a process is reading
runc's /proc/$PID/status or /proc/$PID/maps. This was fixed by kernel
commit 12c641ab8270f ("unshare: Unsharing a thread does not require
unsharing a vm") in Linuxt  v4.3.

For CentOS 7, the fix was backported to CentOS 7.7 (kernel 3.10.0-1062).

To work around this kernel bug, let's retry on EINVAL a few times.

Reported-by: zzyyzte <zhang.yu58@zte.com.cn>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin kolyshkin mentioned this pull request Mar 16, 2023
Closed
@kolyshkin kolyshkin added this to the 1.2.0 milestone Mar 16, 2023
@kolyshkin kolyshkin added the backport/1.1-todo A PR in main branch which needs to be backported to release-1.1 label Mar 16, 2023
@kolyshkin kolyshkin requested review from AkihiroSuda and cyphar March 16, 2023 17:52
@kolyshkin kolyshkin marked this pull request as ready for review March 16, 2023 18:58
cyphar
cyphar approved these changes Mar 17, 2023
View reviewed changes
Copy link
Member

@cyphar cyphar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@AkihiroSuda
Copy link
Member

AkihiroSuda commented Mar 17, 2023

Older kernels may return EINVAL on unshare when a process is reading runc's /proc/$PID/status or /proc/$PID/maps. This was fixed by kernel commit 12c641ab8270f ("unshare: Unsharing a thread does not require unsharing a vm") in Linux v4.3.

For CentOS 7, the fix was backported to CentOS 7.7 (kernel 3.10.0-1062).

Could you add these lines to the comment lines in the code?

rata
rata approved these changes Mar 17, 2023
View reviewed changes
Copy link
Member

@rata rata left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kolyshkin
Copy link
Contributor Author

kolyshkin commented Mar 17, 2023

Could you add these lines to the comment lines in the code?

I had it in there but later decided to be more concise in the code and move all the details into the commit message.

@kolyshkin kolyshkin merged commit c6624e6 into opencontainers:main Mar 17, 2023
@kolyshkin kolyshkin mentioned this pull request Mar 17, 2023
Merged
@kolyshkin kolyshkin added backport/1.1-done A PR in main branch which has been backported to release-1.1 and removed backport/1.1-todo A PR in main branch which needs to be backported to release-1.1 labels Mar 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rata rata rata approved these changes

@cyphar cyphar cyphar approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

No one assigned

Labels

backport/1.1-done A PR in main branch which has been backported to release-1.1

Projects

None yet

Milestone

1.2.0

Development

Successfully merging this pull request may close these issues.

4 participants

@kolyshkin @AkihiroSuda @rata @cyphar