From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <xry111@xry111.site>
Received: from xry111.site (xry111.site [IPv6:2001:470:683e::1])
 by sourceware.org (Postfix) with ESMTPS id 283AB38582A2
 for <libc-alpha@sourceware.org>; Tue,  5 Jul 2022 03:02:12 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 283AB38582A2
Received: from [192.168.124.21] (unknown [113.140.11.6])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-256) server-signature ECDSA (P-384) server-digest
 SHA384) (Client did not present a certificate)
 (Authenticated sender: xry111@xry111.site)
 by xry111.site (Postfix) with ESMTPSA id DC3C66591F;
 Mon,  4 Jul 2022 23:02:08 -0400 (EDT)
Message-ID: <45f17761af334ce87bbb60c438c961307b06586d.camel@xry111.site>
Subject: PING: [PATCH v2] test-container: return UNSUPPORTED for ENOSPC on
 clone()
From: Xi Ruoyao <xry111@xry111.site>
To: DJ Delorie <dj@redhat.com>
Cc: libc-alpha@sourceware.org
Date: Tue, 05 Jul 2022 11:02:06 +0800
In-Reply-To: <7b43a10de23645581b7d9175eade4c0e66cbf4d6.camel@xry111.site>
References: <xn8rpij5n9.fsf@greed.delorie.com>
 <7b43a10de23645581b7d9175eade4c0e66cbf4d6.camel@xry111.site>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.44.3 
MIME-Version: 1.0
X-Spam-Status: No, score=-5.9 required=5.0 tests=BAYES_00, BODY_8BITS,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FROM_SUSPICIOUS_NTLD,
 GIT_PATCH_0, LIKELY_SPAM_FROM, RCVD_IN_BARRACUDACENTRAL, SPF_HELO_PASS,
 SPF_PASS, TXREP, T_PDS_OTHER_BAD_TLD,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jul 2022 03:02:14 -0000

On Tue, 2022-06-28 at 18:44 +0800, Xi Ruoyao wrote:
> Hi DJ,
>=20
> Revised patch following.=C2=A0 I don't have write access to glibc.git so =
I
> guess you need to push the patch.

Gentle ping as we are collecting patches for 2.36 :).

> -- >8 --
>=20
> Since Linux 4.9, the kernel provides
> /proc/sys/user/max_{mnt,pid,user}_namespace as a limitation of number
> of
> namespaces.=C2=A0 Some distros (for example, Slint Linux 14.2.1) set them
> (or
> only max_user_namespace) to zero as a "security policy" for disabling
> namespaces.
>=20
> The clone() call will set errno to ENOSPC under such a limitation.=C2=A0 =
We
> didn't check ENOSPC in the code so the test will FAIL, and report:
>=20
> =C2=A0=C2=A0=C2=A0 unable to unshare user/fs: No space left on device
>=20
> This message is, unfortunately, very unhelpful.=C2=A0 It leads people to
> check the memory or disk space, instead of finding the real issue.
>=20
> To improve the situation, we should check for ENOSPC and return
> UNSUPPORTED as the test result.=C2=A0 Also refactor
> check_for_unshare_hints()
> to emit a proper message telling people how to make the test work, if
> they really need to run the namespaced tests.
>=20
> Reported-by: Philippe Delavalade <philippe.delavalade@orange.fr>
> URL:
> https://lists.linuxfromscratch.org/sympa/arc/lfs-support/2022-06/msg00022=
.html
> Signed-off-by: Xi Ruoyao <xry111@xry111.site>
> Reviewed-by: DJ Delorie <dj@redhat.com>
> ---
> =C2=A0support/test-container.c | 67 +++++++++++++++++++++----------------=
--
> -
> =C2=A01 file changed, 36 insertions(+), 31 deletions(-)
>=20
> diff --git a/support/test-container.c b/support/test-container.c
> index 7557aac441..b6a1158ae1 100644
> --- a/support/test-container.c
> +++ b/support/test-container.c
> @@ -18,6 +18,7 @@
> =C2=A0
> =C2=A0#define _FILE_OFFSET_BITS 64
> =C2=A0
> +#include <array_length.h>
> =C2=A0#include <stdio.h>
> =C2=A0#include <stdlib.h>
> =C2=A0#include <string.h>
> @@ -684,39 +685,43 @@ rsync (char *src, char *dest, int and_delete,
> int force_copies)
> =C2=A0/* See if we can detect what the user needs to do to get unshare
> =C2=A0=C2=A0=C2=A0 support working for us.=C2=A0 */
> =C2=A0void
> -check_for_unshare_hints (void)
> +check_for_unshare_hints (int require_pidns)
> =C2=A0{
> +=C2=A0 static struct {
> +=C2=A0=C2=A0=C2=A0 const char *path;
> +=C2=A0=C2=A0=C2=A0 int bad_value, good_value, for_pidns;
> +=C2=A0 } files[] =3D {
> +=C2=A0=C2=A0=C2=A0 /* Default Debian Linux disables user namespaces, but=
 allows a
> way
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 to enable them.=C2=A0 */
> +=C2=A0=C2=A0=C2=A0 { "/proc/sys/kernel/unprivileged_userns_clone", 0, 1,=
 0 },
> +=C2=A0=C2=A0=C2=A0 /* ALT Linux has an alternate way of doing the same.=
=C2=A0 */
> +=C2=A0=C2=A0=C2=A0 { "/proc/sys/kernel/userns_restrict", 1, 0, 0 },
> +=C2=A0=C2=A0=C2=A0 /* Linux kernel >=3D 4.9 has a configurable limit on =
the number of
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 each namespace.=C2=A0 Some distros =
set the limit to zero to disable
> the
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 corresponding namespace as a "secur=
ity policy".=C2=A0 */
> +=C2=A0=C2=A0=C2=A0 { "/proc/sys/user/max_user_namespaces", 0, 1024, 0 },
> +=C2=A0=C2=A0=C2=A0 { "/proc/sys/user/max_mnt_namespaces", 0, 1024, 0 },
> +=C2=A0=C2=A0=C2=A0 { "/proc/sys/user/max_pid_namespaces", 0, 1024, 1 },
> +=C2=A0 };
> =C2=A0=C2=A0 FILE *f;
> -=C2=A0 int i;
> +=C2=A0 int i, val;
> =C2=A0
> -=C2=A0 /* Default Debian Linux disables user namespaces, but allows a wa=
y
> -=C2=A0=C2=A0=C2=A0=C2=A0 to enable them.=C2=A0 */
> -=C2=A0 f =3D fopen ("/proc/sys/kernel/unprivileged_userns_clone", "r");
> -=C2=A0 if (f !=3D NULL)
> +=C2=A0 for (i =3D 0; i < array_length (files); i++)
> =C2=A0=C2=A0=C2=A0=C2=A0 {
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 i =3D 99; /* Sentinel.=C2=A0 */
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fscanf (f, "%d", &i);
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (i =3D=3D 0)
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0{
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 printf ("To enable test=
-container, please run this as
> root:\n");
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 printf ("=C2=A0 echo 1 =
>
> /proc/sys/kernel/unprivileged_userns_clone\n");
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0}
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fclose (f);
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 return;
> -=C2=A0=C2=A0=C2=A0 }
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (!require_pidns && files[i].for_pidns)
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 continue;
> =C2=A0
> -=C2=A0 /* ALT Linux has an alternate way of doing the same.=C2=A0 */
> -=C2=A0 f =3D fopen ("/proc/sys/kernel/userns_restrict", "r");
> -=C2=A0 if (f !=3D NULL)
> -=C2=A0=C2=A0=C2=A0 {
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 i =3D 99; /* Sentinel.=C2=A0 */
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fscanf (f, "%d", &i);
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (i =3D=3D 1)
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0{
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 printf ("To enable test=
-container, please run this as
> root:\n");
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 printf ("=C2=A0 echo 0 =
> /proc/sys/kernel/userns_restrict\n");
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0}
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fclose (f);
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 f =3D fopen (files[i].path, "r");
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (f =3D=3D NULL)
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 continue;
> +
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 val =3D -1; /* Sentinel.=C2=A0 */
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fscanf (f, "%d", &val);
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (val !=3D files[i].bad_value)
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0continue;
> +
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 printf ("To enable test-container, please=
 run this as
> root:\n");
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 printf ("=C2=A0 echo %d > %s\n", files[i]=
.good_value,
> files[i].path);
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 return;
> =C2=A0=C2=A0=C2=A0=C2=A0 }
> =C2=A0}
> @@ -1117,11 +1122,11 @@ main (int argc, char **argv)
> =C2=A0=C2=A0=C2=A0=C2=A0 {
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* Older kernels may not support all=
 the options, or security
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 policy may block this ca=
ll.=C2=A0 */
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (errno =3D=3D EINVAL || errno =3D=3D E=
PERM)
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (errno =3D=3D EINVAL || errno =3D=3D E=
PERM || errno =3D=3D ENOSPC)
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0{
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 int saved_errno =
=3D errno;
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (errno =3D=3D EPERM)
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 check_for_u=
nshare_hints ();
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (errno =3D=3D EPERM =
|| errno =3D=3D ENOSPC)
> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 check_for_u=
nshare_hints (require_pidns);
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 FAIL_UNSUPPORTED (=
"unable to unshare user/fs: %s", strerror
> (saved_errno));
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0}
> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* We're about to exit anyway, it's =
"safe" to call unshare
> again

--=20
Xi Ruoyao <xry111@xry111.site>
School of Aerospace Science and Technology, Xidian University