From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436]) by sourceware.org (Postfix) with ESMTPS id 915F73AA940F for ; Fri, 27 May 2022 15:54:07 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 915F73AA940F Received: by mail-pf1-x436.google.com with SMTP id b135so4642535pfb.12 for ; Fri, 27 May 2022 08:54:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vVmm38CZlLptH4I2e41nrZhVBGU2jUNd+RKfFogRfhg=; b=rC1edncwKUXGJjTAuQWRP3MJ4OJAmq2WN9E5kyUHBkbJIGlyVNsihwX0wzANm9jT0P ytkFxN9c7IEyVUHQA8Ju6BXnc82+Ss2c/owzvsngHJ8fQD3cgiI6D8XxYRU2BNWvqPLN z46VHWRVB1ClJ7/mteJL9Txa8ZMp1hOK4yM1+MSHdKB6AGzg3J1wR5chX/cINBE3yh0f CPnrNgG1Wg1Q8dBUIqgFLSUmDkGypt7YAq7w5rPrYoOnJQgqKlbdLkVJPn5SowT4Dz/L 0OWyl7mabEhbcgntKHmz/fut4vg8a/PSCVEjmKAqtsuwDY/mPrKfYz99OXxKiCsMSkFK 3LiQ== X-Gm-Message-State: AOAM533AA4uVtT3K4URyIFzbIsXW8GBfD4aAecHKuQsEh4cycH9P3+wb MYA0wrPZc+clxUJtOylhSMw48/6pOL3AecvhOoc= X-Google-Smtp-Source: ABdhPJxNeQ/LiXiellXuxg8Ckb2kk1+N3nk2TSttX480xGTQlnjr9vD/nLdHRBPiRzevUW4dPPIvRroYROiq4dfRJ0c= X-Received: by 2002:a05:6a00:a15:b0:518:ffe0:71e3 with SMTP id p21-20020a056a000a1500b00518ffe071e3mr12887165pfh.42.1653666846457; Fri, 27 May 2022 08:54:06 -0700 (PDT) MIME-Version: 1.0 References: <20220510191155.1998575-1-adhemerval.zanella@linaro.org> <877d6tb3hl.fsf@oldenburg.str.redhat.com> <20220511092119.ke4zlm2dkazasmva@wittgenstein> <87h75dyf3p.fsf@oldenburg.str.redhat.com> In-Reply-To: <87h75dyf3p.fsf@oldenburg.str.redhat.com> From: Andrei Vagin Date: Fri, 27 May 2022 08:53:54 -0700 Message-ID: Subject: Re: [PATCH v4 0/3] Linux: Fix posix_spawn when user with time namespaces To: Florian Weimer Cc: Christian Brauner , Adhemerval Zanella , libc-alpha@sourceware.org, Alexey Izbyshev , "Carlos O'Donell" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 May 2022 15:54:09 -0000 On Wed, May 25, 2022 at 5:24 AM Florian Weimer wrote: > > * Christian Brauner: > > > On Tue, May 10, 2022 at 09:18:46PM +0200, Florian Weimer wrote: > >> * Adhemerval Zanella: > >> > >> > The patchset adds some support to tests the fallback code to > >> > use only use CLONE_VFORK. It uses unshare directly because > >> > it simpler than add container support. > >> > > >> > Adhemerval Zanella (3): > >> > linux: Add CLONE_NEWTIME from Linux 5.6 to bits/sched.h > >> > support: Add support_enter_time_namespace > >> > linux: Add fallback for clone failure on posix_spawn (BZ #29115) > >> > >> Christan, how likely is it that we'd get another time namespace variant > >> that would only become effective after execve (when the DSO is remapped > >> anyway)? > > > > Not unlikely if it helps you avoid a lot of complexity. I will need some > > time to track down Andrei and others to discuss though. > > Any progress with that? (I hope I guessed the right Andrei.) I think this is the right me. Have I missed something? > > Breaking vfork is really a bit of a hassle for us, and the workaround > code is quite non-trivial and will have to implemented across many > projects (not just glibc). An unshare request that takes effect on > execve only would really help. Is the problem that vfork fails if a process has half-entered a time namespace? > > Thanks, > Florian >