Skip to content

[1.1] nsexec: retry unshare on EINVAL #3776

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 26, 2023
Merged

[1.1] nsexec: retry unshare on EINVAL #3776

merged 1 commit into from
Mar 26, 2023

Conversation

@kolyshkin
Copy link
Contributor

@kolyshkin kolyshkin commented Mar 17, 2023
edited
Loading

This is a backport of #3772 to the release-1.1 branch. Original description follows.

Older kernels may return EINVAL on unshare when a process is reading runc's /proc/$PID/status or /proc/$PID/maps. This was fixed by kernel commit 12c641ab8270f ("unshare: Unsharing a thread does not require unsharing a vm") in Linux v4.3.

For CentOS 7, the fix was backported to CentOS 7.7 (kernel 3.10.0-1062).

To work around this kernel bug, let's retry on EINVAL a few times.

Reported-by: zzyyzte [email protected]

(cherry picked from commit cecb039)

@kolyshkin kolyshkin added impact/changelog backport/1.1-pr A backport PR to release-1.1 labels Mar 17, 2023
@kolyshkin kolyshkin added this to the 1.1.5 milestone Mar 17, 2023
@kolyshkin kolyshkin force-pushed the 1.1-retry-unshare branch 2 times, most recently from 5ddbdbd to cbc51f2 Compare March 17, 2023 16:58
rata
rata approved these changes Mar 17, 2023
View reviewed changes
Copy link
Member

@rata rata left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@AkihiroSuda AkihiroSuda enabled auto-merge March 18, 2023 10:16
@kolyshkin @cyphar
nsexec: retry unshare on EINVAL
8ec02ea 
Older kernels may return EINVAL on unshare when a process is reading
runc's /proc/$PID/status or /proc/$PID/maps. This was fixed by kernel
commit 12c641ab8270f ("unshare: Unsharing a thread does not require
unsharing a vm") in Linux v4.3.

For CentOS 7, the fix was backported to CentOS 7.7 (kernel 3.10.0-1062).

To work around this kernel bug, let's retry on EINVAL a few times.

Reported-by: zzyyzte <[email protected]>
Signed-off-by: Kir Kolyshkin <[email protected]>
(cherry picked from commit cecb039)
Signed-off-by: Kir Kolyshkin <[email protected]>
@cyphar cyphar force-pushed the 1.1-retry-unshare branch from cbc51f2 to 8ec02ea Compare March 26, 2023 01:48
@cyphar cyphar disabled auto-merge March 26, 2023 01:48
@cyphar cyphar merged commit 27fb72c into opencontainers:release-1.1 Mar 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rata rata rata approved these changes

@cyphar cyphar cyphar approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

No one assigned

Labels

backport/1.1-pr A backport PR to release-1.1 impact/changelog

Projects

None yet

Milestone

1.1.5

Development

Successfully merging this pull request may close these issues.

4 participants

@kolyshkin @rata @cyphar @AkihiroSuda