Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
[lxc/lxc] b4fda3: - LXC attach should exit on SIGCHLD
0 views
Skip to first unread message
Alexander Mikhalitsyn
Apr 3, 2025, 1:24:18 PMApr 3
to lxc-...@lists.linuxcontainers.org
Branch: refs/heads/stable-6.0
Home: https://github.com/lxc/lxc
Commit: b4fda3c60290c968f535c31399eb218f0af81235
https://github.com/lxc/lxc/commit/b4fda3c60290c968f535c31399eb218f0af81235
Author: Asain Kujovic <asa...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
- LXC attach should exit on SIGCHLD
Signed-off-by: Asain Kujovic <asa...@gmail.com>
Commit: 56ef15e7107799b9f30a290e3a8f0bb9e5d58ad9
https://github.com/lxc/lxc/commit/56ef15e7107799b9f30a290e3a8f0bb9e5d58ad9
Author: Asain Kujovic <asa...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
confile-vlanid: undefined is not a zero value
Signed-off-by: Asain Kujovic <asa...@gmail.com>
Commit: d34b373cacf666f1b324d9f0f1841be21eb7c6dc
https://github.com/lxc/lxc/commit/d34b373cacf666f1b324d9f0f1841be21eb7c6dc
Author: Sotir Danailov <sndan...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
conf: log name of invalid capability in error
Signed-off-by: Sotir Danailov <sndan...@gmail.com>
Commit: a99f593e39a2ea30ecc0a1c0a3496cb637e20588
https://github.com/lxc/lxc/commit/a99f593e39a2ea30ecc0a1c0a3496cb637e20588
Author: Sotir Danailov <sndan...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
dbus: replace hardcoded dbus address with environment variable
Signed-off-by: Sotir Danailov <sndan...@gmail.com>
Commit: 555276df913c5031565ebaa36d448a402ad22afc
https://github.com/lxc/lxc/commit/555276df913c5031565ebaa36d448a402ad22afc
Author: Sotir Danailov <sndan...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: warn when capabilities are disabled or libcap is not found
The reason for this warning, is that the project will compile and when it does
not work, it's not clear from the logs what the reason might be.
Signed-off-by: Sotir Danailov <sndan...@gmail.com>
Commit: 5b31eb51a0c4d18c0769bfa066abcb8348c761cc
https://github.com/lxc/lxc/commit/5b31eb51a0c4d18c0769bfa066abcb8348c761cc
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
lxc/attach: Revert "- LXC attach should exit on SIGCHLD"
This reverts commit f02158439677d0c1d4b2ed2ed1ba9bc43923a05d.
Let's revert this change as it introduces 2 regressions:
1. it's not correct to do exit(2) from a signal handler in this case,
as we skip a proper cleaning procedures like restoring PTY configuration
state (see lxc_terminal_delete()) which leads to a problem with a PTY after lxc-attach exits.
[ hint: just try to use lxc-attach on a main branch with this change and you will
see it. After lxc-attach exits you won't be able to type anything in your
current terminal session as it's messed up. ]
2. this introduces race-condition in the code which leads to a
regression on LXD/(and I believe Incus too) which can be seen as
random "Failed to retrieve PID of executing child process" errors
on "lxc exec"/"incus exec" commands. It's extremely hard to reproduce,
but my guess is that we are getting a race condition here, because
by the time when we set a new signal handler for SIGCHLD, transient process
is still alive and when it exists it generates SIGCHLD which may lead to
exit().
3. This changes a behavior of lxc-attach which was there for *years*
and it's quite scary to be honest. I'm not against having this change, but
in a different form, for example we can add a new command line parameter for
lxc-attach command which will enable this behavior.
My first attempt was to fix that change to prevent race, but then
I've noticed that we also have a more serious problem described in (1),
this requires more work to do.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: f68da1c9f39f134a305296f7e724f94a7fd28931
https://github.com/lxc/lxc/commit/f68da1c9f39f134a305296f7e724f94a7fd28931
Author: Irnes Mujkanovic <irnes.mu...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
config-bcast: fix incorrect broadcast address calculation
Signed-off-by: Irnes Mujkanovic <irnes.mu...@gmail.com>
Commit: 84e02ca8c371d3b957478c574ee80a97a18fd631
https://github.com/lxc/lxc/commit/84e02ca8c371d3b957478c574ee80a97a18fd631
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
R .github/actions/build/action.yml
R .github/actions/testsuite/action.yml
M .github/workflows/tests.yml
Log Message:
-----------
github: Switch to native arm64 runners
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: 0e99eaa351a4d409560232465c014ba3a2cd4433
https://github.com/lxc/lxc/commit/0e99eaa351a4d409560232465c014ba3a2cd4433
Author: Mathias Aerts <mathia...@delta.blue>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M config/init/common/lxc-net.in
Log Message:
-----------
Added LXC_IPV6_ENABLE option for lxc-net to enable or disable IPv6
Signed-off-by: Mathias Aerts <mathia...@delta.blue>
Commit: 400115de07b6db34aa5e83c784e3fb7f9ce1bbc7
https://github.com/lxc/lxc/commit/400115de07b6db34aa5e83c784e3fb7f9ce1bbc7
Author: Managor <42655600...@users.noreply.github.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M config/sysconfig/lxc.in
Log Message:
-----------
sysconfig/lxc: remove false comment
Signed-off-by: Managor <42655600...@users.noreply.github.com>
Commit: 5cdef29d814ccb78b41e41aeb4daecfeabc612be
https://github.com/lxc/lxc/commit/5cdef29d814ccb78b41e41aeb4daecfeabc612be
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M config/etc/default.conf.lxcbr
M config/init/common/lxc-net.in
M lxc.spec.in
M src/lxc/confile_utils.c
M src/tests/get_item.c
M src/tests/lxc-test-createconfig
Log Message:
-----------
global: Switch MAC generation to Zabbly prefix
Zabbly obtained the 10:66:6a MAC address prefix for use by
the Linux Containers project.
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: 3a4003c8ca2235e089f9e2b45437e32b78ceb810
https://github.com/lxc/lxc/commit/3a4003c8ca2235e089f9e2b45437e32b78ceb810
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/network.c
M src/tests/lxc-test-utils.c
Log Message:
-----------
global: Switch to new MAC prefix
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: bcb6d063dd759393e85c3717173a40741a573547
https://github.com/lxc/lxc/commit/bcb6d063dd759393e85c3717173a40741a573547
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
A .github/workflows/builds.yml
Log Message:
-----------
github: Add packaging workflow
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: 782b666dcf500e47968b36c8ad2a843f87f43ca9
https://github.com/lxc/lxc/commit/782b666dcf500e47968b36c8ad2a843f87f43ca9
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools/lxc_attach: fix ENFORCE_MEMFD_REXEC checks
We unconditionally define ENFORCE_MEMFD_REXEC in meson.build
to a corresponding boolean value, so we need to use #if
instead of #ifdef in the code.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: dfe473705c42d557bb256a9f163624ae7f60dd86
https://github.com/lxc/lxc/commit/dfe473705c42d557bb256a9f163624ae7f60dd86
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
lxc/conf: handle rootfs open_at error in lxc_mount_rootfs
If LXC build is misconfigured, for instance, --prefix=/
and /lib is a symlink to /usr/lib then open_at always fails
to open rootfs. Let's add error print to make it easier to
figure out this.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: 77b9cb1dc734034ddcad37e7d999fed7405b66f8
https://github.com/lxc/lxc/commit/77b9cb1dc734034ddcad37e7d999fed7405b66f8
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/caps.c
Log Message:
-----------
lxc/caps: fix open /proc/sys/kernel/cap_last_cap
Since 7418b27f1 ("tree-wide: use __u32 for capabilities") open
/proc/sys/kernel/cap_last_cap never worked, it was failing with
EXDEV and we were using a fallback codepath to get a last cap.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: 312976c9b02cf69ed1441a6c783bdf1a35b41599
https://github.com/lxc/lxc/commit/312976c9b02cf69ed1441a6c783bdf1a35b41599
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
lxc/start: do prctl(PR_SET_DUMPABLE) after last uid/gid switch
We need to do prctl(PR_SET_DUMPABLE) later, after last lxc_switch_uid_gid()
call. Because otherwise, our earlier call won't be effective as commit_creds()
in the kernel [1] will set_dumpable(task->mm, suid_dumpable) if UID/GID or capabilities
were affected by lxc_switch_uid_gid() call.
This only affects LXC API ->start(struct lxc_container *c, int useinit, char *const argv[])
call when useinit == 1 because in this case we don't perform additinal exec() and
task's dumpable bit remains set to 2 (default value taken from /proc/sys/fs/suid_dumpable).
If useinit == 0, then we do exec() (see start_ops->start callback) and then dumblable
flag will be reset in begin_new_exec() to SUID_DUMP_USER=1 [2]. Then everything will be fine.
Reproducer (problem with lxc-attach).
1. Create unprivileged container
$ ./normalbuild/src/lxc/tools/lxc-create -n testcaps -t download
with busybox template and config:
lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536
lxc.init.uid = 1234
lxc.init.gid = 4321
lxc.init.cwd = /
lxc.sched.core = 1
2. Run a container with useinit = 1
$ ./lxcbuild/src/lxc/tools/lxc-execute -n testcaps -l TRACE -o /home/ubuntu/debug.log -- /bin/sleep 100
1. Try to attach
$ strace -f -e prctl ./normalbuild/src/lxc/tools/lxc-attach -n testcaps
prctl(PR_CAPBSET_READ, CAP_MAC_OVERRIDE) = 1
prctl(PR_CAPBSET_READ, 0x30 /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, CAP_CHECKPOINT_RESTORE) = 1
prctl(PR_CAPBSET_READ, 0x2c /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, 0x2a /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, 0x29 /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_SCHED_CORE, PR_SCHED_CORE_GET, 4124, 0 /* PIDTYPE_PID */, [0xd00f7fff]) = 0
strace: Process 4165 attached
strace: Process 4166 attached
[pid 4166] +++ exited with 0 +++
[pid 4164] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4166, si_uid=100000, si_status=0, si_utime=0, si_stime=0} ---
strace: Process 4167 attached
[pid 4167] prctl(PR_SCHED_CORE, PR_SCHED_CORE_SHARE_FROM, 1, 0 /* PIDTYPE_PID */, NULL) = -1 EPERM (Operation not permitted) <<<<< OOPS
[pid 4165] +++ exited with 0 +++
[pid 4164] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4165, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
lxc-attach: testcaps: ../src/lxc/attach.c: do_attach: 1160 Operation not permitted - Failed to join core scheduling domain of 4124
lxc-attach: testcaps: ../src/lxc/attach.c: do_attach: 1382 Failed to attach to container
prctl(PR_SCHED_CORE, PR_SCHED_CORE_SHARE_FROM...) fails with EPERM, because:
- container's init task->mm: (get_dumpable(mm) != SUID_DUMP_USER)
AND
- mm->user_ns == init_user_ns (as there was no exec() and mm_struct->user_ns was set in the initial
user namespace when we run lxc-execute)
( for more details see [3] )
[1] https://github.com/torvalds/linux/blob/acc4d5ff0b61eb1715c498b6536c38c1feb7f3c1/kernel/cred.c#L412
[2] https://github.com/torvalds/linux/blob/a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11/fs/exec.c#L1331
[3] https://github.com/torvalds/linux/blob/acc4d5ff0b61eb1715c498b6536c38c1feb7f3c1/kernel/ptrace.c#L344
Reported-by: Stéphane Graber <stgr...@stgraber.org>
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Compare: https://github.com/lxc/lxc/compare/fe31d844e882...312976c9b02c
To unsubscribe from these emails, change your notification settings at https://github.com/lxc/lxc/settings/notifications
Home: https://github.com/lxc/lxc
Commit: b4fda3c60290c968f535c31399eb218f0af81235
https://github.com/lxc/lxc/commit/b4fda3c60290c968f535c31399eb218f0af81235
Author: Asain Kujovic <asa...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
- LXC attach should exit on SIGCHLD
Signed-off-by: Asain Kujovic <asa...@gmail.com>
Commit: 56ef15e7107799b9f30a290e3a8f0bb9e5d58ad9
https://github.com/lxc/lxc/commit/56ef15e7107799b9f30a290e3a8f0bb9e5d58ad9
Author: Asain Kujovic <asa...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
confile-vlanid: undefined is not a zero value
Signed-off-by: Asain Kujovic <asa...@gmail.com>
Commit: d34b373cacf666f1b324d9f0f1841be21eb7c6dc
https://github.com/lxc/lxc/commit/d34b373cacf666f1b324d9f0f1841be21eb7c6dc
Author: Sotir Danailov <sndan...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
conf: log name of invalid capability in error
Signed-off-by: Sotir Danailov <sndan...@gmail.com>
Commit: a99f593e39a2ea30ecc0a1c0a3496cb637e20588
https://github.com/lxc/lxc/commit/a99f593e39a2ea30ecc0a1c0a3496cb637e20588
Author: Sotir Danailov <sndan...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
dbus: replace hardcoded dbus address with environment variable
Signed-off-by: Sotir Danailov <sndan...@gmail.com>
Commit: 555276df913c5031565ebaa36d448a402ad22afc
https://github.com/lxc/lxc/commit/555276df913c5031565ebaa36d448a402ad22afc
Author: Sotir Danailov <sndan...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: warn when capabilities are disabled or libcap is not found
The reason for this warning, is that the project will compile and when it does
not work, it's not clear from the logs what the reason might be.
Signed-off-by: Sotir Danailov <sndan...@gmail.com>
Commit: 5b31eb51a0c4d18c0769bfa066abcb8348c761cc
https://github.com/lxc/lxc/commit/5b31eb51a0c4d18c0769bfa066abcb8348c761cc
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
lxc/attach: Revert "- LXC attach should exit on SIGCHLD"
This reverts commit f02158439677d0c1d4b2ed2ed1ba9bc43923a05d.
Let's revert this change as it introduces 2 regressions:
1. it's not correct to do exit(2) from a signal handler in this case,
as we skip a proper cleaning procedures like restoring PTY configuration
state (see lxc_terminal_delete()) which leads to a problem with a PTY after lxc-attach exits.
[ hint: just try to use lxc-attach on a main branch with this change and you will
see it. After lxc-attach exits you won't be able to type anything in your
current terminal session as it's messed up. ]
2. this introduces race-condition in the code which leads to a
regression on LXD/(and I believe Incus too) which can be seen as
random "Failed to retrieve PID of executing child process" errors
on "lxc exec"/"incus exec" commands. It's extremely hard to reproduce,
but my guess is that we are getting a race condition here, because
by the time when we set a new signal handler for SIGCHLD, transient process
is still alive and when it exists it generates SIGCHLD which may lead to
exit().
3. This changes a behavior of lxc-attach which was there for *years*
and it's quite scary to be honest. I'm not against having this change, but
in a different form, for example we can add a new command line parameter for
lxc-attach command which will enable this behavior.
My first attempt was to fix that change to prevent race, but then
I've noticed that we also have a more serious problem described in (1),
this requires more work to do.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: f68da1c9f39f134a305296f7e724f94a7fd28931
https://github.com/lxc/lxc/commit/f68da1c9f39f134a305296f7e724f94a7fd28931
Author: Irnes Mujkanovic <irnes.mu...@gmail.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
config-bcast: fix incorrect broadcast address calculation
Signed-off-by: Irnes Mujkanovic <irnes.mu...@gmail.com>
Commit: 84e02ca8c371d3b957478c574ee80a97a18fd631
https://github.com/lxc/lxc/commit/84e02ca8c371d3b957478c574ee80a97a18fd631
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
R .github/actions/build/action.yml
R .github/actions/testsuite/action.yml
M .github/workflows/tests.yml
Log Message:
-----------
github: Switch to native arm64 runners
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: 0e99eaa351a4d409560232465c014ba3a2cd4433
https://github.com/lxc/lxc/commit/0e99eaa351a4d409560232465c014ba3a2cd4433
Author: Mathias Aerts <mathia...@delta.blue>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M config/init/common/lxc-net.in
Log Message:
-----------
Added LXC_IPV6_ENABLE option for lxc-net to enable or disable IPv6
Signed-off-by: Mathias Aerts <mathia...@delta.blue>
Commit: 400115de07b6db34aa5e83c784e3fb7f9ce1bbc7
https://github.com/lxc/lxc/commit/400115de07b6db34aa5e83c784e3fb7f9ce1bbc7
Author: Managor <42655600...@users.noreply.github.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M config/sysconfig/lxc.in
Log Message:
-----------
sysconfig/lxc: remove false comment
Signed-off-by: Managor <42655600...@users.noreply.github.com>
Commit: 5cdef29d814ccb78b41e41aeb4daecfeabc612be
https://github.com/lxc/lxc/commit/5cdef29d814ccb78b41e41aeb4daecfeabc612be
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M config/etc/default.conf.lxcbr
M config/init/common/lxc-net.in
M lxc.spec.in
M src/lxc/confile_utils.c
M src/tests/get_item.c
M src/tests/lxc-test-createconfig
Log Message:
-----------
global: Switch MAC generation to Zabbly prefix
Zabbly obtained the 10:66:6a MAC address prefix for use by
the Linux Containers project.
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: 3a4003c8ca2235e089f9e2b45437e32b78ceb810
https://github.com/lxc/lxc/commit/3a4003c8ca2235e089f9e2b45437e32b78ceb810
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/network.c
M src/tests/lxc-test-utils.c
Log Message:
-----------
global: Switch to new MAC prefix
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: bcb6d063dd759393e85c3717173a40741a573547
https://github.com/lxc/lxc/commit/bcb6d063dd759393e85c3717173a40741a573547
Author: Stéphane Graber <stgr...@stgraber.org>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
A .github/workflows/builds.yml
Log Message:
-----------
github: Add packaging workflow
Signed-off-by: Stéphane Graber <stgr...@stgraber.org>
Commit: 782b666dcf500e47968b36c8ad2a843f87f43ca9
https://github.com/lxc/lxc/commit/782b666dcf500e47968b36c8ad2a843f87f43ca9
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools/lxc_attach: fix ENFORCE_MEMFD_REXEC checks
We unconditionally define ENFORCE_MEMFD_REXEC in meson.build
to a corresponding boolean value, so we need to use #if
instead of #ifdef in the code.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: dfe473705c42d557bb256a9f163624ae7f60dd86
https://github.com/lxc/lxc/commit/dfe473705c42d557bb256a9f163624ae7f60dd86
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
lxc/conf: handle rootfs open_at error in lxc_mount_rootfs
If LXC build is misconfigured, for instance, --prefix=/
and /lib is a symlink to /usr/lib then open_at always fails
to open rootfs. Let's add error print to make it easier to
figure out this.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: 77b9cb1dc734034ddcad37e7d999fed7405b66f8
https://github.com/lxc/lxc/commit/77b9cb1dc734034ddcad37e7d999fed7405b66f8
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/caps.c
Log Message:
-----------
lxc/caps: fix open /proc/sys/kernel/cap_last_cap
Since 7418b27f1 ("tree-wide: use __u32 for capabilities") open
/proc/sys/kernel/cap_last_cap never worked, it was failing with
EXDEV and we were using a fallback codepath to get a last cap.
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Commit: 312976c9b02cf69ed1441a6c783bdf1a35b41599
https://github.com/lxc/lxc/commit/312976c9b02cf69ed1441a6c783bdf1a35b41599
Author: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Date: 2025-04-03 (Thu, 03 Apr 2025)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
lxc/start: do prctl(PR_SET_DUMPABLE) after last uid/gid switch
We need to do prctl(PR_SET_DUMPABLE) later, after last lxc_switch_uid_gid()
call. Because otherwise, our earlier call won't be effective as commit_creds()
in the kernel [1] will set_dumpable(task->mm, suid_dumpable) if UID/GID or capabilities
were affected by lxc_switch_uid_gid() call.
This only affects LXC API ->start(struct lxc_container *c, int useinit, char *const argv[])
call when useinit == 1 because in this case we don't perform additinal exec() and
task's dumpable bit remains set to 2 (default value taken from /proc/sys/fs/suid_dumpable).
If useinit == 0, then we do exec() (see start_ops->start callback) and then dumblable
flag will be reset in begin_new_exec() to SUID_DUMP_USER=1 [2]. Then everything will be fine.
Reproducer (problem with lxc-attach).
1. Create unprivileged container
$ ./normalbuild/src/lxc/tools/lxc-create -n testcaps -t download
with busybox template and config:
lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536
lxc.init.uid = 1234
lxc.init.gid = 4321
lxc.init.cwd = /
lxc.sched.core = 1
2. Run a container with useinit = 1
$ ./lxcbuild/src/lxc/tools/lxc-execute -n testcaps -l TRACE -o /home/ubuntu/debug.log -- /bin/sleep 100
1. Try to attach
$ strace -f -e prctl ./normalbuild/src/lxc/tools/lxc-attach -n testcaps
prctl(PR_CAPBSET_READ, CAP_MAC_OVERRIDE) = 1
prctl(PR_CAPBSET_READ, 0x30 /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, CAP_CHECKPOINT_RESTORE) = 1
prctl(PR_CAPBSET_READ, 0x2c /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, 0x2a /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, 0x29 /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_SCHED_CORE, PR_SCHED_CORE_GET, 4124, 0 /* PIDTYPE_PID */, [0xd00f7fff]) = 0
strace: Process 4165 attached
strace: Process 4166 attached
[pid 4166] +++ exited with 0 +++
[pid 4164] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4166, si_uid=100000, si_status=0, si_utime=0, si_stime=0} ---
strace: Process 4167 attached
[pid 4167] prctl(PR_SCHED_CORE, PR_SCHED_CORE_SHARE_FROM, 1, 0 /* PIDTYPE_PID */, NULL) = -1 EPERM (Operation not permitted) <<<<< OOPS
[pid 4165] +++ exited with 0 +++
[pid 4164] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4165, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
lxc-attach: testcaps: ../src/lxc/attach.c: do_attach: 1160 Operation not permitted - Failed to join core scheduling domain of 4124
lxc-attach: testcaps: ../src/lxc/attach.c: do_attach: 1382 Failed to attach to container
prctl(PR_SCHED_CORE, PR_SCHED_CORE_SHARE_FROM...) fails with EPERM, because:
- container's init task->mm: (get_dumpable(mm) != SUID_DUMP_USER)
AND
- mm->user_ns == init_user_ns (as there was no exec() and mm_struct->user_ns was set in the initial
user namespace when we run lxc-execute)
( for more details see [3] )
[1] https://github.com/torvalds/linux/blob/acc4d5ff0b61eb1715c498b6536c38c1feb7f3c1/kernel/cred.c#L412
[2] https://github.com/torvalds/linux/blob/a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11/fs/exec.c#L1331
[3] https://github.com/torvalds/linux/blob/acc4d5ff0b61eb1715c498b6536c38c1feb7f3c1/kernel/ptrace.c#L344
Reported-by: Stéphane Graber <stgr...@stgraber.org>
Signed-off-by: Alexander Mikhalitsyn <aleksandr....@canonical.com>
Compare: https://github.com/lxc/lxc/compare/fe31d844e882...312976c9b02c
To unsubscribe from these emails, change your notification settings at https://github.com/lxc/lxc/settings/notifications
Reply all
Reply to author
Forward
0 new messages