From mboxrd@z Thu Jan 1 00:00:00 1970 From: Efraim Flashner Subject: Re: chroot/aarch64 issues Date: Tue, 5 Jul 2016 15:28:48 +0300 Message-ID: <20160705122848.GE6523@debian-netbook> References: <20160704104248.GA32334@debian-netbook> <87h9c5ed87.fsf@gnu.org> <20160704141514.GB32334@debian-netbook> <87oa6czd4w.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="GdbWtwDHkcXqP16f" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:36820) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bKPTM-0003jV-UP for guix-devel@gnu.org; Tue, 05 Jul 2016 08:29:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bKPTJ-0007GR-Nv for guix-devel@gnu.org; Tue, 05 Jul 2016 08:29:04 -0400 Content-Disposition: inline In-Reply-To: <87oa6czd4w.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Ludovic =?utf-8?Q?Court=C3=A8s?= Cc: guix-devel@gnu.org --GdbWtwDHkcXqP16f Content-Type: multipart/mixed; boundary="m1UC1K4AOz1Ywdkx" Content-Disposition: inline --m1UC1K4AOz1Ywdkx Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 05, 2016 at 10:45:51AM +0200, Ludovic Court=C3=A8s wrote: > Efraim Flashner skribis: >=20 > > On Mon, Jul 04, 2016 at 03:37:12PM +0200, Ludovic Court=C3=A8s wrote: > >> Hi! >=20 > If the kernel config corresponds to this kernel, I don=E2=80=99t see whic= h of > the other EINVAL reasons given in clone(2) would apply. Does =E2=80=98dm= esg=E2=80=99 > show something? >=20 > Could you maybe try a C program that invokes clone(2) and progressively > remove CLONE_ flags until you find the one that=E2=80=99s causing EINVAL? >=20 > Thanks, > Ludo=E2=80=99. I grabbed the code from man 2 clone and ran that on the odroid, which told me "clone: Operation not permitted" --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --m1UC1K4AOz1Ywdkx Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="clone.c" #define _GNU_SOURCE #include #include #include #include #include #include #include #define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \ } while (0) static int /* Start function for cloned child */ childFunc(void *arg) { struct utsname uts; /* Change hostname in UTS namespace of child */ if (sethostname(arg, strlen(arg)) == -1) errExit("sethostname"); /* Retrieve and display hostname */ if (uname(&uts) == -1) errExit("uname"); printf("uts.nodename in child: %s\n", uts.nodename); /* Keep the namespace open for a while, by sleeping. * This allows some experimentation--for example, another * process might join the namespace. */ sleep(200); return 0; /* Child terminates now */ } #define STACK_SIZE (1024 * 1024) /* Stack size for cloned child */ int main(int argc, char *argv[]) { char *stack; /* Start of stack buffer */ char *stackTop; /* End of stack buffer */ pid_t pid; struct utsname uts; if (argc < 2) { fprintf(stderr, "Usage: %s \n", argv[0]); exit(EXIT_SUCCESS); } /* Allocate stack for child */ stack = malloc(STACK_SIZE); if (stack == NULL) errExit("malloc"); stackTop = stack + STACK_SIZE; /* Assume stack grows downward */ /* Create child that has its own UTS namespace; * child commences execution in childFunc() */ pid = clone(childFunc, stackTop, CLONE_NEWUTS | SIGCHLD, argv[1]); if (pid == -1) errExit("clone"); printf("clone() returned %ld\n", (long) pid); /* Parent falls through to here */ sleep(1); /* Give child time to change its hostname */ /* Display hostname in parent's UTS namespace. This will be * different from hostname in child's UTS namespace. */ if (uname(&uts) == -1) errExit("uname"); printf("uts.nodename in parent: %s\n", uts.nodename); if (waitpid(pid, NULL, 0) == -1) /* Wait for child */ errExit("waitpid"); printf("child has terminated\n"); exit(EXIT_SUCCESS); } --m1UC1K4AOz1Ywdkx Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename=clone_strace 10416 execve("./a.out", ["./a.out", "hello_world"], [/* 18 vars */]) = 0 10416 brk(0) = 0x411000 10416 faccessat(AT_FDCWD, "/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) 10416 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa049e000 10416 faccessat(AT_FDCWD, "/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) 10416 openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 10416 fstat(3, {st_mode=S_IFREG|0644, st_size=22634, ...}) = 0 10416 mmap(NULL, 22634, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fa0498000 10416 close(3) = 0 10416 faccessat(AT_FDCWD, "/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) 10416 openat(AT_FDCWD, "/lib/aarch64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 10416 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\267\0\1\0\0\0\250\16\2\0\0\0\0\0"..., 832) = 832 10416 fstat(3, {st_mode=S_IFREG|0755, st_size=1287872, ...}) = 0 10416 mmap(NULL, 1360760, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fa032a000 10416 mprotect(0x7fa045d000, 65536, PROT_NONE) = 0 10416 mmap(0x7fa046d000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x133000) = 0x7fa046d000 10416 mmap(0x7fa0473000, 13176, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fa0473000 10416 close(3) = 0 10416 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0497000 10416 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0496000 10416 mprotect(0x7fa046d000, 16384, PROT_READ) = 0 10416 mprotect(0x7fa04a2000, 4096, PROT_READ) = 0 10416 munmap(0x7fa0498000, 22634) = 0 10416 mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0229000 10416 clone(child_stack=0x7fa0329000, flags=CLONE_NEWUTS|SIGCHLD) = -1 EPERM (Operation not permitted) 10416 dup(2) = 3 10416 fcntl(3, F_GETFL) = 0x20002 (flags O_RDWR|0x20000) 10416 brk(0) = 0x411000 10416 brk(0x432000) = 0x432000 10416 fstat(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0 10416 mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0219000 10416 lseek(3, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) 10416 write(3, "clone: Operation not permitted\n", 31) = 31 10416 close(3) = 0 10416 munmap(0x7fa0219000, 65536) = 0 10416 exit_group(1) = ? 10416 +++ exited with 1 +++ --m1UC1K4AOz1Ywdkx-- --GdbWtwDHkcXqP16f Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJXe6f8AAoJEPTB05F+rO6TBiIP/03kU/hPSG6yf7agufOrX6qj jNR72JiT2z2+wPjC8zZB0NIjPnBpcZyWDnUL56JzJCUwm4BXA5JVLsTkSfLwvVxU K7VDkOoIluBLCub8XX8jNEXD4qIfNvWg7jUYmUNg3YKVMHrKG8vdWLcxutyKX9ZF xEnmsKWNb6YLAucVy0mGaDkAcWIIswx6TH/VkU7Io117lbgGpZdQ5kyj0xMBTFnK KxCO1F/VYEnBntTkzai2CahYMvMhc85gVaGr3lcycqaWDlBu3pD8CKXJDGCtzQ56 z1MY8xf9MkqVzl11RuPnejWKZcmwUHkU5DB9k/8l1ArUYZjdteOn3FyPnCXrExS1 W+Xh4AdxXOKUs+P1aSk35rpD+Nxg9r8ZelqwIOu1JI40zjy5q7sknM+zDuL7BmjD UbajPxyie0nLLiMR4qA7mQAtwKJkk2/+wG4SC2hLveNBa1EBBqdynow/tMk1fDfz ss+MnIAZTpIVydgDFbRVHGnlg1LRJDnaQIF5YPxc/sl0Kw0tXgymucI3HkvMT1o0 O+/dtcyavcPYCVb+umdFo5+C98wYjbc9B8iNZRbj0YfrwF8SSryfIsI0gKWja+rs JGxkWX+Md0W9qhXqp2Pnpjsr7q5BX7O1UnX0reMCFwj2S8AIVt+/IueYEbC4HmP2 Wb/CWAwikQ82QcLFN3hq =YbN7 -----END PGP SIGNATURE----- --GdbWtwDHkcXqP16f--