From mboxrd@z Thu Jan 1 00:00:00 1970 Received: by passt.top (Postfix, from userid 1000) id 919065A0269; Fri, 4 Nov 2022 02:53:28 +0100 (CET) From: Stefano Brivio To: passt-dev@passt.top Subject: [PATCH] pasta: Workaround: wait for execvp() to be done in child before entering netns Date: Fri, 4 Nov 2022 02:53:28 +0100 Message-Id: <20221104015328.3831630-1-sbrivio@redhat.com> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: QUQPOOXL4G4MEB2DLYS7JH2WL3ZIKLYV X-Message-ID-Hash: QUQPOOXL4G4MEB2DLYS7JH2WL3ZIKLYV X-MailFrom: sbrivio@passt.top X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: David Gibson X-Mailman-Version: 3.3.3 Precedence: list List-Id: Development discussion and patches for passt Archived-At: <> Archived-At: List-Archive: <> List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This happens about every third time on the two_guests/basic test, and on that test only: we clone() twice, first to spawn a child, then to spawn a thread to check that we can enter the target network namespace. In this thread, we open a file descriptor associated to the target namespace. It might happen that it doesn't exist yet: the kernel can legitimately take its time to create one, after clone(). In this case, at least on a 5.15 Linux kernel, trying to open that file again always yields EACCES, and we get stuck there. This only occurs if we spawn two instances of pasta very close together, as it's done in the two_guests/basic case. I couldn't figure out what the race condition is, yet, and especially if it's a kernel issue or something we're doing wrong. However, if we wait until the execvp() in the child is done, the issue disappears. I'm not sure yet if it's just because of timing and this is hiding an unrelated race condition. The workaround consists of checking /proc/PID/exe against our own. If it's different, that means execvp() already completed and we can proceed. It's rather ugly, but much better than the alternative. Leave a FIXME there for the moment being. Signed-off-by: Stefano Brivio --- pasta.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/pasta.c b/pasta.c index db86317..36072b2 100644 --- a/pasta.c +++ b/pasta.c @@ -81,9 +81,26 @@ void pasta_child_handler(int signal) */ static int pasta_wait_for_ns(void *arg) { + char ns_exe_link[PATH_MAX], ns[PATH_MAX]; struct ctx *c = (struct ctx *)arg; int flags = O_RDONLY | O_CLOEXEC; - char ns[PATH_MAX]; + char exe[PATH_MAX] = { 0 }; + + /* FIXME: Why do we have to wait until execvp() is done in the child? + * If we don't, and the first call to open() below returns ENOENT, any + * subsequent call to it returns EACCES, at least on Linux 5.15, even + * though the observed PID is correct, and another process can open that + * path, and call setns() on that. + */ + snprintf(ns_exe_link, PATH_MAX, "/proc/%i/exe", pasta_child_pid); + if (readlink("/proc/self/exe", exe, PATH_MAX - 1) != -1) { + char ns_exe[PATH_MAX] = { 0 }; + + do { + if (readlink(ns_exe_link, ns_exe, PATH_MAX - 1) == -1) + break; + } while (!strncmp(exe, ns_exe, PATH_MAX - 1)); + } snprintf(ns, PATH_MAX, "/proc/%i/ns/net", pasta_child_pid); do -- 2.35.1