On Wed, Jul 24, 2024 at 11:50:12PM +0200, Stefano Brivio wrote: > This used to work on my setup as I kept reusing an old mbuto > (initramfs) image, but since commit 65923ba79877 ("conf: Accept > duplicate and conflicting options, the last one wins"), --netns-only > is, as originally intended, a pasta-only option. > > I had used --netns-only, here, to prevent passt from trying to detach > its own user namespace, which is not permitted as we're in a chroot, > see unshare(2). In turn, we need the chroot because passt can't pivot > root directly into its own empty filesystem using an initramfs. > > Use switch_root into the tmpfs mountpoint instead of chroot, so that > we can still detach user namespaces. > > Note that in the mbuto images, we can't switch to nobody as we have > no password entries at all, so we need to detach a further user > namespace before starting passt, to trick passt into running as UID > 0. > > Given the new sequence, it's now more convenient to directly switch > to a detached network namespace as well, which means we need to move > the initialisation of the dummy network from the init script into the > test script. > > Reported-by: David Gibson > Signed-off-by: Stefano Brivio Excellent, I can run these tests again. Tested-by: David Gibson Reviewed-by: David Gibson > --- > test/memory/passt | 13 ++++++++++--- > test/passt.mem.mbuto | 9 +-------- > 2 files changed, 11 insertions(+), 11 deletions(-) > > diff --git a/test/memory/passt b/test/memory/passt > index 1193af8..bf78c8f 100644 > --- a/test/memory/passt > +++ b/test/memory/passt > @@ -44,7 +44,7 @@ endef > def start_stop_diff > guest sed /proc/slabinfo -ne 's/^\([^ ]* *[^ ]* *[^ ]* *[^ ]*\).*/\\\1/p' > /tmp/slabinfo.before > guest cat /proc/meminfo > /tmp/meminfo.before > -guest /bin/passt.avx2 -l /tmp/log -s /tmp/sock -P /tmp/pid __OPTS__ --netns-only > +guest /bin/passt.avx2 -l /tmp/log -s /tmp/sock -P /tmp/pid __OPTS__ > sleep 2 > guest cat /proc/meminfo > /tmp/meminfo.after > guest sed /proc/slabinfo -ne 's/^\([^ ]* *[^ ]* *[^ ]* *[^ ]*\).*/\\\1/p' > /tmp/slabinfo.after > @@ -78,9 +78,16 @@ guest mount -o bind /proc /test/proc > guest mount -o bind /dev /test/dev > guest cp -Lr /bin /lib /lib64 /usr /sbin /test/ > > +guest exec switch_root /test /bin/sh > + > guest ulimit -Hn 300000 > -guest unshare -rUm -R /test > -guest chroot . > +guest unshare -rUn > +guest ip link add eth0 type dummy > +guest ip link set eth0 up > +guest ip address add 192.0.2.2/24 dev eth0 > +guest ip address add 2001:db8::2/64 dev eth0 > +guest ip route add default via 192.0.2.1 > +guest ip -6 route add default via 2001:db8::1 dev eth0 > > guest meminfo_size() { grep "^$2:" $1 | tr -s ' ' | cut -f2 -d ' '; } > guest meminfo_diff() { echo $(( $(meminfo_size $2 $3) - $(meminfo_size $1 $3) )); } > diff --git a/test/passt.mem.mbuto b/test/passt.mem.mbuto > index 56f5139..532eae0 100755 > --- a/test/passt.mem.mbuto > +++ b/test/passt.mem.mbuto > @@ -12,7 +12,7 @@ > > PROGS="${PROGS:-ash,dash,bash chmod ip mount insmod mkdir ln cat chmod modprobe > grep mknod sed chown sleep bc ls ps mount unshare chroot cp kill diff > - head tail sort tr tee cut nm which}" > + head tail sort tr tee cut nm which switch_root}" > > KMODS="${KMODS:- dummy}" > > @@ -29,13 +29,6 @@ COPIES="${COPIES} ../passt.avx2,/bin/passt.avx2" > FIXUP="${FIXUP}"' > ln -s /bin /usr/bin > chmod 777 /tmp > -ip link add eth0 type dummy > -ip link set eth0 up > -ip address add 192.0.2.2/24 dev eth0 > -ip address add 2001:db8::2/64 dev eth0 > -ip route add default via 192.0.2.1 > -ip -6 route add default via 2001:db8::1 dev eth0 > -sleep 2 > sh +m > ' > -- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson