From: "Richard Purdie" <richard.purdie@linuxfoundation.org>
To: Hongxu Jia <hongxu.jia@windriver.com>,
openembedded-core@lists.openembedded.org, raj.khem@gmail.com
Subject: Re: [PATCH V3] glibc: fix create thread failed in old unprivileged docker
Date: Tue, 31 Aug 2021 21:11:09 +0100 [thread overview]
Message-ID: <95637a535b2c81de95c57e87de554386d265a066.camel@linuxfoundation.org> (raw)
In-Reply-To: <20210830022054.70867-1-hongxu.jia@windriver.com>
On Sun, 2021-08-29 at 19:20 -0700, Hongxu Jia wrote:
> # Changed in V3: add missing Upstream-Status tag
>
> Since upstream commit [d8ea0d0168 Add an internal wrapper for clone, clone2
> and clone3] applied, start a unprivileged container (docker run without
> --privileged), it creates a thread failed in container.
>
> In commit d8ea0d0168, it calls __clone3 if HAVE_CLONE3_WAPPER is defined. If
> __clone3 returns -1 with ENOSYS, fall back to clone or clone2.
>
> The newest docker has fixed the issue in commit [1], but it was applied
> only on master, to backward compatibility with old docker, discussed
> with glibc maintainer [2], explicitly disable clone3 wrapper work by removing
> macro definition of HAVE_CLONE3_WRAPPER
>
> [1] https://github.com/moby/moby/commit/9f6b562dd12ef7b1f9e2f8e6f2ab6477790a6594
> [2] https://sourceware.org/pipermail/libc-alpha/2021-August/130591.html
>
> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Just for reference, I'm going with v1 of this fix.
The reason is that I do want clone3 to work on target and I do want the wrapper
to be available. Falling back in the EPERM case is therefore easiest.
I did wonder about making the fix nativesdk specific however I decided that was
going to complicate upgrades and so on a bit too much. The v1 fix is simple
enough it can be used everywhere without too many side effects.
Cheers,
Richard
next prev parent reply other threads:[~2021-08-31 20:11 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <169FF34664D4ACC1.22970@lists.openembedded.org>
2021-08-30 2:20 ` [PATCH V3] glibc: fix create thread failed in old unprivileged docker hongxu
2021-08-31 20:11 ` Richard Purdie [this message]
2021-09-01 0:22 ` hongxu
[not found] ` <169FF42BF9440142.22970@lists.openembedded.org>
2021-08-31 1:36 ` Upgrade uninative to fix multiple native build failures " hongxu
2021-08-31 17:58 ` [OE-core] " Robert Berger
2021-08-31 18:18 ` Martin Jansa
2021-08-31 19:50 ` Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=95637a535b2c81de95c57e87de554386d265a066.camel@linuxfoundation.org \
--to=richard.purdie@linuxfoundation.org \
--cc=hongxu.jia@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=raj.khem@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox