On Tue, Jul 05, 2016 at 10:45:51AM +0200, Ludovic Courtès wrote: > Efraim Flashner <efr...@flashner.co.il> skribis: > > > On Mon, Jul 04, 2016 at 03:37:12PM +0200, Ludovic Courtès wrote: > >> Hi! > > If the kernel config corresponds to this kernel, I don’t see which of > the other EINVAL reasons given in clone(2) would apply. Does ‘dmesg’ > show something? > > Could you maybe try a C program that invokes clone(2) and progressively > remove CLONE_ flags until you find the one that’s causing EINVAL? > > Thanks, > Ludo’.
I grabbed the code from man 2 clone and ran that on the odroid, which told me "clone: Operation not permitted" -- Efraim Flashner <efr...@flashner.co.il> אפרים פלשנר GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted
#define _GNU_SOURCE
#include <sys/wait.h>
#include <sys/utsname.h>
#include <sched.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \
} while (0)
static int /* Start function for cloned child */
childFunc(void *arg)
{
struct utsname uts;
/* Change hostname in UTS namespace of
child */
if (sethostname(arg, strlen(arg)) == -1)
errExit("sethostname");
/* Retrieve and display
hostname */
if (uname(&uts) == -1)
errExit("uname");
printf("uts.nodename
in child: %s\n", uts.nodename);
/* Keep
the namespace open for a while, by sleeping.
*
This allows some experimentation--for example, another
*
process might join the namespace. */
sleep(200);
return 0; /* Child terminates now */
}
#define STACK_SIZE (1024 * 1024) /* Stack size for cloned child */
int
main(int argc, char *argv[])
{
char *stack; /* Start of stack
buffer */
char *stackTop; /* End of
stack buffer */
pid_t pid;
struct utsname uts;
if (argc
< 2) {
fprintf(stderr, "Usage: %s <child-hostname>\n", argv[0]);
exit(EXIT_SUCCESS);
}
/* Allocate stack for child */
stack = malloc(STACK_SIZE);
if (stack == NULL)
errExit("malloc");
stackTop = stack + STACK_SIZE; /* Assume stack grows
downward */
/* Create child that has its own UTS
namespace;
* child commences execution in
childFunc() */
pid = clone(childFunc, stackTop, CLONE_NEWUTS
| SIGCHLD, argv[1]);
if (pid == -1)
errExit("clone");
printf("clone()
returned %ld\n", (long) pid);
/* Parent
falls through to here */
sleep(1);
/* Give child time to change its hostname */
/* Display hostname in parent's UTS namespace. This will be
* different from hostname in child's UTS namespace. */
if (uname(&uts) == -1)
errExit("uname");
printf("uts.nodename in parent: %s\n", uts.nodename);
if (waitpid(pid, NULL, 0) == -1) /* Wait for child */
errExit("waitpid");
printf("child has terminated\n");
exit(EXIT_SUCCESS);
}
10416 execve("./a.out", ["./a.out", "hello_world"], [/* 18 vars */]) = 0
10416 brk(0) = 0x411000
10416 faccessat(AT_FDCWD, "/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file
or directory)
10416 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7fa049e000
10416 faccessat(AT_FDCWD, "/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file
or directory)
10416 openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
10416 fstat(3, {st_mode=S_IFREG|0644, st_size=22634, ...}) = 0
10416 mmap(NULL, 22634, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fa0498000
10416 close(3) = 0
10416 faccessat(AT_FDCWD, "/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file
or directory)
10416 openat(AT_FDCWD, "/lib/aarch64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC)
= 3
10416 read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\267\0\1\0\0\0\250\16\2\0\0\0\0\0"..., 832)
= 832
10416 fstat(3, {st_mode=S_IFREG|0755, st_size=1287872, ...}) = 0
10416 mmap(NULL, 1360760, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0x7fa032a000
10416 mprotect(0x7fa045d000, 65536, PROT_NONE) = 0
10416 mmap(0x7fa046d000, 24576, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x133000) = 0x7fa046d000
10416 mmap(0x7fa0473000, 13176, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fa0473000
10416 close(3) = 0
10416 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7fa0497000
10416 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7fa0496000
10416 mprotect(0x7fa046d000, 16384, PROT_READ) = 0
10416 mprotect(0x7fa04a2000, 4096, PROT_READ) = 0
10416 munmap(0x7fa0498000, 22634) = 0
10416 mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x7fa0229000
10416 clone(child_stack=0x7fa0329000, flags=CLONE_NEWUTS|SIGCHLD) = -1 EPERM
(Operation not permitted)
10416 dup(2) = 3
10416 fcntl(3, F_GETFL) = 0x20002 (flags O_RDWR|0x20000)
10416 brk(0) = 0x411000
10416 brk(0x432000) = 0x432000
10416 fstat(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0
10416 mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7fa0219000
10416 lseek(3, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek)
10416 write(3, "clone: Operation not permitted\n", 31) = 31
10416 close(3) = 0
10416 munmap(0x7fa0219000, 65536) = 0
10416 exit_group(1) = ?
10416 +++ exited with 1 +++
signature.asc
Description: PGP signature
