On Tue, Jul 05, 2016 at 10:45:51AM +0200, Ludovic Courtès wrote: > Efraim Flashner <efr...@flashner.co.il> skribis: > > > On Mon, Jul 04, 2016 at 03:37:12PM +0200, Ludovic Courtès wrote: > >> Hi! > > If the kernel config corresponds to this kernel, I don’t see which of > the other EINVAL reasons given in clone(2) would apply. Does ‘dmesg’ > show something? > > Could you maybe try a C program that invokes clone(2) and progressively > remove CLONE_ flags until you find the one that’s causing EINVAL? > > Thanks, > Ludo’.
I grabbed the code from man 2 clone and ran that on the odroid, which told me "clone: Operation not permitted" -- Efraim Flashner <efr...@flashner.co.il> אפרים פלשנר GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted
#define _GNU_SOURCE #include <sys/wait.h> #include <sys/utsname.h> #include <sched.h> #include <string.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> #define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \ } while (0) static int /* Start function for cloned child */ childFunc(void *arg) { struct utsname uts; /* Change hostname in UTS namespace of child */ if (sethostname(arg, strlen(arg)) == -1) errExit("sethostname"); /* Retrieve and display hostname */ if (uname(&uts) == -1) errExit("uname"); printf("uts.nodename in child: %s\n", uts.nodename); /* Keep the namespace open for a while, by sleeping. * This allows some experimentation--for example, another * process might join the namespace. */ sleep(200); return 0; /* Child terminates now */ } #define STACK_SIZE (1024 * 1024) /* Stack size for cloned child */ int main(int argc, char *argv[]) { char *stack; /* Start of stack buffer */ char *stackTop; /* End of stack buffer */ pid_t pid; struct utsname uts; if (argc < 2) { fprintf(stderr, "Usage: %s <child-hostname>\n", argv[0]); exit(EXIT_SUCCESS); } /* Allocate stack for child */ stack = malloc(STACK_SIZE); if (stack == NULL) errExit("malloc"); stackTop = stack + STACK_SIZE; /* Assume stack grows downward */ /* Create child that has its own UTS namespace; * child commences execution in childFunc() */ pid = clone(childFunc, stackTop, CLONE_NEWUTS | SIGCHLD, argv[1]); if (pid == -1) errExit("clone"); printf("clone() returned %ld\n", (long) pid); /* Parent falls through to here */ sleep(1); /* Give child time to change its hostname */ /* Display hostname in parent's UTS namespace. This will be * different from hostname in child's UTS namespace. */ if (uname(&uts) == -1) errExit("uname"); printf("uts.nodename in parent: %s\n", uts.nodename); if (waitpid(pid, NULL, 0) == -1) /* Wait for child */ errExit("waitpid"); printf("child has terminated\n"); exit(EXIT_SUCCESS); }
10416 execve("./a.out", ["./a.out", "hello_world"], [/* 18 vars */]) = 0 10416 brk(0) = 0x411000 10416 faccessat(AT_FDCWD, "/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) 10416 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa049e000 10416 faccessat(AT_FDCWD, "/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) 10416 openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 10416 fstat(3, {st_mode=S_IFREG|0644, st_size=22634, ...}) = 0 10416 mmap(NULL, 22634, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fa0498000 10416 close(3) = 0 10416 faccessat(AT_FDCWD, "/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) 10416 openat(AT_FDCWD, "/lib/aarch64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 10416 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\267\0\1\0\0\0\250\16\2\0\0\0\0\0"..., 832) = 832 10416 fstat(3, {st_mode=S_IFREG|0755, st_size=1287872, ...}) = 0 10416 mmap(NULL, 1360760, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fa032a000 10416 mprotect(0x7fa045d000, 65536, PROT_NONE) = 0 10416 mmap(0x7fa046d000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x133000) = 0x7fa046d000 10416 mmap(0x7fa0473000, 13176, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fa0473000 10416 close(3) = 0 10416 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0497000 10416 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0496000 10416 mprotect(0x7fa046d000, 16384, PROT_READ) = 0 10416 mprotect(0x7fa04a2000, 4096, PROT_READ) = 0 10416 munmap(0x7fa0498000, 22634) = 0 10416 mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0229000 10416 clone(child_stack=0x7fa0329000, flags=CLONE_NEWUTS|SIGCHLD) = -1 EPERM (Operation not permitted) 10416 dup(2) = 3 10416 fcntl(3, F_GETFL) = 0x20002 (flags O_RDWR|0x20000) 10416 brk(0) = 0x411000 10416 brk(0x432000) = 0x432000 10416 fstat(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0 10416 mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0219000 10416 lseek(3, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) 10416 write(3, "clone: Operation not permitted\n", 31) = 31 10416 close(3) = 0 10416 munmap(0x7fa0219000, 65536) = 0 10416 exit_group(1) = ? 10416 +++ exited with 1 +++
signature.asc
Description: PGP signature