Le 30/01/2016 23:26, Laurent Vivier a écrit : > Since commit: > e36800c linux-user: add signalfd/signalfd4 syscalls > > It is now possible to register handlers to a file descriptor > to translate a data stream transiting by this file descriptor. > > We can now decode netlink information coming from the guest > and inject a translated one into the host, and vice-versa. > > This series is an "RFC" because it works (we can boot a > container using systemd and use iproute tools) but some > problems remain. > > Some results (x86_64 host) with some guests: > > * ppc: it can boot a debian 8.2/8.3 (Jessie) LXC container > and networking works fine (dhcp and "apt-get upgrade"). > > "ip link" generates some traces in the kernel log: > "netlink: 8 bytes leftover after parsing attributes in process `ip'." > > * ppc64: it can boot a fedora 21 LXC container. > > Some issues with dhclient and "dnf update" > (-> Invalid instruction, can be caused by a memory corruption done > by netlink calls).
Some more investigation here: This is in fact a bug in TCG interpreter which not supports "Multiply and add" instructions (in this case: "evmheumiaaw"). > > "ip link" generates some traces in the kernel log: > "netlink: 8 bytes leftover after parsing attributes in process `ip'." > > * ppc64le: Debian 8.3 (Jessie) works fine. > > * sh4: container doesn't work but 'ip' in a chroot works well. > > * arm: Raspbian 8.3 (Jessie) works fine. > > * s390x: container Debian 8.1 boots well, but "apt-get" hangs on > networking (name resolution?). The process is waiting on a netlink recvmsg() while the netlink sequence is normally over (NLMSG_DONE). It's easily reproducible with "wget http://ftp.debian.org";. sudo strace -xs 256 chroot /var/lib/lxc/virts390x-stable/rootfs wget http://ftp.debian.org ... socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4 bind(4, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 getsockname(4, {sa_family=AF_NETLINK, pid=12742, groups=00000000}, [12]) = 0 gettimeofday({1454840149, 833039}, NULL) = 0 sendto(4, "\x14\x00\x00\x00\x16\x00\x01\x03\x55\x19\xb7\x56\x00\x00\x00\x00\x00\x00\x00\x00", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 recvmsg(4, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\x4c\x00\x00\x00\x14\x00\x02\x00\x55\x19\xb7\x56\xc6\x31\x00\x00\x02\x08\x80\xfe\x01\x00\x00\x00\x08\x00\x01\x00\x7f\x00\x00\x01\x08\x00\x02\x00\x7f\x00\x00\x01\x07\x00\x03\x00\x6c\x6f\x00\x00\x08\x00\x08\x00\x80\x00\x00\x00\x14\x00\x06\x00\xff\xff\xff\xff\xff\xff\xff\xff\x4c\x00\x00\x00\x4c\x00\x00\x00\x58\x00\x00\x00\x14\x00\x02\x00\x55\x19\xb7\x56\xc6\x31\x00\x00\x02\x18\x00\x00\x02\x00\x00\x00\x08\x00\x01\x00\xc0\xa8\x64\x01\x08\x00\x02\x00\xc0\xa8\x64\x01\x08\x00\x04\x00\xc0\xa8\x64\xff\x09\x00\x03\x00\x65\x6e\x6f\x31\x00\x00\x00\x00\x08\x00\x08\x00\x00\x00\x00\x00\x14\x00\x06\x00\x33\x4b\x00\x00\x33\x4b\x00\x00\x25\x0b\x00\x00\xa1\x37\xf9\x02\x58\x00\x00\x00\x14\x00\x02\x00\x55\x19\xb7\x56\xc6\x31\x00\x00\x02\x18\x80\x00\x03\x00\x00\x00\x08\x00\x01\x00\xc0\xa8\x7a\x01\x08\x00\x02\x00\xc0\xa8\x7a\x01\x08\x00\x04\x00\xc0\xa8\x7a\xff\x0b\x00\x03\x00\x76\x69\x72\x62\x72\x30\x00\x00\x08\x00\x08\x00\x80\x00\x00\x00\x14\x00\x06\x00\xff\xff\xff\xff\xff\xff\xff\xff\x04\x0d\ x00\x00\x04\x0d\x00\x00", 4096}], msg_controllen=0, msg_flags=0}, 0) = 252 recvmsg(4, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\x48\x00\x00\x00\x14\x00\x02\x00\x55\x19\xb7\x56\xc6\x31\x00\x00\x0a\x80\x80\xfe\x01\x00\x00\x00\x14\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x14\x00\x06\x00\xff\xff\xff\xff\xff\xff\xff\xff\x4c\x00\x00\x00\x4c\x00\x00\x00\x08\x00\x08\x00\x80\x00\x00\x00\x48\x00\x00\x00\x14\x00\x02\x00\x55\x19\xb7\x56\xc6\x31\x00\x00\x0a\x40\x00\x00\x02\x00\x00\x00\x14\x00\x01\x00\x2a\x01\x0e\x34\xee\xee\x52\x40\x12\xc3\x7b\xff\xfe\x6b\x9a\x76\x14\x00\x06\x00\x9a\x4f\x01\x00\x9a\x4f\x01\x00\xb8\x0b\x00\x00\xec\x04\x1d\x03\x08\x00\x08\x00\x00\x02\x00\x00\x48\x00\x00\x00\x14\x00\x02\x00\x55\x19\xb7\x56\xc6\x31\x00\x00\x0a\x40\x80\xfd\x02\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x12\xc3\x7b\xff\xfe\x6b\x9a\x76\x14\x00\x06\x00\xff\xff\xff\xff\xff\xff\xff\xff\x0a\x0b\x00\x00\xec\x04\x1d\x03\x08\x00\x08\x00\x80\x00\x00\x00", 4096}], msg_controllen=0, msg_flags=0}, 0) = 216 recvmsg(4, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\x14\x00\x00\x00\x03\x00\x02\x00\x55\x19\xb7\x56\xc6\x31\x00\x00\x00\x00\x00\x00", 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 recvmsg(4, [HANGS here] Last message: \x14\x00\x00\00 is a size 20 message \x03\x00 is a NLMSG_DONE id \x02\x00 flags (NLM_F_MULTI) \x55\x19\xb7\x56 sequence number \xc6\x31\x00\x00 process id > "ip link" generates some traces in the kernel log: > "netlink: 8 bytes leftover after parsing attributes in process `ip'." > > Laurent Vivier (3): > linux-user: add rtnetlink(7) support > linux-user: support netlink protocol NETLINK_KOBJECT_UEVENT > linux-user: add netlink audit > > linux-user/syscall.c | 537 > ++++++++++++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 531 insertions(+), 6 deletions(-) >
