From: Kornilios Kourtis <kornilios@gmail.com>
Date: Thu, 15 Aug 2024 15:22:35 +0000 (+0200)
Subject: process-util: handle pidfd_spawn() returning E2BIG
X-Git-Tag: v257-rc1~671
X-Git-Url: http://git-history.diyao.me/?a=commitdiff_plain;h=7ac58157ca67ab001307f1fd72e0cc7c0c4e846a;p=systemd%2F.git

process-util: handle pidfd_spawn() returning E2BIG

In some kernels (specifically, 5.4) even though the clone3 syscall is
supported, setting CLONE_INTO_CGROUP is not. The error message returned
in this case is E2BIG.

If posix_spawn_wrapper encounters this error, it does not retry, and
cannot spawn any programs in said kernels.

This commit adds a check for the E2BIG error and retries pidfd_spawn()
without the POSIX_SPAWN_SETCGROUP flag.

If we encounter an E2BIG error, and the pidfd_spawn() succeeds after
removing the POSIX_SPAWN_SETCGROUP flag, then we cache the result so
that we do not retry every time.

Originally, this issue was reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077204.

Signed-off-by: Kornilios Kourtis <kornilios@gmail.com>
---

diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index e5dbd6f72d..a247b5a0b2 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -2059,9 +2059,10 @@ int posix_spawn_wrapper(
         _unused_ _cleanup_(posix_spawnattr_destroyp) posix_spawnattr_t *attr_destructor = &attr;
 
 #if HAVE_PIDFD_SPAWN
+        static bool setcgroup_supported = true;
         _cleanup_close_ int cgroup_fd = -EBADF;
 
-        if (cgroup) {
+        if (cgroup && setcgroup_supported) {
                 _cleanup_free_ char *resolved_cgroup = NULL;
 
                 r = cg_get_path_and_check(
@@ -2095,6 +2096,19 @@ int posix_spawn_wrapper(
         _cleanup_close_ int pidfd = -EBADF;
 
         r = pidfd_spawn(&pidfd, path, NULL, &attr, argv, envp);
+        if (r == E2BIG && FLAGS_SET(flags, POSIX_SPAWN_SETCGROUP)) {
+                /* Some kernels (e.g., 5.4) support clone3 but they do not support CLONE_INTO_CGROUP.
+                 * Retry pidfd_spawn() after removing the flag. */
+                flags &= ~POSIX_SPAWN_SETCGROUP;
+                r = posix_spawnattr_setflags(&attr, flags);
+                if (r != 0)
+                        return -r;
+                r = pidfd_spawn(&pidfd, path, NULL, &attr, argv, envp);
+                /* if pidfd_spawn was successful after removing SPAWN_CGROUP,
+                 * mark setcgroup_supported as false so that we do not retry every time */
+                if (r == 0)
+                        setcgroup_supported = false;
+        }
         if (r == 0) {
                 r = pidref_set_pidfd_consume(ret_pidref, TAKE_FD(pidfd));
                 if (r < 0)
@@ -2113,10 +2127,12 @@ int posix_spawn_wrapper(
 
         /* Compiled on a newer host, or seccomp&friends blocking clone3()? Fallback, but need to change the
          * flags to remove the cgroup one, which is what redirects to clone3() */
-        flags &= ~POSIX_SPAWN_SETCGROUP;
-        r = posix_spawnattr_setflags(&attr, flags);
-        if (r != 0)
-                return -r;
+        if (FLAGS_SET(flags, POSIX_SPAWN_SETCGROUP)) {
+                flags &= ~POSIX_SPAWN_SETCGROUP;
+                r = posix_spawnattr_setflags(&attr, flags);
+                if (r != 0)
+                        return -r;
+        }
 #endif
 
         pid_t pid;