Fix random "personality" corruption when linking against lxc 6#38
Merged
Fix random "personality" corruption when linking against lxc 6#38
Conversation
Member
|
@thomasjfox can you change your commit message to include the required See https://github.com/lxc/lxc/blob/main/CONTRIBUTING for details |
When using python3-lxc with liblxc from lxc 6.0.x, we could observe
random systemd startup failures on containers.
systemd will report this on startup when the corruption hit:
"Warning! Reported kernel version 2.6.74-300.fc42.x86_64 is older than systemd's required baseline kernel version 4.15. Your mileage may vary."
Some systemd services fail to start properly, including systemd-journald.
The root problem is that other lxc library code unexpectedly calls into
lxc_config_parse_arch() from python3-lxc instead of the function from liblxc.
The function signature of lxc_config_parse_arch() changed throughout the years
and the second "persona" pointer argument was added. The older python3-lxc copy
of the function would not initialize the provided memory location of "persona".
It will therefore contain a random value.
Additionally the symbol visibility of liblxc's lxc_config_parse_arch()
changed with this commit in lxc 6.0:
******************************************
commit 42eeffcb05c468fd7b3a90eeda4a3abe9f26844b
AuthorDate: Sun Feb 18 15:43:20 2024 +0100
confile: unhide lxc_config_parse_arch() helper
Looks safe enough to be available for liblxc users.
******************************************
This results in two symbols with the same name and
the python3-lxc symbol takes precedence.
Fix the issue by making the function static in python3-lxc,
so python3-lxc stays compatible with lxc 5.x and 6.x.
A future python3-lxc version might remove the local function
and use lxc_config_parse_arch() from liblxc 6.0 and later.
Side quest: Even though lxc 5.0 already has the "persona" function argument in
lxc_config_parse_arch() since 7c43fa56e70c65607f63dec8ff5a9682a3091ab2 (from 2021),
it is not affected since the symbol visibility is still hidden.
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
thomasjfox
force-pushed
the
fix-personality-corruption
branch
from
3eeec56 to
f8d5ddc
Compare
Contributor
Author
|
Additional minimized C reproducer code #include <lxc/lxccontainer.h>
#include <stdio.h>
#include <sys/wait.h>
#include <sched.h>
signed long lxc_config_parse_arch(const char *arch)
{
printf("Called wrong lxc_config_parse_arch\n");
return 0;
}
int main(void)
{
struct lxc_container *cont = lxc_container_new("c6", NULL);
cont->want_close_all_fds(cont, true);
cont->want_daemonize(cont, false);
cont->start(cont, 0, NULL);
printf("State: %s\n", cont->state(cont));
return 0;
}Compile with: Just start and stop the container a few times and the issue will trigger. Tested on a Fedora 42 host machine. |
Contributor
Author
fixed, thanks. I saw it was missing when the commit hook started complaining. :) |
Member
|
Thanks! |
Contributor
Author
|
Thanks for the quick merge. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When using python3-lxc with liblxc from lxc 6.0.x, we could observe random systemd startup failures on containers.
systemd will report this on startup when the corruption hit: "Warning! Reported kernel version 2.6.74-300.fc42.x86_64 is older than systemd's required baseline kernel version 4.15. Your mileage may vary."
Some systemd services fail to start properly, including systemd-journald.
The root problem is that other lxc library code unexpectedly calls into lxc_config_parse_arch() from python3-lxc instead of the function from liblxc.
The function signature of lxc_config_parse_arch() changed throughout the years and the second "persona" pointer argument was added. The older python3-lxc copy of the function would not initialize the provided memory location of "persona". It will therefore contain a random value.
Additionally the symbol visibility of liblxc's lxc_config_parse_arch() changed with this commit in lxc 6.0:
commit 42eeffcb05c468fd7b3a90eeda4a3abe9f26844b
AuthorDate: Sun Feb 18 15:43:20 2024 +0100
This results in two symbols with the same name and the python3-lxc symbol takes precedence.
Fix the issue by making the function static in python3-lxc, so python3-lxc stays compatible with lxc 5.x and 6.x.
A future python3-lxc version might remove the local function and use lxc_config_parse_arch() from liblxc 6.0 and later.
Side quest: Even though lxc 5.0 already has the "persona" function argument in lxc_config_parse_arch() since 7c43fa56e70c65607f63dec8ff5a9682a3091ab2 (from 2021), it is not affected since the symbol visibility is still hidden.