Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libcontainer/userns: simplify, and separate from "user" package. #2868

Merged
merged 1 commit into from
Sep 4, 2023
Merged

libcontainer/userns: simplify, and separate from "user" package. #2868

merged 1 commit into from
Sep 4, 2023

Conversation

thaJeztah
Copy link
Member

@thaJeztah thaJeztah commented Mar 22, 2021
edited
Loading

follow-up to #2850 (only last commit is new) merged

This makes libcontainer/userns self-dependent, largely returning to the original implementation from lxc. The uiMapInUserNS is kept as a separate function for unit-testing and fuzzing.

@thaJeztah thaJeztah mentioned this pull request Mar 22, 2021
Merged
@thaJeztah thaJeztah force-pushed the userns_simplify branch 2 times, most recently from 7bd6133 to 36a717a Compare April 8, 2021 17:24
@thaJeztah thaJeztah marked this pull request as ready for review April 8, 2021 17:25
flouthoc
flouthoc suggested changes Apr 9, 2021
View reviewed changes
libcontainer/userns/userns_linux.go Outdated Show resolved Hide resolved
@kolyshkin
Copy link
Contributor

centos7 failure is a flake; filed #2907

CI restarted.

@thaJeztah
Copy link
Member Author

Looks like it passed this time ✅

@thaJeztah thaJeztah force-pushed the userns_simplify branch 2 times, most recently from cfc5f86 to ad6c041 Compare April 14, 2021 19:09
@thaJeztah
Copy link
Member Author

Ok, rebase fixed that; all ✅ again 😅

@kolyshkin kolyshkin added the kind/refactor refactoring label Apr 21, 2021
@kolyshkin
Copy link
Contributor

LGTM overall, left a single nit about ignoring error from Sscanf (not super important)

thaJeztah
thaJeztah commented Apr 22, 2021
View reviewed changes
libcontainer/userns/userns_linux.go Outdated
Comment on lines 33 to 48
if len(uidmap) == 1 && uidmap[0].ID == 0 && uidmap[0].ParentID == 0 && uidmap[0].Count == 4294967295 {
if err == nil && a == 0 && b == 0 && c == 4294967295 {
return false
}
return true
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Made this change per suggestion in #2868 (comment)

Looking at the logic now, I'm wondering if return true is "correct" if we have an error; is it ok to assume that we are in userns if we receive an error, or should we assume the reverse?

I guess if this file is not parsable, it means things are non-functional anyway, so perhaps not an issue (but looking from the other perspective; if the file-mapping is not-parsable, we likely won't be able to be using user-namespaces, in which case false would make more sense)

@AkihiroSuda @kolyshkin wdyt?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternative would be:

func uidMapInUserNS(uidMap string) bool {
	var a, b, c int64
	_, err := fmt.Sscanf(uidMap, "%d %d %d", &a, &b, &c)
	if err != nil {
		return false
	}

	/*
	 * We assume we are in the initial user namespace if we have a full
	 * range - 4294967295 uids starting at uid 0.
	 */
	if a == 0 && b == 0 && c == 4294967295 {
		return false
	}
	return true
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One other way would be to panic() if we can't parse this. That is too radical I think.

As to whether return true or false in case we're not sure, I'd say emit a warning and return false as e.g. cgroups/fs drivers use true to skip devices setting, and we don't want that.

So I like your last version, which can be further simplified by doing

initns := a == 0 && b == 0 && c == 4294967295
return !initns

I'd also replace the comment ("We assume we are ...") with a reference to user_namespaces(7):

// As per user_namespaces(7), /proc/self/uid_map of
// the initial user namespace shows 0 0 4294967295.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I think in lxc, they don't check uidMap == "", so they return true when got an EOF error.
But we checked this, so return false is correct, I think it will never happen.

@thaJeztah thaJeztah force-pushed the userns_simplify branch 4 times, most recently from 6914ea0 to e1eb92b Compare June 4, 2021 16:05
@thaJeztah
Copy link
Member Author

@kolyshkin updated per your suggestions, PTAL

@thaJeztah
Copy link
Member Author

rebased to get a fresh run of CI

@kolyshkin
Copy link
Contributor

@thaJeztah this needs another rebase because of a recent regression

@thaJeztah
Copy link
Member Author

👍 rebased to trigger CI again

@thaJeztah
Copy link
Member Author

rebased again; @kolyshkin @AkihiroSuda PTAL

@thaJeztah
Copy link
Member Author

@kolyshkin @AkihiroSuda PTAL

@thaJeztah thaJeztah mentioned this pull request Aug 29, 2023
Draft
kolyshkin
kolyshkin approved these changes Aug 30, 2023
View reviewed changes
Copy link
Contributor

@kolyshkin kolyshkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

lifubang
lifubang reviewed Aug 31, 2023
View reviewed changes
libcontainer/userns/userns_linux.go Outdated
@@ -12,26 +13,42 @@ var (
)

// runningInUserNS detects whether we are currently running in a user namespace.
// Originally copied from github.com/lxc/lxd/shared/util.go
// Originally copied from github.com/lxc/lxd/shared/util.go.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This link is gone now. Now it's in here: https://github.com/lxc/incus/blob/main/shared/util.go#L678-L700

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thx; updated to use a permalink

@kolyshkin kolyshkin mentioned this pull request Sep 1, 2023
Open
@thaJeztah
libcontainer/userns: simplify, and separate from "user" package.
d8e9ed3 
This makes libcontainer/userns self-dependent, largely returning to
the original implementation from lxc. The `uiMapInUserNS` is kept as
a separate function for unit-testing and fuzzing.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Copy link
Member Author

@kolyshkin @lifubang good to go?

@AkihiroSuda AkihiroSuda merged commit a0466dd into opencontainers:main Sep 4, 2023
36 checks passed
@thaJeztah thaJeztah deleted the userns_simplify branch September 4, 2023 14:25
@AkihiroSuda
Copy link
Member

@thaJeztah
Maybe we have discussed before, but maybe we can consider moving this to https://github.com/moby/sys ?

@thaJeztah
Copy link
Member Author

@AkihiroSuda hm.. good one, not sure if we discussed that option. I know containerd has similar code (could've been a fork of this package?)

But now that containerd already depends on moby/sys/user, perhaps it would make sense to move it; if we do, we should probably check if containerd has fixes/changes that we want to integrate (and vice-versa).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lifubang lifubang lifubang left review comments

@flouthoc flouthoc flouthoc requested changes

@kolyshkin kolyshkin kolyshkin approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees
No one assigned
Labels
kind/refactor refactoring status/2-code-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@thaJeztah @kolyshkin @AkihiroSuda @lifubang @flouthoc