Unfortunately the patch itself doesn't apply to lxc in meta-virt master or dunfell.
I did bump the version in master, since that change is already included. But for dunfell, you'll need to do a new patch that applies to the source: NOTE: Executing Tasks ERROR: lxc-4.0.6-r0 do_patch: Command Error: 'quilt --quiltrc /opt/bruce/poky-dunfell/build/tmp/work/mips32r2-poky-linux/lxc/4.0.6-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output: Applying patch lxc_remove_CLONE_PIDFD_support.patch patching file src/lxc/start.c Hunk #1 FAILED at 1714. 1 out of 1 hunk FAILED -- rejects in file src/lxc/start.c Patch lxc_remove_CLONE_PIDFD_support.patch does not apply (enforce with -f) ERROR: Logfile of failure stored in: /opt/bruce/poky-dunfell/build/tmp/work/mips32r2-poky-linux/lxc/4.0.6-r0/temp/log.do_patch.1248727 ERROR: Task (/opt/bruce/poky-dunfell/meta-virtualization/recipes-containers/lxc/lxc_4.0.6.bb:do_patch) failed with exit code '1' Cheers, Bruce On Fri, Jul 9, 2021 at 3:45 AM Saloni Jain <[email protected]> wrote: > > From: "Saloni.Jain" <[email protected]> > > It doesn't work with kernels older than 5.2. > > https://man7.org/linux/man-pages/man2/clone.2.html > > " CLONE_PIDFD (since Linux 5.2)" > > Fix lxc container startup error: > > clone3({flags=CLONE_PIDFD|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID|0x200000000, > pidfd=0x55904a09a0, exit_signal=SIGCHLD, stack=NULL, stack_size=0, /* bytes > 80..87 */ "\x17\x00\x00\x00\x00\x00\x00\x00"}, 88) = -1 ENOSYS (Function not > implemented) > clone3({flags=CLONE_PIDFD|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID, > pidfd=0x55904a09a0, exit_signal=SIGCHLD, stack=NULL, stack_size=0}, 64) = -1 > ENOSYS (Function not implemented) > clone(child_stack=NULL, > flags=CLONE_PIDFD|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID|SIGCHLD, > parent_tid=0x55904a09a0) = -1 EINVAL (Invalid argument) > > Reported-by: Ondrej Kubik <[email protected]> > Signed-off-by: Christian Brauner <[email protected]> > Signed-off-by: Saloni Jain <[email protected]> > --- > .../lxc_remove_CLONE_PIDFD_support.patch | 56 +++++++++++++++++++ > recipes-containers/lxc/lxc_4.0.6.bb | 1 + > 2 files changed, 57 insertions(+) > create mode 100644 > recipes-containers/lxc/files/lxc_remove_CLONE_PIDFD_support.patch > > diff --git > a/recipes-containers/lxc/files/lxc_remove_CLONE_PIDFD_support.patch > b/recipes-containers/lxc/files/lxc_remove_CLONE_PIDFD_support.patch > new file mode 100644 > index 0000000..9da1757 > --- /dev/null > +++ b/recipes-containers/lxc/files/lxc_remove_CLONE_PIDFD_support.patch > @@ -0,0 +1,56 @@ > +commit c07b6837e30b8d969060ce7d3f95a30abec637de > +Author: Christian Brauner <[email protected]> > +Date: Fri Mar 5 19:50:28 2021 +0100 > + > + > +start: handle CLONE_PIDFD on arm64 > + > +It doesn't work with kernels older than 5.2. > + > +https://man7.org/linux/man-pages/man2/clone.2.html > + > +" CLONE_PIDFD (since Linux 5.2)" > + > +Fix lxc container startup error: > + > +clone3({flags=CLONE_PIDFD|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID|0x200000000, > pidfd=0x55904a09a0, exit_signal=SIGCHLD, stack=NULL, stack_size=0, /* bytes > 80..87 */ "\x17\x00\x00\x00\x00\x00\x00\x00"}, 88) = -1 ENOSYS (Function not > implemented) > +clone3({flags=CLONE_PIDFD|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID, > pidfd=0x55904a09a0, exit_signal=SIGCHLD, stack=NULL, stack_size=0}, 64) = -1 > ENOSYS (Function not implemented) > +clone(child_stack=NULL, > flags=CLONE_PIDFD|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID|SIGCHLD, > parent_tid=0x55904a09a0) = -1 EINVAL (Invalid argument) > + > +Reported-by: Ondrej Kubik <[email protected]> > +Cc: stable-4.0 > +Signed-off-by: Christian Brauner <[email protected]> > +Signed-off-by: Saloni Jain <[email protected]> > +Upstream-Status: Pending > + > +diff --git a/src/lxc/start.c b/src/lxc/start.c > +index 301b81a..f2737a2 100644 > +--- a/src/lxc/start.c > ++++ b/src/lxc/start.c > +@@ -1714,7 +1714,26 @@ static int lxc_spawn(struct lxc_handler *handler) > + /* Kernel might be too old for clone3(). */ > + if (handler->pid < 0) { > + SYSTRACE("Failed to spawn container via clone3()"); > ++ > ++ /* > ++ * In contrast to all other architectures arm64 verifies that > ++ * the argument we use to retrieve the pidfd with is > ++ * initialized to 0. But we need to be able to initialize it > to > ++ * a negative value such as our customary -EBADF so we can > ++ * detect whether this kernel supports pidfds. If the syscall > ++ * returns and the pidfd variable is set to something >= 0 > then > ++ * we know this is a kernel supporting pidfds. But if we > can't > ++ * set it to -EBADF then this won't work since 0 is a valid > ++ * file descriptor too. And since legacy clone silently > ignores > ++ * unknown flags we are left without any way to detect > support > ++ * for pidfds. So let's special-case arm64 to not fail > starting > ++ * containers. > ++ */ > ++ #if defined(__aarch64__) > ++ handler->pid = > lxc_raw_legacy_clone(handler->clone_flags & ~CLONE_PIDFD, NULL); > ++ #else > + handler->pid = > lxc_raw_legacy_clone(handler->clone_flags, &handler->pidfd); > ++ #endif > + } > + > + if (handler->pid < 0) { > diff --git a/recipes-containers/lxc/lxc_4.0.6.bb > b/recipes-containers/lxc/lxc_4.0.6.bb > index c9bf3d0..105caa0 100644 > --- a/recipes-containers/lxc/lxc_4.0.6.bb > +++ b/recipes-containers/lxc/lxc_4.0.6.bb > @@ -51,6 +51,7 @@ SRC_URI = > "http://linuxcontainers.org/downloads/${BPN}/${BPN}-${PV}.tar.gz \ > file://lxc-net \ > file://configure-skip-libseccomp-tests-if-it-is-disabled.patch \ > file://commands-fix-check-for-seccomp-notify-support.patch \ > + file://lxc_remove_CLONE_PIDFD_support.patch \ > " > > SRC_URI[md5sum] = "732571c7cb4ab845068afb227bf35256" > -- > 2.17.1 > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#6636): https://lists.yoctoproject.org/g/meta-virtualization/message/6636 Mute This Topic: https://lists.yoctoproject.org/mt/84086910/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
