device jail doesn't seem to work in ToT |
|||||||||||
Issue descriptiontrying eve-kvm 65.0.3299.0 (10269.0.0) starting up a container logs like: 2017-12-06T08:54:43.553433-08:00 INFO kernel: [ 4954.937519] add_jail_device: assigned new index 0 (devt 251:0) 2017-12-06T08:54:43.553458-08:00 INFO kernel: [ 4954.937561] add_jail_device: initializing device jailed-189-28 2017-12-06T08:54:43.564237-08:00 WARNING device_jail_fs[24007]: udev is taking a while to initialize /dev/jailed-189-28 is that warning relevant ? looking in /run/djfs/bus/usb/, all the perms look OK: crw-rw----. 1 root chronos 250, 4 Jan 2 00:02 001 ...all my other usb devices with same perms... the perms on /dev/jailed-189-* are also 660 and root:chronos. but if i try to `cat /dev/bus/usb/001/...` files inside the container, i just get EACCES. the permission_broker log entries result in ALLOW for the nodes. can you reproduce ?
,
Jan 3 2018
as mentioned over chat, that particular timing aspect doesn't matter as i can launch a shell and have the same problem after waiting ~forever. the perms look fine, but `cat` never works. running adb outside of the container works fine. i'll check my samus.
,
Jan 4 2018
I think I was able to repro this on my cyan, so I'll start looking for what's up there.
,
Jan 4 2018
It doesn't seem specific to device_jail_fs. Trying to create device_jails with device_jail_utility also results in the same "udev is taking a while to initialize..." warning. I guess I'll have to bisect to figure out when this started happening.
,
Jan 31 2018
Did you get a chance to bisect this one?
,
Jan 31 2018
I didn't. I'll do it today. I'm not exactly sure how to proceed with this if it's a udev issue, though.
,
Feb 1 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/ded807e3150d4fdc16b37b674fe7f3faa0875759 commit ded807e3150d4fdc16b37b674fe7f3faa0875759 Author: Eric Caruso <ejcaruso@chromium.org> Date: Thu Feb 01 06:38:57 2018 permission_broker: fix wrong #define USE_DEVICE_JAIL was deprecated a long time ago. Change it to USE_CONTAINERS which we should actually be using now. BUG= chromium:798260 TEST=grab usb devices from vont Change-Id: I097932612894fae37aae3836acf5e18657236e4b Reviewed-on: https://chromium-review.googlesource.com/896113 Commit-Ready: Eric Caruso <ejcaruso@chromium.org> Tested-by: Eric Caruso <ejcaruso@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [modify] https://crrev.com/ded807e3150d4fdc16b37b674fe7f3faa0875759/permission_broker/permission_broker.cc
,
Feb 1 2018
Requesting merge for the CL in comment #7 to M65 and M64. If the feature in question fails to initialize, it does not affect anything else on the system, so it's extremely low-risk and it fixes a pretty major regression for the generic containers feature.
,
Feb 1 2018
This bug requires manual review: Request affecting a post-stable build Please contact the milestone owner if you have questions. Owners: cmasso@(Android), cmasso@(iOS), kbleicher@(ChromeOS), abdulsyed@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 2 2018
Your change meets the bar and is auto-approved for M65. Please go ahead and merge the CL to branch 3325 manually. Please contact milestone owner if you have questions. Owners: cmasso@(Android), cmasso@(iOS), bhthompson@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 2 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/334bd4995057cee1a7eb204c57a500219599cb9c commit 334bd4995057cee1a7eb204c57a500219599cb9c Author: Eric Caruso <ejcaruso@chromium.org> Date: Fri Feb 02 18:23:36 2018 permission_broker: fix wrong #define USE_DEVICE_JAIL was deprecated a long time ago. Change it to USE_CONTAINERS which we should actually be using now. BUG= chromium:798260 TEST=grab usb devices from vont Change-Id: I097932612894fae37aae3836acf5e18657236e4b Reviewed-on: https://chromium-review.googlesource.com/896113 Commit-Ready: Eric Caruso <ejcaruso@chromium.org> Tested-by: Eric Caruso <ejcaruso@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> (cherry picked from commit ded807e3150d4fdc16b37b674fe7f3faa0875759) Reviewed-on: https://chromium-review.googlesource.com/899842 Reviewed-by: Eric Caruso <ejcaruso@chromium.org> Commit-Queue: Eric Caruso <ejcaruso@chromium.org> [modify] https://crrev.com/334bd4995057cee1a7eb204c57a500219599cb9c/permission_broker/permission_broker.cc
,
Feb 6 2018
Can I get more context on #8? User impact if mrege declined? We're already on stable so need a compelling reason.
,
Feb 6 2018
adb and fastboot won't work without this change.
,
Feb 12 2018
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible! If all merges have been completed, please remove any remaining Merge-Approved labels from this issue. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 12 2018
(Any updates on merging this to 64?)
,
Feb 12 2018
,
Feb 12 2018
i think this is working ... at least M66 on my pixelbook can find stuff via adb again
,
Feb 14 2018
Per review with ejcaruso@ we expect this to be very low risk (and easy to roll back if there is). Impacts a number of boards. Originated in M63 but not discovered until M64. "without the patch, adb and fastboot can't open usb devices, so they can't see any attached android device". Thus approving for M64 merge since low risk.
,
Feb 14 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/3686f3192def5015d68e59b64799cf68dbc2fc08 commit 3686f3192def5015d68e59b64799cf68dbc2fc08 Author: Eric Caruso <ejcaruso@chromium.org> Date: Wed Feb 14 20:00:31 2018 permission_broker: fix wrong #define USE_DEVICE_JAIL was deprecated a long time ago. Change it to USE_CONTAINERS which we should actually be using now. BUG= chromium:798260 TEST=grab usb devices from vont Change-Id: I097932612894fae37aae3836acf5e18657236e4b Reviewed-on: https://chromium-review.googlesource.com/896113 Commit-Ready: Eric Caruso <ejcaruso@chromium.org> Tested-by: Eric Caruso <ejcaruso@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> (cherry picked from commit ded807e3150d4fdc16b37b674fe7f3faa0875759) Reviewed-on: https://chromium-review.googlesource.com/919582 Reviewed-by: Eric Caruso <ejcaruso@chromium.org> Commit-Queue: Eric Caruso <ejcaruso@chromium.org> [modify] https://crrev.com/3686f3192def5015d68e59b64799cf68dbc2fc08/permission_broker/permission_broker.cc
,
Feb 14 2018
,
May 9 2018
|
|||||||||||
►
Sign in to add a comment |
|||||||||||
Comment 1 by ejcaruso@chromium.org
, Jan 2 2018Status: Assigned (was: Available)