Issue 802889 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	valleau@chromium.org
Closed:	Jan 19
Cc:	chirantan@chromium.org vapier@chromium.org skau@chromium.org
Components:	OS>Kernel OS>Systems>Minijail
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	2
Type:	Bug

Unable to Run Nested Minijails with PID Namespaces

Project Member Reported by valleau@chromium.org, Jan 16 2018

Issue description

Running nested PID namespaces can sometimes trigger an incorrect assertion in glibc which results in a crash.

https://sourceware.org/bugzilla/show_bug.cgi?id=17214

According to chirantan@ possible fixes may include:
  - uprev glibc to a newer version which drops the pid cache
  - backport the patch that removes the pid cache to our tree

We could also looking into adding some sort of workaround into minijail.

Comment 1 by vapier@chromium.org, Jan 16 2018

do we have a reduced test case to show the failure when run under minijail ?

Comment 2 Deleted

Comment 3 Deleted

Comment 4 Deleted

Comment 5 by vapier@chromium.org, Jan 19 (4 days ago)

Status: Fixed (was: Assigned)

we've updated to glibc-2.27 now (we were at glibc-2.23).  so assuming that is sufficient, i don't think we have to do anything in minijail ... "just" tell users to upgrade to a recent glibc release.

would be nice if we had a reproduction to verify, but until then, assume resolved.

►

Issue 802889 link

Issue metadata

Unable to Run Nested Minijails with PID Namespaces

Issue description

Comment 1 by vapier@chromium.org, Jan 16 2018

Comment 1 Deleted

Comment 2 Deleted

Comment 3 Deleted

Comment 4 Deleted

Comment 5 by vapier@chromium.org, Jan 19 (4 days ago)

Comment 5 Deleted

Sign in to add a comment