Skip to content

syscall: CLONE_NEWTIME can't be used with SysProcAttr.Cloneflags #49779

New issue
New issue
Closed
Closed
syscall: CLONE_NEWTIME can't be used with SysProcAttr.Cloneflags#49779
Assignees
tklauser
Labels
FrozenDueToAgeNeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.OS-Linuxcompiler/runtimeIssues related to the Go compiler and/or runtime.help wanted
Milestone
Backlog
@ysksuzuki

Description

@ysksuzuki
ysksuzuki
opened on Nov 24, 2021

What version of Go are you using (go version)?

$ go version
go version go1.17.1 linux/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE="on"
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/yusuke/.cache/go-build"
GOENV="/home/yusuke/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/yusuke/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/yusuke/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.17.1"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/yusuke/go/src/github.com/ysksuzuki/containers-from-scratch/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build2997449259=/tmp/go-build -gno-record-gcc-switches"

What did you do?

Run a command with Cloneflags unix.CLONE_NEWTIME and check if the process is in a different time namespace from its parent.

func run() {
        cmd := exec.Command(os.Args[2], os.Args[3]...)
        cmd.Stdin = os.Stdin
        cmd.Stdout = os.Stdout
        cmd.Stderr = os.Stderr
        cmd.SysProcAttr = &unix.SysProcAttr{
                Cloneflags:   unix.CLONE_NEWTIME,
        }

        cmd.Run()
}

What did you expect to see?

The process is in an isolated time namespace from its parent.

What did you see instead?

The process is in the same time namespace as its parent.

forkAndExecInChild uses SYS_CLONE but CLONE_NEWTIME can be used only with the clone3() system call.
https://github.com/golang/go/blob/go1.17.3/src/syscall/exec_linux.go#L218

torvalds/linux@769071a

All available clone flags have been used, so CLONE_NEWTIME uses the highest
bit of CSIGNAL. It means that it can be used only with the unshare() and
the clone3() system calls.

Metadata

Metadata

Assignees

Labels

FrozenDueToAgeNeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.OS-Linuxcompiler/runtimeIssues related to the Go compiler and/or runtime.help wanted

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions