`mount` tries to use `mount_setattr` even if unsupported by running kernel (<5.12)

[thesamesam]

Originally reported downstream in Gentoo at https://bugs.gentoo.org/906797.

Bisect says 6e94230, although I see there's a bunch of mount work between 2.38.1 and 2.39 so I wouldn't be surprised if it's slightly off and just a nearby commit.

As of util-linux-2.39 (2.38.1 was fine), mount (e.g. mount -o remount,ro /) will try to use mount_setattr even if it's not available at runtime. It looks like a check is done at build-time but there's no callback for ENOSYS:

# ./mount -o remount,ro /boot 
mount: /boot: mount_setattr system call failed: Function not implemented.
       dmesg(1) may have more information after failed mount system call.

This fails on Linux 5.10 which is LTS, so still supported upstream as mount_setattr was added in Linux 5.12.

strace says the following on Linux 5.10.147 with util-linux 2.39:

17470 readlink("/boot", 0x7ffec5f50750, 1023) = -1 EINVAL (Invalid argument)
17470 statx(AT_FDCWD, "/sbin/mount.ext4", AT_STATX_DONT_SYNC|AT_NO_AUTOMOUNT, STATX_TYPE|STATX_MODE|STATX_INO, 0x7ffec5f4f940) = -1 ENOENT (No such file or directory)
[...]
17470 open_tree(AT_FDCWD, "/boot", OPEN_TREE_CLOEXEC) = 3
17470 getuid()                          = 0
17470 geteuid()                         = 0
17470 getgid()                          = 0
17470 getegid()                         = 0
17470 prctl(PR_GET_DUMPABLE)            = 1 (SUID_DUMP_USER)
17470 newfstatat(AT_FDCWD, "/run/mount/utab", 0x7ffec5f50bc0, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
17470 mkdir("/run/mount", 0755)         = -1 EEXIST (File exists)
17470 newfstatat(AT_FDCWD, "/run/mount/utab", 0x7ffec5f50ab0, 0) = -1 ENOENT (No such file or directory)
17470 newfstatat(AT_FDCWD, "/run/mount", {st_mode=S_IFDIR|0755, st_size=40, ...}, 0) = 0
17470 geteuid()                         = 0
17470 getegid()                         = 0
17470 getuid()                        = 0
17470 getgid()                          = 0
17470 access("/run/mount", R_OK|W_OK)   = 0
17470 fspick(3, "", FSPICK_NO_AUTOMOUNT|FSPICK_EMPTY_PATH) = 4
17470 fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0
17470 fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0
17470 mount_setattr(3, "", AT_EMPTY_PATH, {attr_set=MOUNT_ATTR_RDONLY, attr_clr=MOUNT_ATTR_NOSUID|MOUNT_ATTR_NODEV|MOUNT_ATTR_NOEXEC|MOUNT_ATTR_NOSYMFOLLOW, propagation=0 /* MS_??? */, userns_fd=0}, 32) = -1 ENOSYS (Function not implemented)
17470 close(4)                          = 0
17470 close(3)                          = 0
[.. aborts ..]

It doesn't then attempt to use mount().

The build-time test would fail on systems with an older copy of linux-headers, but many people (including us in Gentoo) don't pin linux-headers to the kernel version because it'd be tricky logistically, but also because of e.g. advice from glibc at https://sourceware.org/glibc/wiki/FAQ#What_version_of_the_Linux_kernel_headers_should_be_used.3F.

(I was looking for a tool to easily test this on a machine with a newer kernel and stumbled across the new enosys tool in master, nice!)

[thesamesam]

I did come across #2197 but make check w/ 2.39 on one of the broken machines passes as non-root, and I couldn't get them to run as root (even after following howto-tests.txt, so I gave up on that for now, but will maybe come back to it later).

[hlein]

The build-time test would fail on systems with an older copy of linux-headers, but many people (including us in Gentoo) don't pin linux-headers to the kernel version because it'd be tricky logistically

Note, I think the lack of runtime testing/fallback also means that if a system running a >=5.12 kernel built and used util-linux-2.39 just fine and then was rebooted to a <5.12 kernel, mysterious breakage would occur. Distributions that support multiple LTS kernels might be forced to only compile on the lowest-common-denominator to end up with mount executables that work consistently.

[t-8ch]

The following patch can reproduce the issue on newer kernels:

diff --git a/tests/helpers/test_enosys.c b/tests/helpers/test_enosys.c
index 88e7af3b02fe..12eedbcb8361 100644
--- a/tests/helpers/test_enosys.c
+++ b/tests/helpers/test_enosys.c
@@ -68,6 +68,7 @@ const struct syscall syscalls[] = {
        { "move_mount", __NR_move_mount },
        { "open_tree", __NR_open_tree },
        { "fsopen", __NR_fsopen },
+       { "mount_setattr", __NR_mount_setattr },
 };
 
 int main(int argc, char **argv)
diff --git a/tests/ts/mount/fallback b/tests/ts/mount/fallback
index fe932ee78a62..9b7ba3af2d65 100755
--- a/tests/ts/mount/fallback
+++ b/tests/ts/mount/fallback
@@ -68,5 +68,17 @@ $TS_CMD_UMOUNT $MOUNTPOINT
 ts_finalize_subtest
 
 
+ts_init_subtest "mount_setattr"
+"$TS_CMD_MOUNT" "$DEVICE" "$MOUNTPOINT"  >> $TS_OUTPUT 2>> $TS_ERRLOG
+ts_is_mounted $DEVICE || ts_log "Cannot find $DEVICE in /proc/mounts"
+$TS_HELPER_ENOSYS -s mount_setattr -- \
+       "$TS_CMD_MOUNT" -o remount,ro "$MOUNTPOINT" \
+       >> $TS_OUTPUT 2>> $TS_ERRLOG
+$TS_CMD_FINDMNT --kernel --mountpoint "$MOUNTPOINT" --options "ro" &> /dev/null
+[ "$?" == "0" ] || ts_die "Cannot find read-only in $MOUNTPOINT in /proc/self/mountinfo"
+$TS_HELPER_ENOSYS -s mount_setattr -- \
+       "$TS_CMD_MOUNT" --make-slave "$MOUNTPOINT" \
+       >> $TS_OUTPUT 2>> $TS_ERRLOG
+$TS_CMD_UMOUNT $MOUNTPOINT
+ts_finalize_subtest
+
+
 ts_finalize

(Against v2.39, for master it needs to $TS_CMD_ENOSYS instead)

[t-8ch]

Should be fixed by #2248

[hlein]

Should be fixed by #2248

Looks good here on a 5.10 box, thanks!

# uname -r
5.10.144-gentoo
# mount | egrep /boot
/dev/sda1 on /boot type ext4 (rw,relatime)
# strace -f -o util-linux-2.39-9b68f614c8d02ca41f077ba064e0a83d2ae7b1fe-mount-remount-ro.strace \
      mount -o remount,ro /boot
# mount | egrep /boot
/dev/sda1 on /boot type ext4 (ro,relatime)

19146 open_tree(AT_FDCWD, "/boot", OPEN_TREE_CLOEXEC) = 3
19146 mount_setattr(-1, NULL, 0, NULL, 0) = -1 ENOSYS (Function not implemented)
19146 getuid()                          = 0
...
19146 fspick(3, "", FSPICK_NO_AUTOMOUNT|FSPICK_EMPTY_PATH) = 4
19146 fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0 
19146 fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = 0