From a6a42d4fcf48abb9f6ea6331cb6208e279366a28 Mon Sep 17 00:00:00 2001 From: Kienan Stewart Date: Fri, 22 Nov 2024 09:38:09 -0500 Subject: [PATCH] Fix: Update `get_mempolicy` check to handle `EPERM` See libnuma commit 0ab9c7a0d857bea1724139c48e2e58ed6a81647f: commit 0ab9c7a0d857bea1724139c48e2e58ed6a81647f Author: filimonov <1549571+filimonov@users.noreply.github.com> Date: Mon Oct 21 18:45:02 2024 +0200 Make numa_available respect EPERM Make numa_available respect EPERM In the Docker environment, usage of `get_mempolicy` is restricted by seccomp security profiles: https://docs.docker.com/engine/security/seccomp/ (unless `CAP_SYS_NICE` is set). But `numa_available` used to ignore EPERM and return 'true', i.e., available. This led to further code attempting other API calls, which resulted in "operation not permitted" errors printed to stderr. See details in: https://github.com/ClickHouse/ClickHouse/issues/68747#issuecomment-2426210768 Change-Id: I5169f54ac7622754e33e7c67ee1d813876de44b9 Signed-off-by: Kienan Stewart Signed-off-by: Mathieu Desnoyers --- src/common/counter/shm.c | 2 +- src/common/ringbuffer/shm.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/counter/shm.c b/src/common/counter/shm.c index ee2b822e..d025910d 100644 --- a/src/common/counter/shm.c +++ b/src/common/counter/shm.c @@ -188,7 +188,7 @@ static bool lttng_is_numa_available(void) int ret; ret = get_mempolicy(NULL, NULL, 0, NULL, 0); - if (ret && errno == ENOSYS) { + if (ret && (errno == ENOSYS || errno == EPERM)) { return false; } return numa_available() >= 0; diff --git a/src/common/ringbuffer/shm.c b/src/common/ringbuffer/shm.c index 002e0898..ef95d9f5 100644 --- a/src/common/ringbuffer/shm.c +++ b/src/common/ringbuffer/shm.c @@ -247,7 +247,7 @@ static bool lttng_is_numa_available(void) int ret; ret = get_mempolicy(NULL, NULL, 0, NULL, 0); - if (ret && errno == ENOSYS) { + if (ret && (errno == ENOSYS || errno == EPERM)) { return false; } return numa_available() >= 0; -- 2.39.5