group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1866149] Re: CONFIG_BASE_SMALL=1 restricts pid space, which conflicts with systemd default sysctl

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1866149@xxxxxxxxxxxxxxxxxx>
Date: Fri, 19 Feb 2021 23:04:15 -0000
Reply-to: Bug 1866149 <1866149@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux-kvm - 5.8.0-1018.20+21.04.1

---------------
linux-kvm (5.8.0-1018.20+21.04.1) hirsute; urgency=medium

  * hirsute/linux-kvm: 5.8.0-1018.20+21.04.1 -proposed tracker (LP:
#1914678)

  *  Boot fails: failed to validate module [nls_iso8859_1] BTF: -22
    (LP: #1911359)
    - SAUCE: x86/entry: build thunk_$(BITS) only if CONFIG_PREEMPTION=y

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * Missing module nfsv4 in linux-kvm (LP: #1907266)
    - [Config] kvm-21.04: Enable NFSv4

  * Miscellaneous Ubuntu changes
    - sync dkms nvidia-server 418 and 450 to -release

  [ Ubuntu: 5.8.0-1018.20 ]

  * groovy/linux-kvm: 5.8.0-1018.20 -proposed tracker (LP: #1914679)
  * groovy/linux: 5.8.0-43.49 -proposed tracker (LP: #1914689)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * Exploitable vulnerabilities in AF_VSOCK implementation (LP: #1914668)
    - vsock: fix the race conditions in multi-transport support
  * groovy/linux: 5.8.0-41.46 -proposed tracker (LP: #1912219)
  * Groovy update: upstream stable patchset 2020-12-17 (LP: #1908555) // nvme
    drive fails after some time (LP: #1910866)
    - Revert "nvme-pci: remove last_sq_tail"
  * initramfs unpacking failed (LP: #1835660)
    - SAUCE: lib/decompress_unlz4.c: correctly handle zero-padding around initrds.
  * overlay: permission regression in 5.4.0-51.56 due to patches related to
    CVE-2020-16120 (LP: #1900141)
    - ovl: do not fail because of O_NOATIME
  * Packaging resync (LP: #1786013)
    - update dkms package versions

  [ Ubuntu: 5.8.0-1016.18 ]

  * groovy/linux-kvm: 5.8.0-1016.18 -proposed tracker (LP: #1911344)
  * CONFIG_BASE_SMALL=1 restricts pid space, which conflicts with systemd
    default sysctl (LP: #1866149)
    - [Config]: set CONFIG_BASE_FULL
  * Missing module nfsv4 in linux-kvm (LP: #1907266)
    - [Config] kvm: Enable NFSv4
  * groovy/linux: 5.8.0-39.44 -proposed tracker (LP: #1911350)
  * overlay: permission regression in 5.4.0-51.56 due to patches related to
    CVE-2020-16120 (LP: #1900141)
    - ovl: do not fail because of O_NOATIME
  * groovy/linux: 5.8.0-38.43 -proposed tracker (LP: #1911143)
  * CVE-2020-28374
    - SAUCE: target: fix XCOPY NAA identifier lookup
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * debian/scripts/file-downloader does not handle positive failures correctly
    (LP: #1878897)
    - [Packaging] file-downloader not handling positive failures correctly
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-1052 // CVE-2021-1053
    - [Packaging] NVIDIA -- Add the NVIDIA 460 driver

 -- Paolo Pisati <paolo.pisati@xxxxxxxxxxxxx>  Tue, 09 Feb 2021 11:27:33
+0100

** Changed in: linux-kvm (Ubuntu)
       Status: Incomplete => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1866149

Title:
  CONFIG_BASE_SMALL=1 restricts pid space, which conflicts with systemd
  default sysctl

Status in linux package in Ubuntu:
  Invalid
Status in linux-kvm package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Invalid
Status in linux-kvm source package in Xenial:
  Fix Released
Status in linux source package in Bionic:
  Invalid
Status in linux-kvm source package in Bionic:
  Fix Released
Status in linux source package in Focal:
  Invalid
Status in linux-kvm source package in Focal:
  Fix Released
Status in linux source package in Groovy:
  Invalid
Status in linux-kvm source package in Groovy:
  Fix Released

Bug description:
  [Impact]
  systemd-systemctl will fail to set kernel.pid_max, leading to a degraded boot.

  [Fix]
  Set CONFIG_BASE_FULL=y, CONFIG_BASE_SMALL=0.

  [Test case]
  Write 419304 to /proc/sys/kernel/pid_max.

  [Potential regression]
  Boot time may be affected.

  
  ====================================================================

  I'm not completely sure which package to log this against.

  I'm running the kvm focal minimal cloud image from 20200302. I noticed
  on boot that there was an error complaining that systemd-systemctl
  couldn't update pid_max to the value it wanted:

  systemd-sysctl[117]: Couldn't write '4194304' to 'kernel/pid_max':
  Invalid argument

  Digging into it a bit more, this comes from /usr/lib/sysctl.d/50-pid-max.conf:
  # Bump the numeric PID range to its maximum of 2^22 (from the in-kernel default
  # of 2^16), to make PID collisions less likely.
  kernel.pid_max = 4194304

  However, the linux-image-kvm kernel is compiled with
  CONFIG_BASE_SMALL=1

  and this triggers the following code in include/linux/threads.h

  #define PID_MAX_LIMIT (CONFIG_BASE_SMALL ? PAGE_SIZE * 8 : \
   (sizeof(long) > 4 ? 4 * 1024 * 1024 : PID_MAX_DEFAULT))

  which means that if CONFIG_BASE_SMALL is set we get a maximum limit of
  PAGE_SIZE * 8, which on x86 would be 32768.

  As a workaround I can override it with a file in /etc/sysctl.d/ but
  this shouldn't be needed.

  I really don't know if CONFIG_BASE_SMALL makes any sense on x86 cloud
  images, they really aren't small machines in the scheme of things!

  Cheers

  David

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1866149/+subscriptions