Bug 2155189

Summary: mounts are not propagated into namespaces
Product: Red Hat Enterprise Linux 9 Reporter: Michal Privoznik <mprivozn>
Component: kernelAssignee: Alexey Gladkov <agladkov>
kernel sub component: Namespace QA Contact: Chao Ye <cye>
Status: CLOSED NOTABUG Docs Contact:
Severity: high    
Priority: high CC: agladkov, ailan, duclee, dzheng, ebiederm, gveitmic, haizhao, jdenemar, jsuchane, lcong, lmen, mprivozn, virt-maint, yafu, yalzhang, ymankad
Version: 9.2Keywords: Regression, TestBlocker, Triaged
Target Milestone: rc   
Target Release: 9.0   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2151869 Environment:
Last Closed: 2023-01-02 12:41:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2151869    

Description Michal Privoznik 2022-12-20 11:10:36 UTC 
+++ This bug was initially created as a clone of Bug #2151869 +++

--- Additional comment from Michal Privoznik on 2022-12-20 11:24:28 CET ---

Indeed. There's something terribly broken (in kernel perhaps?):

kernel-5.14.0-212.el9.x86_64
systemd-252-2.el9.x86_64

1) just to make sure mount events are being propagated:

# mount --make-rshared /

2) check hugetlbfs mounts:

# mount | grep huge
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel,pagesize=2M)

3) in another terminal, unshare mount namespace:

# unshare -m

4) verify that the hugetlbfs is mounted (from inside the NS):

# mount | grep huge
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel,pagesize=2M)

5) now, mount another hugetlbfs (from the parent NS, NOT the one just unshared):

# mount -t hugetlbfs -o pagesize=1G hugetlbfs /dev/hugepages1G

6) verify the mount got propagated (from the NS):

# mount | grep huge
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel,pagesize=2M)


Therefore, this is completely independent of libvirt and should be reported against kernel for further investigation. Then, we can revisit our bug.
Comment 2 Michal Privoznik 2022-12-21 07:57:23 UTC 
Setting TestBlocker keyword since this is blocking verification of the original bug.
Comment 3 Alexey Gladkov 2023-01-02 12:41:31 UTC 
(In reply to Michal Privoznik from comment #0)
> 1) just to make sure mount events are being propagated:
> 
> # mount --make-rshared /
> 
> 2) check hugetlbfs mounts:
> 
> # mount | grep huge
> hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel,pagesize=2M)
> 
> 3) in another terminal, unshare mount namespace:
> 
> # unshare -m

Let's stop at this step.

From unshare(1) manpage:
```
unshare since util-linux version 2.27 automatically sets propagation to private in a new mount namespace to make sure that the new namespace is really unshared. It’s possible to disable this feature with option --propagation unchanged. Note that private is the kernel default.
```

If I run the command with the option, all subsequent steps work as you would expect:

# unshare --mount --propagation unchanged

> Therefore, this is completely independent of libvirt and should be reported
> against kernel for further investigation. Then, we can revisit our bug.

I don't know anything about the original bug, but the steps from the description is fully consistent with the behavior described in the documentation.