From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5545043C92; Tue, 12 Mar 2024 15:53:31 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D78FE402E0; Tue, 12 Mar 2024 15:53:30 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id A2116402D8 for ; Tue, 12 Mar 2024 15:53:29 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710255209; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=goYnk4HZkpghQeC4mbL/1xSPt6swcu+4iifDeM7RaAg=; b=VORCnWbXcm+6bxhfV+kXFLIo1e51lbFS1gyhf9jOdhGLeJpX4nBvWXfATyjBvM4Lw14ROH /UvdepvJgpG2g0Wl6PQQvEnqC3GOSFgRZrssXviZ1r3qA3N7cbMBB/fVPJw2FxJ5NSsxPI jVk6TxI82Vuk+o/Iismk8wlBcta4eMY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-144-scon-K3cMe2JWNvteUbxOg-1; Tue, 12 Mar 2024 10:53:26 -0400 X-MC-Unique: scon-K3cMe2JWNvteUbxOg-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9DB8D858DBE; Tue, 12 Mar 2024 14:53:26 +0000 (UTC) Received: from RHTPC1VM0NT.bos.redhat.com (dhcp-17-72.bos.redhat.com [10.18.17.72]) by smtp.corp.redhat.com (Postfix) with ESMTP id 47E7B175AD; Tue, 12 Mar 2024 14:53:26 +0000 (UTC) From: Aaron Conole To: dev@dpdk.org Cc: Ilya Maximets , David Marchand , Michael Santana Subject: [PATCH] github: Reduce ASLR entropy to be compatible with asan in llvm 14. Date: Tue, 12 Mar 2024 10:53:26 -0400 Message-ID: <20240312145326.1377818-1-aconole@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org GitHub recently started using newer Ubuntu 22.04 LTS container images, versioned 20240310.1.0 which use 32-bit entropy for ASLR: $ sudo sysctl -a | grep vm.mmap.rnd vm.mmap_rnd_bits = 32 vm.mmap_rnd_compat_bits = 16 This breaks builds (such as the one at https://github.com/DPDK/dpdk/actions/runs/8234334617/job/22515850325) by causing a random segfault when ASAN is used, because older ASAN gets confused by memory mappings and crashes. The issue is fixed in newer releases of LLVM: https://github.com/llvm/llvm-project/commit/fb77ca05ffb4f8e666878f2f6718a9fb4d686839 https://reviews.llvm.org/D148280 But these are not available in Ubuntu 22.04 image. This should be fixed by GitHub, but until new images are available reducing ASLR entropy manually to 28 bits to make builds work. Reported-at: https://github.com/actions/runner-images/issues/9491 Signed-off-by: Aaron Conole Suggested-by: Ilya Maximets --- .github/workflows/build.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 776fbf6f30..228aad8289 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -139,6 +139,13 @@ jobs: .ci/linux-setup.sh # Workaround on $HOME permissions as EAL checks them for plugin loading chmod o-w $HOME + - name: Reduce ASLR entropy + if: env.ASAN == 'true' + # Asan in llvm 14 provided in ubuntu-22.04 is incompatible with + # high-entropy ASLR configured in much newer kernels that GitHub + # runners are using leading to random crashes: + # https://github.com/actions/runner-images/issues/9491 + run: sudo sysctl -w vm.mmap_rnd_bits=28 - name: Build and test run: .ci/linux-build.sh - name: Upload logs on failure -- 2.41.0