Port pkg/system/mknod.go to FreeBSD#42866
Merged
AkihiroSuda merged 1 commit intomoby:masterfrom Sep 23, 2021
Merged
Conversation
akhramov
force-pushed
the
feature/pkg-system-port-to-FreeBSD
branch
from
61cc0f3 to
3d6723c
Compare
thaJeztah
reviewed
Sep 20, 2021
Comment on lines
+18
to
+19
| func Mkdev(major int64, minor int64) uint64 { | ||
| return unix.Mkdev(uint32(major), uint32(minor)) |
Member
There was a problem hiding this comment.
Doing a quick diff between both, to see what the difference is. On Linux we're converting this to return an uint32. All places where it's used (currently) cast it to an int (as argument for Mknod).
Mostly wondering if we should do the same for freebsd so that the signature is the same. (Perhaps we should look at that in a follow-up, and move these utilities into pkg/archive).
@samuelkarp perhaps you have thoughts on this?
diff --git a/pkg/system/mknod.go b/pkg/system/mknod_freebsd.go
index ccb2e638bb..b1ba8320dd 100644
--- a/pkg/system/mknod.go
+++ b/pkg/system/mknod_freebsd.go
@@ -1,5 +1,5 @@
-//go:build !freebsd && !windows
-// +build !freebsd,!windows
+//go:build freebsd
+// +build freebsd
package system // import "github.com/docker/docker/pkg/system"
@@ -10,14 +10,11 @@ import (
// Mknod creates a filesystem node (file, device special file or named pipe) named path
// with attributes specified by mode and dev.
func Mknod(path string, mode uint32, dev int) error {
- return unix.Mknod(path, mode, dev)
+ return unix.Mknod(path, mode, uint64(dev))
}
-// Mkdev is used to build the value of linux devices (in /dev/) which specifies major
+// Mkdev is used to build the value of FreeBSD devices (in /dev/) which specifies major
// and minor number of the newly created device special file.
-// Linux device nodes are a bit weird due to backwards compat with 16 bit device nodes.
-// They are, from low to high: the lower 8 bits of the minor, then 12 bits of the major,
-// then the top 12 bits of the minor.
-func Mkdev(major int64, minor int64) uint32 {
- return uint32(unix.Mkdev(uint32(major), uint32(minor)))
+func Mkdev(major int64, minor int64) uint64 {
+ return unix.Mkdev(uint32(major), uint32(minor))
}
Contributor
Author
There was a problem hiding this comment.
Makes sense, thanks
Because FreeBSD uses 64-bit device nodes (see https://reviews.freebsd.org/rS318736), Linux implementation of `system.Mknod` & `system.Mkdev` is not sufficient. This change adds freebsd-specific implementations for `Mknod` and Mkdev`. Signed-off-by: Artem Khramov <[email protected]>
akhramov
force-pushed
the
feature/pkg-system-port-to-FreeBSD
branch
from
3d6723c to
f3d3994
Compare
Member
|
@samuelkarp @AkihiroSuda ptal |
AkihiroSuda
approved these changes
Sep 23, 2021
andystime
added a commit
to NexusGPU/gpu-go
that referenced
this pull request
Mar 6, 2026
Add AUDIT_WRITE capability to Docker containers to fix SSH privilege separation issues that caused "mm_request_receive: bad msg_len" errors during key exchange. Problem: - SSH server was starting but connections would fail during key exchange - Error: "mm_request_receive: read: bad msg_len 1530015794" - Root cause: Docker's default seccomp profile blocks syscalls needed by SSH's privilege separation sandbox Solution: - Add --cap-add AUDIT_WRITE when creating containers - This allows SSH's sandboxing to work properly in containers - Removed deprecated UsePrivilegeSeparation config attempts Testing: - Created test container with AUDIT_WRITE capability - SSH connections now complete key exchange successfully - No more mm_request_receive errors References: - moby/moby#42866 Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fixes #42849
Because FreeBSD uses 64-bit device nodes (see
https://reviews.freebsd.org/rS318736), Linux implementation of
system.Mknod&system.Mkdevis not sufficient.This change adds freebsd-specific implementations for
MknodandMkdev.