Handle EPERM in pg_numa_init

When running in Docker, the container may not have privileges needed by get_mempolicy(). This is called by numa_available() in libnuma, but versions prior to 2.0.19 did not expect that. The numa_available() call seemingly succeeds, but then we get unexpected failures when trying to query status of pages: postgres =# select * from pg_shmem_allocations_numa; ERROR: XX000: failed NUMA pages inquiry status: Operation not permitted LOCATION: pg_get_shmem_allocations_numa, shmem.c:691 The best solution is to call get_mempolicy() first, and proceed to numa_available() only when it does not fail with EPERM. Otherwise we'd need to treat older libnuma versions as insufficient, which seems a bit too harsh, as this only affects containerized systems. Fix by me, based on suggestions by Christoph. Backpatch to 18, where the NUMA functions were introduced. Reported-by: Christoph Berg <myon@debian.org> Reviewed-by: Christoph Berg <myon@debian.org> Discussion: https://postgr.es/m/aPDZOxjrmEo_1JRG@msg.df7cb.de Backpatch-through: 18
4 weeks ago · 599336c64f
parent b5623cc5e4
commit 599336c64f
1 changed files with 11 additions and 1 deletions
--- a/src/port/pg_numa.c
+++ b/src/port/pg_numa.c
@ -47,7 +47,17 @@
 int
 pg_numa_init(void)
 {
-	int			r = numa_available();
+	int			r;
+
+	/*
+	 * XXX libnuma versions before 2.0.19 don't handle EPERM by disabling
+	 * NUMA, which then leads to unexpected failures later. This affects
+	 * containers that disable get_mempolicy by a seccomp profile.
+	 */
+	if (get_mempolicy(NULL, NULL, 0, 0, 0) < 0 && (errno == EPERM))
+		r = -1;
+	else
+		r = numa_available();

 	return r;
 }