Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libct.Start: fix locking, do not allow a second container init #4271

Merged
merged 3 commits into from
Jun 11, 2024
Merged

libct.Start: fix locking, do not allow a second container init #4271

merged 3 commits into from
Jun 11, 2024

Conversation

kolyshkin
Copy link
Contributor

@kolyshkin kolyshkin commented May 7, 2024
edited

By definition, every container has only 1 init (i.e. PID 1) process.

Apparently, libcontainer API supported running more than 1 "init", and
two tests mistakenly used it. Of course, the second "init" was not
PID 1, but it was started like init and, I guess, some of the Container fields
were set to wrong values.

Let's not allow that, erroring out if we already have init running.

Fix two cases in libct/int which ran two inits inside a container.
Also, fix a locking issue and remove some code that's not needed.

@kolyshkin kolyshkin force-pushed the two-inits branch 2 times, most recently from dfe38a9 to 2575cf4 Compare May 7, 2024 21:06
@kolyshkin kolyshkin marked this pull request as ready for review May 7, 2024 21:06
@kolyshkin kolyshkin requested a review from lifubang May 7, 2024 21:07
@kolyshkin
Copy link
Contributor Author

@opencontainers/runc-maintainers PTAL

@kolyshkin kolyshkin requested a review from cyphar June 9, 2024 21:16
@kolyshkin
Copy link
Contributor Author

@lifubang ptal

@lifubang
Copy link
Member

lifubang commented Jun 9, 2024

fix a locking issue

SGTM, but could you give some details for this issue in commit 3b5376f? I think it's a refactor, but not a fix?

lifubang
lifubang reviewed Jun 10, 2024
View reviewed changes
libcontainer/container_linux.go
if err := c.createExecFifo(); err != nil {
return err
}
defer func() {
Copy link
Member

@lifubang lifubang Jun 10, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe this defer should be moved to the position before createExecFifo, please see #4319.
I don't know whether this PR(4271) should be backported to release-1.1 branch or not, so I opened #4319(seems need backport), feel free to close it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My suggestion change is unneeded Once #4319 merged.

@kolyshkin
Copy link
Contributor Author

fix a locking issue

SGTM, but could you give some details for this issue in commit 3b5376f? I think it's a refactor, but not a fix?

Maybe the commit message is too long and vague. Here's an except about the main issue: "part of c.Run executing without the lock". I did not get too deep inside why this locking is needed, but if it is needed, it is a bug to execute Run in parallel with, say, Start. This is what's being fixed.

@kolyshkin
libct: createExecFifo: rm unneeded os.Stat
304a4c0 
In case file already exists, mknod(2) will return EEXIST.

This os.Stat call was (inadvertently?) added by commit 805b8c7.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin
libct: fix locking in Start/Run/Exec
e3e1072 
1. The code to call c.exec from c.Run was initially added by commit
   3aacff6. At the time, there was a lock in c.Run. That lock was
   removed by commit bd3c4f8, which resulted in part of c.Run executing
   without the lock.

2. All the Start/Run/Exec calls were a mere wrappers for start/run/exec
   adding a lock, but some more code crept into Start at some point,
   e.g. by commits 805b8c7 and 108ee85. Since the reason mentioned in
   commit 805b8c7 is no longer true after refactoring, we can fix this.

Fix both issues by moving code out of wrappers, and adding locking into
c.Run.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin
libct: don't allow to start second init process
42cea2e 
By definition, every container has only 1 init (i.e. PID 1) process.

Apparently, libcontainer API supported running more than 1 init, and
at least one tests mistakenly used it.

Let's not allow that, erroring out if we already have init. Doing
otherwise _probably_ results in some confusion inside the library.

Fix two cases in libct/int which ran two inits inside a container.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@lifubang
Copy link
Member

Here's an except about the main issue: "part of c.Run executing without the lock".

I understand now, thanks your explanation.

@lifubang lifubang merged commit 9d60019 into opencontainers:main Jun 11, 2024
39 checks passed
@lifubang lifubang mentioned this pull request Jun 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lifubang lifubang lifubang approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

@cyphar cyphar Awaiting requested review from cyphar

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kolyshkin @lifubang @AkihiroSuda