[release/1.3 backport] sys/mount_linux: use pipe for communicating mount result #4171
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
forkAndMountat forks a process to chdir then mount layers. Signals are blocked (using runtime_beforeFork) during fork. There is a race condition that the child process finishes before the parent process is scheduled and can unblock signal handling. The SIGCHLD signal sent from the finished process may have been delivered to the shim process's reaper thread and caused the parent process fail with ECHLD error. This patch sets up a pipe for communication between child and parent instead of waiting for child exit status. Fixes containerd#4009. Signed-off-by: Haitao Li <hli@atlassian.com> (cherry picked from commit 35c14c6) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Member
Author
Merged
|
Build succeeded.
|
Codecov Report
@@ Coverage Diff @@
## release/1.3 #4171 +/- ##
===============================================
- Coverage 42.43% 42.39% -0.05%
===============================================
Files 130 130
Lines 14364 14379 +15
===============================================
Hits 6096 6096
- Misses 7373 7388 +15
Partials 895 895
Continue to review full report at Codecov.
|
fuweid
approved these changes
Apr 10, 2020
Member
fuweid
left a comment
There was a problem hiding this comment.
LGTM
In release 1.3, for overlayfs snapshotter, containerd image pull action will not mount overlay for diff apply. It handles unpack directly into upper path. And chdir and mount only works for ~>60 layers image. It is low risk to take it into release 1.3.
kevpar
added a commit
to kevpar/containerd
that referenced
this pull request
Oct 26, 2020
containerd 1.3.4 Welcome to the v1.3.4 release of containerd! The fourth patch release for `containerd` 1.3 adds `NOTIFY_SOCKET` support, improves shim loggers shutdown behavior and includes a few bug fixes related to incorrect FIFO clean up and dangling shims. * Improve host fallback behaviour in docker remote [containerd#4007](containerd#4007) * Cleanup dangling shim by brand new context [containerd#4054](containerd#4054) * Support notify socket [containerd#4104](containerd#4104) * Correct logic of FIFO cleanup [containerd#4150](containerd#4150) * Rework shim logger shutdown process [containerd#4166](containerd#4166) * Man page fixes [containerd#4144](containerd#4144) * Bump Golang 1.13.10 [containerd#4170](containerd#4170) * sys/mount_linux: use pipe for communicating mount result [containerd#4171](containerd#4171) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. * Sebastiaan van Stijn * Phil Estes * Maksym Pavlenko * Wei Fu * Michael Crosby * Derek McGowan * Davanum Srinivas * Alex Price * Chris C * Erik Sipsma * Haitao Li * Josh Dolitsky * Lantao Liu * Mike Brown * Salvador Fuentes * Ted Yu * Ulysses Souza * [`814b7956fa`](containerd@814b795) Merge pull request [containerd#4167](containerd#4167) from mxpv/prepare-1.3.4 * [`1f0a4fd60d`](containerd@1f0a4fd) Prepare release 1.3.4 * [`3801f2f1f3`](containerd@3801f2f) Merge pull request [containerd#4187](containerd#4187) from mxpv/release/1.3 * [`910dfcd727`](containerd@910dfcd) Vendor containerd/cgroups 9f1c62dddf4bc7cc72822ebe353bae7006141b1b * [`60bc128245`](containerd@60bc128) Merge pull request [containerd#4190](containerd#4190) from mxpv/ci-fix * [`7a57e50778`](containerd@7a57e50) Fix protobuild * [`b3b3ea60ac`](containerd@b3b3ea6) Merge pull request [containerd#4181](containerd#4181) from dmcgowan/1.3-revert-git-sha-pin * [`e9836d9539`](containerd@e9836d9) Revert pin vendors by git sha * [`0e625fc987`](containerd@0e625fc) Merge pull request [containerd#4171](containerd#4171) from thaJeztah/1.3_backport_forkmount_use_pipe_instead_wait4 * [`d3d7a0d57f`](containerd@d3d7a0d) Merge pull request [containerd#4172](containerd#4172) from thaJeztah/1.3_backport_update_go_events * [`76c6afbe23`](containerd@76c6afb) Merge pull request [containerd#4170](containerd#4170) from thaJeztah/1.3_backport_bump_golang_1.13 * [`7d41344804`](containerd@7d41344) vendor: update go-events to fix alignment for 32bit systems * [`d70d0f1a99`](containerd@d70d0f1) sys/mount_linux: use pipe for communicating mount result * [`ec5e25d065`](containerd@ec5e25d) Bump Golang 1.13.10 * [`8b79d600f8`](containerd@8b79d60) Bump Golang 1.13.9 * [`13ac9e74c4`](containerd@13ac9e7) Merge pull request [containerd#4166](containerd#4166) from mxpv/release/1.3 * [`c95854caca`](containerd@c95854c) Rework shim logger shutdown process * [`7665b4d7fd`](containerd@7665b4d) Merge pull request [containerd#4158](containerd#4158) from thaJeztah/1.3_revert_bump_bolt * [`782a4619ce`](containerd@782a461) Revert "vendor: update go.etcd.io/bbolt v1.3.4" * [`0b27d9364c`](containerd@0b27d93) Merge pull request [containerd#4150](containerd#4150) from thaJeztah/1.3_backport_no_del_rootdir_ios * [`114bbed34e`](containerd@114bbed) Merge pull request [containerd#4148](containerd#4148) from thaJeztah/1.3_backport_bump_console * [`064ace5914`](containerd@064ace5) Merge pull request [containerd#4147](containerd#4147) from thaJeztah/1.3_backport_bump_bbolt * [`fd2c9e381d`](containerd@fd2c9e3) Correct logic of FIFO cleanup * [`ab89e63c6d`](containerd@ab89e63) Move isFifo from process/io to sys/ and make public * [`5e9289d4e5`](containerd@5e9289d) Add version numbers for newly tagged repos * [`4584e7188d`](containerd@4584e71) Update containerd/console vendor for fix * [`af94dd5f2f`](containerd@af94dd5) Bump containerd console for os.File changes * [`f74d8a02dd`](containerd@f74d8a0) vendor: update go.etcd.io/bbolt v1.3.4 * [`62b6623a7a`](containerd@62b6623) Merge pull request [containerd#4143](containerd#4143) from thaJeztah/1.3_reformat_vendor * [`eac9dc265c`](containerd@eac9dc2) Merge pull request [containerd#4144](containerd#4144) from thaJeztah/1.3_backport_fix_manpages * [`57f41a2aad`](containerd@57f41a2) man: move ctr.1, containerd-config to section 8, and fix generation * [`d1c534916b`](containerd@d1c5349) Makefile: man page: rename containerd.1 to containerd.8 * [`359470201d`](containerd@3594702) vendor.conf: reformat to use columns, and pin by git-commit * [`001eb3f9af`](containerd@001eb3f) vendor: sort and group vendor.conf * [`3a4acfbc99`](containerd@3a4acfb) Merge pull request [containerd#4126](containerd#4126) from chavafg/topic/vendor-cri-1.3 * [`52ca69eb14`](containerd@52ca69e) vendor containerd/cri f864905c93b97db15503c217dc9a43eb65670b53 * [`be54fd9f08`](containerd@be54fd9) Merge pull request [containerd#4104](containerd#4104) from dims/backport-notify-socket-support * [`3dc58c824f`](containerd@3dc58c8) avoiding bumping go-systemd dependency * [`f714035202`](containerd@f714035) Support NOTIFY_SOCKET * [`b955b149f6`](containerd@b955b14) Merge pull request [containerd#4069](containerd#4069) from thaJeztah/1.3_backport_bump_golang_1.13 * [`50e5e156ca`](containerd@50e5e15) Merge pull request [containerd#4065](containerd#4065) from thaJeztah/1.3_backport_namespace_path * [`59e7ae1993`](containerd@59e7ae1) Update Golang 1.13.8 * [`b512c23a47`](containerd@b512c23) Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919) * [`420a25f120`](containerd@420a25f) Update Golang 1.13.6 * [`60596e52eb`](containerd@60596e5) Update Golang 1.13.5 * [`d8b28e86bc`](containerd@d8b28e8) Update to Golang 1.13.4 * [`bde860b04e`](containerd@bde860b) Revert "Update Golang 1.12.14" * [`0dbc3d1fcf`](containerd@0dbc3d1) Revert "Update Golang 1.12.15" * [`dde0ab66c5`](containerd@dde0ab6) Revert "Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)" * [`b9254dd4cd`](containerd@b9254dd) Revert "Update Golang 1.12.17" * [`c090014b44`](containerd@c090014) fix killall when use pidnamespace * [`449e926990`](containerd@449e926) Merge pull request [containerd#4054](containerd#4054) from fuweid/cp13-4048 * [`e71c7d0d27`](containerd@e71c7d0) bugfix: cleanup dangling shim by brand new context * [`2d8cc40512`](containerd@2d8cc40) Merge pull request [containerd#4038](containerd#4038) from thaJeztah/1.3_update_mailmap * [`a2d1cbf627`](containerd@a2d1cbf) Update .mailmap with changes from master * [`5811bc9702`](containerd@5811bc9) Merge pull request [containerd#4036](containerd#4036) from fuweid/cp13-246a560e * [`de5b1b83ba`](containerd@de5b1b8) script: use github.com/kubernetes-sigs/cri-tools directly * [`2bd094daec`](containerd@2bd094d) Merge pull request [containerd#4030](containerd#4030) from thaJeztah/1.3_bump_golang_1.12.17 * [`6a3416449e`](containerd@6a34164) Update Golang 1.12.17 * [`9fcd35a786`](containerd@9fcd35a) Merge pull request [containerd#4029](containerd#4029) from estesp/cp-1.3-4022 * [`571a231e07`](containerd@571a231) Merge pull request [containerd#4027](containerd#4027) from estesp/cp-1.3-4017 * [`9a428a3c9e`](containerd@9a428a3) Fix incorrect comment from copy/paste of starting script * [`09b3b4fcc8`](containerd@09b3b4f) Set octet-stream content-type on put request * [`c4697a803e`](containerd@c4697a8) Merge pull request [containerd#4007](containerd#4007) from awprice/issue-3868-backport * [`37b9a347a2`](containerd@37b9a34) Improve host fallback behaviour in docker remote * [`9f1c62d`](containerd/cgroups@9f1c62d) Merge pull request [containerd#156](containerd/cgroups#156) from mxpv/bug-fix * [`6725ffd`](containerd/cgroups@6725ffd) [release/1.1 backport] throttle.* metrics must be kept for non-CFQ schedulers * [`8375c34`](containerd/console@8375c34) Merge pull request [#34](containerd/console#34) from sipsma/close-once * [`38c5469`](containerd/console@38c5469) Only close epoller FD at most once. * [`02ecf6a`](containerd/console@02ecf6a) Merge pull request [#33](containerd/console#33) from ulyssessouza/add-file-interface * [`f652dc3`](containerd/console@f652dc3) Add File interface instead of using os.File * [`53a0f1d`](containerd/console@53a0f1d) Merge pull request [#32](containerd/console#32) from estesp/check-vendor * [`6214f20`](containerd/console@6214f20) Add vendor check now that content is vendored * [`4b1ac2b`](containerd/console@4b1ac2b) Merge pull request [#31](containerd/console#31) from TwinProduction/master * [`55928bd`](containerd/console@55928bd) Enable vendoring * [`f864905c`](containerd/cri@f864905) Merge pull request [containerd#1420](containerd/cri#1420) from chavafg/topic/fix-tests-go1.13 * [`98a694ed`](containerd/cri@98a694e) Fix integration test for golang 1.13 * **github.com/containerd/cgroups** c4b9ac5 -> 9f1c62dddf4b * **github.com/containerd/console** 0650fd9eeb50 -> v1.0.0 * **github.com/containerd/cri** 50b9e10ea54a -> f864905c93b9 * **github.com/docker/go-events** 9461782956ad -> e31b211e4f1c Previous release can be found at [v1.3.3](https://github.com/containerd/containerd/releases/tag/v1.3.3)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
backport of #4160
forkAndMountat forks a process to chdir then mount layers. Signals are
blocked (using runtime_beforeFork) during fork.
There is a race condition that the child process finishes before the
parent process is scheduled and can unblock signal handling. The SIGCHLD
signal sent from the finished process may have been delivered to the
shim process's reaper thread and caused the parent process fail with
ECHLD error.
This patch sets up a pipe for communication between child and parent
instead of waiting for child exit status.
Fixes #4009.
Signed-off-by: Haitao Li hli@atlassian.com
(cherry picked from commit 35c14c6)
Signed-off-by: Sebastiaan van Stijn github@gone.nl