Skip to content

rootfs: improve mount-related errors#4734

Merged
lifubang merged 2 commits intoopencontainers:mainfrom
cyphar:mount-errors
Apr 22, 2025
Merged

rootfs: improve mount-related errors#4734
lifubang merged 2 commits intoopencontainers:mainfrom
cyphar:mount-errors

Conversation

@cyphar
Copy link
Copy Markdown
Member

@cyphar cyphar commented Apr 18, 2025

While debugging an issue involving failing mounts, I discovered that
just returning the plain mount error message when we are in the fallback
code for handling locked mounts leads to unnecessary confusion.

It also doesn't help that podman currently forcefully sets "rw" on
mounts, which means that rootless containers are likely to hit the
locked mounts issue fairly often.

So we should improve our error messages to explain why the mount is
failing in the locked flags case.

Also, when reading mount errors, it is quite hard to make sense of mount
flags in their hex form. As this is the error path, the minor performance
impact of constructing a string is probably not worth hyper-optimising.
(Though maybe @kolyshkin has an opinion on this.)

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

@cyphar cyphar added easy-to-review backport/1.2-todo A PR in main branch which needs to be backported to release-1.2 backport/1.3-todo A PR in main branch which needs to be backported to release-1.3 labels Apr 18, 2025
@cyphar cyphar added this to the 1.3.0 milestone Apr 18, 2025
kolyshkin
kolyshkin approved these changes Apr 18, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@kolyshkin kolyshkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall LGTM, left a couple of nits.

Comment thread libcontainer/mount_linux.go Outdated
Comment thread libcontainer/rootfs_linux.go Outdated
@kolyshkin
Copy link
Copy Markdown
Contributor

kolyshkin commented Apr 18, 2025

CI failure is being fixed by #4728

kolyshkin
kolyshkin reviewed Apr 19, 2025
View reviewed changes
Comment thread libcontainer/mount_linux_test.go
cyphar added 2 commits April 21, 2025 13:00
@cyphar
mount: add string representation of mount flags
30302a2 
When reading mount errors, it is quite hard to make sense of mount flags
in their hex form. As this is the error path, the minor performance
impact of constructing a string is probably not worth hyper-optimising.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
@cyphar
rootfs: improve error messages for bind-mount vfs flag setting
58c3ab7 
While debugging an issue involving failing mounts, I discovered that
just returning the plain mount error message when we are in the fallback
code for handling locked mounts leads to unnecessary confusion.

It also doesn't help that podman currently forcefully sets "rw" on
mounts, which means that rootless containers are likely to hit the
locked mounts issue fairly often.

So we should improve our error messages to explain why the mount is
failing in the locked flags case.

Fixes: 7c71a22 ("rootfs: remove --no-mount-fallback and finally fix MS_REMOUNT")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
kolyshkin
kolyshkin approved these changes Apr 21, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@kolyshkin kolyshkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still LGTM. @opencontainers/runc-maintainers PTAL

@lifubang lifubang merged commit b60a77a into opencontainers:main Apr 22, 2025
34 checks passed
@kolyshkin kolyshkin mentioned this pull request Apr 22, 2025
Merged
@kolyshkin
Copy link
Copy Markdown
Contributor

kolyshkin commented Apr 22, 2025

1.3 backport: #4738

@kolyshkin kolyshkin removed this from the 1.3.0 milestone Apr 22, 2025
@kolyshkin kolyshkin added backport/1.3-done A PR in main branch which has been backported to release-1.3 and removed backport/1.3-todo A PR in main branch which needs to be backported to release-1.3 labels Apr 22, 2025
@cyphar cyphar deleted the mount-errors branch April 22, 2025 10:57
@cyphar cyphar mentioned this pull request Apr 22, 2025
Merged
@cyphar
Copy link
Copy Markdown
Member Author

cyphar commented Apr 22, 2025

1.2 backport: #4740

@kolyshkin kolyshkin added backport/1.2-done A PR in main branch which has been backported to release-1.2 and removed backport/1.2-todo A PR in main branch which needs to be backported to release-1.2 labels Apr 23, 2025
@cyphar cyphar mentioned this pull request Apr 25, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lifubang lifubang lifubang approved these changes

@kolyshkin kolyshkin kolyshkin approved these changes

Assignees

No one assigned

Labels

backport/1.2-done A PR in main branch which has been backported to release-1.2 backport/1.3-done A PR in main branch which has been backported to release-1.3 easy-to-review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cyphar @kolyshkin @lifubang