opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-21 17:16:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

libpod: fix race when closing STDIN

Browse Source 
There is a race where `conn.Close()` was called before `conn.CloseWrite()`.
In this case `CloseWrite` will fail and an useless error is printed. To
fix this we move the the `CloseWrite()` call to the same goroutine to
remove the race. This ensures that `CloseWrite()` is called before
`Close()` and never afterwards.
Also fixed podman-remote run where the STDIN was never was closed.
This is causing flakes in CI testing.

[NO TESTS NEEDED]

Fixes #11856

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit is contained in:
Paul Holzinger
2021-10-05 11:13:49 +02:00
parent 8bcc086b1b
commit fbce7584d7
5 changed files with 30 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
libpod/oci_attach_linux.go
View File

@ -93,7 +93,7 @@ func (c *Container) attach(streams *define.AttachStreams, keys string, resize <-
if attachRdy != nil { if attachRdy != nil {
attachRdy <- true attachRdy <- true
} }
return readStdio(streams, receiveStdoutError, stdinDone) return readStdio(conn, streams, receiveStdoutError, stdinDone)
} }
// Attach to the given container's exec session // Attach to the given container's exec session
@ -174,7 +174,7 @@ func (c *Container) attachToExec(streams *define.AttachStreams, keys *string, se
return err return err
} }
return readStdio(streams, receiveStdoutError, stdinDone) return readStdio(conn, streams, receiveStdoutError, stdinDone)
} }
func processDetachKeys(keys string) ([]byte, error) { func processDetachKeys(keys string) ([]byte, error) {
@ -217,11 +217,6 @@ func setupStdioChannels(streams *define.AttachStreams, conn *net.UnixConn, detac
var err error var err error
if streams.AttachInput { if streams.AttachInput {
_, err = utils.CopyDetachable(conn, streams.InputStream, detachKeys) _, err = utils.CopyDetachable(conn, streams.InputStream, detachKeys)
if err == nil {
if connErr := conn.CloseWrite(); connErr != nil {
logrus.Errorf("Unable to close conn: %q", connErr)
}
}
} }
stdinDone <- err stdinDone <- err
}() }()
@ -274,7 +269,7 @@ func redirectResponseToOutputStreams(outputStream, errorStream io.Writer, writeO
return err return err
} }
func readStdio(streams *define.AttachStreams, receiveStdoutError, stdinDone chan error) error { func readStdio(conn *net.UnixConn, streams *define.AttachStreams, receiveStdoutError, stdinDone chan error) error {
var err error var err error
select { select {
case err = <-receiveStdoutError: case err = <-receiveStdoutError:
@ -283,6 +278,12 @@ func readStdio(streams *define.AttachStreams, receiveStdoutError, stdinDone chan
if err == define.ErrDetach { if err == define.ErrDetach {
return err return err
} }
if err == nil {
// copy stdin is done, close it
if connErr := conn.CloseWrite(); connErr != nil {
logrus.Errorf("Unable to close conn: %v", connErr)
}
}
if streams.AttachOutput || streams.AttachError { if streams.AttachOutput || streams.AttachError {
return <-receiveStdoutError return <-receiveStdoutError
} }

7
libpod/oci_conmon_exec_linux.go
View File

@ -609,9 +609,6 @@ func attachExecHTTP(c *Container, sessionID string, r *http.Request, w http.Resp
_, err := utils.CopyDetachable(conn, httpBuf, detachKeys) _, err := utils.CopyDetachable(conn, httpBuf, detachKeys)
logrus.Debugf("STDIN copy completed") logrus.Debugf("STDIN copy completed")
stdinChan <- err stdinChan <- err
if connErr := conn.CloseWrite(); connErr != nil {
logrus.Errorf("Unable to close conn: %v", connErr)
}
}() }()
} }
@ -654,6 +651,10 @@ func attachExecHTTP(c *Container, sessionID string, r *http.Request, w http.Resp
if err != nil { if err != nil {
return err return err
} }
// copy stdin is done, close it
if connErr := conn.CloseWrite(); connErr != nil {
logrus.Errorf("Unable to close conn: %v", connErr)
}
case <-cancel: case <-cancel:
return nil return nil
} }

4
libpod/oci_conmon_linux.go
View File

@ -701,6 +701,10 @@ func (r *ConmonOCIRuntime) HTTPAttach(ctr *Container, req *http.Request, w http.
if err != nil { if err != nil {
return err return err
} }
// copy stdin is done, close it
if connErr := conn.CloseWrite(); connErr != nil {
logrus.Errorf("Unable to close conn: %v", connErr)
}
case <-cancel: case <-cancel:
return nil return nil
} }

14
pkg/bindings/containers/attach.go
View File

@ -157,24 +157,24 @@ func Attach(ctx context.Context, nameOrID string, stdin io.Reader, stdout io.Wri
} }
stdoutChan := make(chan error) stdoutChan := make(chan error)
stdinChan := make(chan error) stdinChan := make(chan error, 1) //stdin channel should not block
if isSet.stdin { if isSet.stdin {
go func() { go func() {
logrus.Debugf("Copying STDIN to socket") logrus.Debugf("Copying STDIN to socket")
_, err := utils.CopyDetachable(socket, stdin, detachKeysInBytes) _, err := utils.CopyDetachable(socket, stdin, detachKeysInBytes)
if err != nil && err != define.ErrDetach { if err != nil && err != define.ErrDetach {
logrus.Errorf("Failed to write input to service: %v", err) logrus.Errorf("Failed to write input to service: %v", err)
} }
stdinChan <- err if err == nil {
if closeWrite, ok := socket.(CloseWriter); ok {
if closeWrite, ok := socket.(CloseWriter); ok { if err := closeWrite.CloseWrite(); err != nil {
if err := closeWrite.CloseWrite(); err != nil { logrus.Warnf("Failed to close STDIN for writing: %v", err)
logrus.Warnf("Failed to close STDIN for writing: %v", err) }
} }
} }
stdinChan <- err
}() }()
} }

6
test/system/030-run.bats
View File

@ -725,4 +725,10 @@ EOF
is "$output" "Error: strconv.ParseInt: parsing \"a\": invalid syntax" is "$output" "Error: strconv.ParseInt: parsing \"a\": invalid syntax"
} }
@test "podman run closes stdin" {
random_1=$(random_string 25)
run_podman run -i --rm $IMAGE cat <<<"$random_1"
is "$output" "$random_1" "output matches STDIN"
}
# vim: filetype=sh # vim: filetype=sh