github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #5195 from fuweid/fix-5173

Browse Source 
runtime/v2/runc: fix leaking socket path
This commit is contained in:
Phil Estes
2021-03-17 09:33:41 -04:00
committed by GitHub
parent 1a0973dde3 d895118c7c
commit a0cc9b432d
3 changed files with 34 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
runtime/v2/runc/v1/service.go
View File

@@ -153,6 +153,11 @@ func (s *service) StartShim(ctx context.Context, id, containerdBinary, container
_ = shim.RemoveSocket(address) _ = shim.RemoveSocket(address)
} }
}() }()
// make sure that reexec shim-v2 binary use the value if need
if err := shim.WriteAddress("address", address); err != nil {
return "", err
}
f, err := socket.File() f, err := socket.File()
if err != nil { if err != nil {
return "", err return "", err
@@ -174,9 +179,6 @@ func (s *service) StartShim(ctx context.Context, id, containerdBinary, container
if err := shim.WritePidFile("shim.pid", cmd.Process.Pid); err != nil { if err := shim.WritePidFile("shim.pid", cmd.Process.Pid); err != nil {
return "", err return "", err
} }
if err := shim.WriteAddress("address", address); err != nil {
return "", err
}
if data, err := ioutil.ReadAll(os.Stdin); err == nil { if data, err := ioutil.ReadAll(os.Stdin); err == nil {
if len(data) > 0 { if len(data) > 0 {
var any ptypes.Any var any ptypes.Any
@@ -209,6 +211,12 @@ func (s *service) StartShim(ctx context.Context, id, containerdBinary, container
} }
func (s *service) Cleanup(ctx context.Context) (*taskAPI.DeleteResponse, error) { func (s *service) Cleanup(ctx context.Context) (*taskAPI.DeleteResponse, error) {
if address, err := shim.ReadAddress("address"); err == nil {
if err = shim.RemoveSocket(address); err != nil {
return nil, err
}
}
path, err := os.Getwd() path, err := os.Getwd()
if err != nil { if err != nil {
return nil, err return nil, err
@@ -562,11 +570,10 @@ func (s *service) Connect(ctx context.Context, r *taskAPI.ConnectRequest) (*task
} }
func (s *service) Shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (*ptypes.Empty, error) { func (s *service) Shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (*ptypes.Empty, error) {
// please make sure that temporary resource has been cleanup
// before shutdown service.
s.cancel() s.cancel()
close(s.events) close(s.events)
if address, err := shim.ReadAddress("address"); err == nil {
_ = shim.RemoveSocket(address)
}
return empty, nil return empty, nil
} }

18
runtime/v2/runc/v2/service.go
View File

@@ -220,6 +220,12 @@ func (s *service) StartShim(ctx context.Context, id, containerdBinary, container
_ = shim.RemoveSocket(address) _ = shim.RemoveSocket(address)
} }
}() }()
// make sure that reexec shim-v2 binary use the value if need
if err := shim.WriteAddress("address", address); err != nil {
return "", err
}
f, err := socket.File() f, err := socket.File()
if err != nil { if err != nil {
return "", err return "", err
@@ -238,9 +244,6 @@ func (s *service) StartShim(ctx context.Context, id, containerdBinary, container
}() }()
// make sure to wait after start // make sure to wait after start
go cmd.Wait() go cmd.Wait()
if err := shim.WriteAddress("address", address); err != nil {
return "", err
}
if data, err := ioutil.ReadAll(os.Stdin); err == nil { if data, err := ioutil.ReadAll(os.Stdin); err == nil {
if len(data) > 0 { if len(data) > 0 {
var any ptypes.Any var any ptypes.Any
@@ -290,6 +293,7 @@ func (s *service) Cleanup(ctx context.Context) (*taskAPI.DeleteResponse, error)
if err != nil { if err != nil {
return nil, err return nil, err
} }
path := filepath.Join(filepath.Dir(cwd), s.id) path := filepath.Join(filepath.Dir(cwd), s.id)
ns, err := namespaces.NamespaceRequired(ctx) ns, err := namespaces.NamespaceRequired(ctx)
if err != nil { if err != nil {
@@ -668,15 +672,19 @@ func (s *service) Shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (*pt
if len(s.containers) > 0 { if len(s.containers) > 0 {
return empty, nil return empty, nil
} }
s.cancel()
close(s.events)
if s.platform != nil { if s.platform != nil {
s.platform.Close() s.platform.Close()
} }
if s.shimAddress != "" { if s.shimAddress != "" {
_ = shim.RemoveSocket(s.shimAddress) _ = shim.RemoveSocket(s.shimAddress)
} }
// please make sure that temporary resource has been cleanup
// before shutdown service.
s.cancel()
close(s.events)
return empty, nil return empty, nil
} }

13
runtime/v2/shim/shim.go
View File

@@ -239,6 +239,13 @@ func run(id string, initFunc Init, config Config) error {
return err return err
} }
} }
// NOTE: If the shim server is down(like oom killer), the address
// socket might be leaking.
if address, err := ReadAddress("address"); err == nil {
_ = RemoveSocket(address)
}
select { select {
case <-publisher.Done(): case <-publisher.Done():
return nil return nil
@@ -299,15 +306,11 @@ func serve(ctx context.Context, server *ttrpc.Server, path string) error {
return err return err
} }
go func() { go func() {
defer l.Close()
if err := server.Serve(ctx, l); err != nil && if err := server.Serve(ctx, l); err != nil &&
!strings.Contains(err.Error(), "use of closed network connection") { !strings.Contains(err.Error(), "use of closed network connection") {
logrus.WithError(err).Fatal("containerd-shim: ttrpc server failure") logrus.WithError(err).Fatal("containerd-shim: ttrpc server failure")
} }
l.Close()
if address, err := ReadAddress("address"); err == nil {
_ = RemoveSocket(address)
}
}() }()
return nil return nil
} }