This repository has been archived by the owner on Jun 11, 2020. It is now read-only.
[17.06] backport: Avoid race when opening exec fifo #4
Commits on Mar 12, 2018
-
Avoid race when opening exec fifo
When starting a container with `runc start` or `runc run`, the stub process (runc[2:INIT]) opens a fifo for writing. Its parent runc process will open the same fifo for reading. In this way, they synchronize. If the stub process exits at the wrong time, the parent runc process will block forever. This can happen when racing 2 runc operations against each other: `runc run/start`, and `runc delete`. It could also happen for other reasons, e.g. the kernel's OOM killer may select the stub process. This commit resolves this race by racing the opening of the exec fifo from the runc parent process against the stub process exiting. If the stub process exits before we open the fifo, we return an error. Another solution is to wait on the stub process. However, it seems it would require more refactoring to avoid calling wait multiple times on the same process, which is an error. Signed-off-by: Craig Furman <cfurman@pivotal.io> (cherry picked from commit 8d3e6c9) Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
-
Return from goroutine when it should terminate
Signed-off-by: Craig Furman <cfurman@pivotal.io> (cherry picked from commit 5c0af14) Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Commits on Mar 13, 2018
-
Signed-off-by: Tibor Vass <tibor@docker.com>
-
Fix compile errors and port TestParseState
Signed-off-by: Andrew Hsu <andrewhsu@docker.com> Signed-off-by: Tibor Vass <tibor@docker.com>
-
tests: allow to load kernel modules from a test container
CRIU needs to load a few modules to checkpoint/resume containers. opencontainers#1745 Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
-
libcontainer/console_linux.go: Make SaneTerminal public
And use it only in local tooling that is forwarding the pseudoterminal master. That way runC no longer has an opinion on the onlcr setting for folks who are creating a terminal and detaching. They'll use --console-socket and can setup the pseudoterminal however they like without runC having an opinion. With this commit, the only cases where runC still has applies SaneTerminal is when *it* is the process consuming the master descriptor. Signed-off-by: W. Trevor King <wking@tremily.us> (cherry picked from commit 830c0d7) Signed-off-by: Tibor Vass <tibor@docker.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.