linux_masked_paths integration test #2950
Conversation
nayuta-ai
force-pushed
the
integration_test/linux_masked_paths
branch
from
063d558
to
6d0604c
Compare
tests/contest/contest/src/tests/linux_masked_paths/masked_paths.rs
Outdated
Show resolved
Hide resolved
nayuta-ai
force-pushed
the
integration_test/linux_masked_paths
branch
from
52b4683
to
448504e
Compare
|
@utam0k Thank you for the review! Please review my code again. |
nayuta-ai
force-pushed
the
integration_test/linux_masked_paths
branch
from
d3600be
to
62e5e1a
Compare
nayuta-ai
force-pushed
the
integration_test/linux_masked_paths
branch
4 times, most recently
from
7fa807b
to
2baa120
Compare
Hey, thanks a lot, I'll try to get to this today or so. |
| Err(_) => { | ||
| Ok(false) // If there's an error, then it's not readable | ||
| } |
There was a problem hiding this comment.
nit: can there be any kind of error which are unrelated, and do not actually indicate readability?
There was a problem hiding this comment.
Yes, it is possible. Basically, it is the case that there is no file in the path, but there are also temporary errors, such as network issues.
There was a problem hiding this comment.
ok. How frequently have you run into these other errors if at all? If the frequency of them is small, then this is ok. If that is the case, please reply and mark this comment as resolved, as no change is needed.
There was a problem hiding this comment.
Apologies for the additional comment. I revised this to return an error and expect only the ENOENT case, which I believe addresses the concern.
8ec531f
| if contents.is_empty() { | ||
| // empty file | ||
| return Ok(false); | ||
| } |
There was a problem hiding this comment.
Even though file is empty, getting Ok(_) would mean the operation succeeded and we have read access, right? And can you comment this code, or (if possible) restructure. it was a little confusing when reading.
There was a problem hiding this comment.
In a masked path, references to file names are possible, but the contents of the file cannot be accessed. Therefore, in the read access test, we check whether the file is empty. According to https://github.com/opencontainers/runtime-tools/blob/master/cmd/runtimetest/main.go#L416, the test for masked paths can determine if the file is empty by checking if the number of bytes read with read is 0, which indicates EOF.
There was a problem hiding this comment.
I think it would be good to refactor it as shown below, so I would like to modify this implementation approach and add comments. Is this method sufficient?
| if contents.is_empty() { | |
| // empty file | |
| return Ok(false); | |
| } | |
| fn test_file_read_access(path: &str) -> Result<bool, std::io::Error> { | |
| let mut file = OpenOptions::new().create(false).read(true).open(path)?; | |
| // Create a buffer with a capacity of 1 byte | |
| let mut buffer = [0u8; 1]; | |
| match file.read(&mut buffer) { | |
| Ok(0) => Ok(false), | |
| Ok(_) => Ok(true), | |
| Err(e) => Err(e), | |
| } | |
| } |
There was a problem hiding this comment.
ok, so going in original test, this comment explains that if we get eof (or in our case a 0 bytes read) that indicates blocked read, because the tests use files with some content. Please add a similar comment.
Also in your refactored approach, you need to account for EOF error like the current code has. Other than that the refactored code has much better readability.
tests/contest/contest/src/tests/linux_masked_paths/masked_paths.rs
Outdated
Show resolved
Hide resolved
| match fs::metadata(&test_file) { | ||
| io::Result::Ok(md) => { | ||
| bail!( | ||
| "reading path {:?} should have given error, found {:?} instead", | ||
| test_file, | ||
| md | ||
| ) | ||
| } | ||
| io::Result::Err(e) => { | ||
| let err = e.kind(); | ||
| if let io::ErrorKind::NotFound = err { | ||
| Ok(()) | ||
| } else { | ||
| bail!("expected not found error, got {:?}", err); | ||
| } | ||
| } | ||
| } | ||
| }) |
There was a problem hiding this comment.
Why is this check here? we should be checking this in the runtime test and here we should be creating the path, right? Or did I misunderstood anything?
There was a problem hiding this comment.
When setting a masked path, it is impossible to determine whether it is a relative path, so I added this to verify whether it meets the test requirements at the time of creation. This implementation is also adopted in runtime-tools, so verification is necessary.
There was a problem hiding this comment.
ok, so I see that you have carried over the implementation from go tests, but I'm still having a bit of difficulty understanding this -
- The go code seems to checks that if error is not null and error is not found, then return error, else return null. I.e. if the error is not found, then the prepare function will return error, other wise not. Here the behavior seems to be opposite.
- Also, this function/closure we pass, both here and in go code, will be executed before runtime has done anything. This is supposed to prepare the rootfs for tests running inside the container. Given that, what exactly is this checking? This will be running on plain bundle fs that is created for each test, It is ofcourse not going to find any of the files.
What I'm thinking here is that even the go tests have slightly incorrect implementation (which has happened before). Can you confirm going through comments in go code and seeing what the test is supposed to check, and what it is actually validating?
There was a problem hiding this comment.
There are cases where the Go implementation may be incorrect. I'll check it out.
There was a problem hiding this comment.
I posted a question in the Issue because I couldn’t fully grasp the purpose of this test.(opencontainers/runtime-tools#780 )
This is my own opinion, but I believe the test might be trying to illustrate a discrepancy where the path added to masked_path is specified from the host system’s perspective, resulting in an unintended relative path from / inside the container that doesn’t match the expected path.
As for addressing this test, we could:
- Add the above comment
- Wait for a response on the Issue before deciding
- Delete the test
- Refactor the test
If we choose to improve the test, I think the following approach could work:
- Create a file inside the container we want to mask (
masked-relpath). - Specify the relative path from the host system (
./bundle/rootfs/masked-relpath) as the path to mask. - After creating the container, verify that the file is masked by checking if it exists at the expected path without the
./bundle/rootfsprefix.
Do you think this would be a good approach?
| } | ||
| }; | ||
|
|
||
| match fs::metadata(r_path) { |
There was a problem hiding this comment.
The validation for fs::metadata will be similar to the following comment.
#2950 (comment)
| } | ||
| } | ||
|
|
||
| fn test_node(mode: u32) -> TestResult { |
There was a problem hiding this comment.
| fn test_node(mode: u32) -> TestResult { | |
| fn test_mode(mode: u32) -> TestResult { |
typo?
| if let TestResult::Failed(_) = res { | ||
| return res; | ||
| } | ||
| std::thread::sleep(std::time::Duration::from_millis(1000)); |
There was a problem hiding this comment.
Are we sleeping to make sure the container exists? or some other reason? Please add a comment in code.
There was a problem hiding this comment.
It is unnecessary for this test, so I have deleted it.
8ec531f
|
@nayuta-ai , I have replied to comments, also the PR has conflicts with main, Please make the suggested changes and resolve conflicts. Thanks. |
nayuta-ai
force-pushed
the
integration_test/linux_masked_paths
branch
from
27f3230
to
48739f7
Compare
Signed-off-by: nayuta-ai <nayuta723@gmail.com>
…s.rs Signed-off-by: nayuta-ai <nayuta723@gmail.com>
Signed-off-by: nayuta-ai <nayuta723@gmail.com>
Signed-off-by: nayuta-ai <nayuta723@gmail.com>
Signed-off-by: nayuta-ai <nayuta723@gmail.com>
nayuta-ai
force-pushed
the
integration_test/linux_masked_paths
branch
from
48739f7
to
8ec531f
Compare
Signed-off-by: nayuta-ai <nayuta723@gmail.com>
Summary
Create linux_masked_paths integration test.
Related Issue
#361
Refer