73 lines
3.1 KiB
Diff
73 lines
3.1 KiB
Diff
|
From 6357caaf6bcf413b58e587fe3df5c508275713ee Mon Sep 17 00:00:00 2001
|
||
|
|
From: zhongtao <zhongtao17@huawei.com>
|
||
|
|
Date: Thu, 15 Aug 2024 19:21:19 +1400
|
||
|
|
Subject: [PATCH 121/149] get realpath before ns mountpoint verification
|
||
|
|
|
||
|
|
Signed-off-by: zhongtao <zhongtao17@huawei.com>
|
||
|
|
---
|
||
|
|
.../entry/cri/v1/v1_cri_pod_sandbox_manager_service.cc | 9 +++++++--
|
||
|
|
.../entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc | 9 +++++++--
|
||
|
|
2 files changed, 14 insertions(+), 4 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/src/daemon/entry/cri/v1/v1_cri_pod_sandbox_manager_service.cc b/src/daemon/entry/cri/v1/v1_cri_pod_sandbox_manager_service.cc
|
||
|
|
index 77faf48a..3ece885f 100644
|
||
|
|
--- a/src/daemon/entry/cri/v1/v1_cri_pod_sandbox_manager_service.cc
|
||
|
|
+++ b/src/daemon/entry/cri/v1/v1_cri_pod_sandbox_manager_service.cc
|
||
|
|
@@ -424,6 +424,7 @@ cleanup_sandbox:
|
||
|
|
|
||
|
|
void PodSandboxManagerService::ClearCniNetwork(const std::shared_ptr<sandbox::Sandbox> sandbox, Errors &error)
|
||
|
|
{
|
||
|
|
+ char real_path[PATH_MAX] = { 0 };
|
||
|
|
std::string networkMode = sandbox->GetNetMode();
|
||
|
|
if (!namespace_is_cni(networkMode.c_str()) || !sandbox->GetNetworkReady()) {
|
||
|
|
return;
|
||
|
|
@@ -435,10 +436,14 @@ void PodSandboxManagerService::ClearCniNetwork(const std::shared_ptr<sandbox::Sa
|
||
|
|
return;
|
||
|
|
}
|
||
|
|
|
||
|
|
+ if (realpath(sandboxKey.c_str(), real_path) == NULL) {
|
||
|
|
+ ERROR("Failed to get %s realpath", sandboxKey.c_str());
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
// If the network namespace is not mounted, the network has been cleaned up
|
||
|
|
// and there is no need to call the cni plugin.
|
||
|
|
- if (!util_detect_mounted(sandboxKey.c_str())) {
|
||
|
|
- WARN("Network namespace %s not exist", sandboxKey.c_str());
|
||
|
|
+ if (strlen(real_path) != 0 && !util_detect_mounted(real_path)) {
|
||
|
|
+ ERROR("Network namespace %s not exist", real_path);
|
||
|
|
return;
|
||
|
|
}
|
||
|
|
|
||
|
|
diff --git a/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc b/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc
|
||
|
|
index 5590827e..1c343cda 100644
|
||
|
|
--- a/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc
|
||
|
|
+++ b/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc
|
||
|
|
@@ -826,6 +826,7 @@ auto PodSandboxManagerService::ClearCniNetwork(const std::string &realSandboxID,
|
||
|
|
/*error*/) -> int
|
||
|
|
{
|
||
|
|
Errors networkErr;
|
||
|
|
+ char real_path[PATH_MAX] = { 0 };
|
||
|
|
|
||
|
|
bool ready = GetNetworkReady(realSandboxID, networkErr);
|
||
|
|
if (hostNetwork || (!ready && networkErr.Empty())) {
|
||
|
|
@@ -848,10 +849,14 @@ auto PodSandboxManagerService::ClearCniNetwork(const std::string &realSandboxID,
|
||
|
|
goto cleanup;
|
||
|
|
}
|
||
|
|
|
||
|
|
+ if (realpath(netnsPath.c_str(), real_path) == NULL) {
|
||
|
|
+ ERROR("Failed to get %s realpath", netnsPath.c_str());
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
// If the network namespace is not mounted, the network has been cleaned up
|
||
|
|
// and there is no need to call the cni plugin.
|
||
|
|
- if (!util_detect_mounted(netnsPath.c_str())) {
|
||
|
|
- WARN("Network namespace %s not exist", netnsPath.c_str());
|
||
|
|
+ if (strlen(real_path) != 0 && !util_detect_mounted(real_path)) {
|
||
|
|
+ ERROR("Network namespace %s not exist", real_path);
|
||
|
|
goto cleanup;
|
||
|
|
}
|
||
|
|
|
||
|
|
--
|
||
|
|
2.25.1
|
||
|
|
|