fix(ipc): Handle unsuccessful setup for monitor environment

cmainas · cmainas · commit 2a02425abff0 · 2025-12-16T16:16:42.000Z
In case there was an error during the monitor execution environment
setup (e.g. vmm not found, rootfs issue) then the urunc start command
was keep waiting for a message from reexec that everything was ok. This
was leading to the urunc start process hanging there forever and of
course the container was staying like that.

THis commit fixes this issue and moreover it slightly refactors the
whole IPC between the urunc instances and reexec.

Signed-off-by: Charalampos Mainas &lt;cmainas@nubificus.co.uk&gt;
diff --git a/cmd/urunc/create.go b/cmd/urunc/create.go
@@ -268,16 +268,27 @@ func createUnikontainer(cmd *cli.Command, uruncCfg *unikontainers.UruncConfig) (
 	}
 	metrics.Capture(m.TS07)
 
+	err = unikontainer.CreateConn(!unikontainers.FromReexec)
+	if err != nil {
+		err = fmt.Errorf("failed to open a new connection to reexec socket: %w", err)
+		return err
+	}
+
 	// send ACK to reexec process
-	err = unikontainer.SendAckReexec()
+	err = unikontainer.SendMessage(unikontainers.AckReexec)
 	if err != nil {
 		err = fmt.Errorf("failed to send ACK to reexec process: %w", err)
-		return err
+	}
 
+	cleanErr := unikontainer.DestroyConn(!unikontainers.FromReexec)
+	if cleanErr != nil {
+		// Log the error but not return an error, since reexec has started
+		// the container setup process and any error return here will confuse
+		// the shim and the reexec process will not receive any other commands.
+		logrus.WithError(cleanErr).Error("failed to destroy connection to reexec socket")
 	}
 	metrics.Capture(m.TS08)
 
-	err = nil
 	return err
 }
 
@@ -379,7 +390,10 @@ func reexecUnikontainer(cmd *cli.Command) error {
 	metrics.Capture(m.TS05)
 
 	// wait AckReexec message on urunc.sock from parent process
-	socketPath := unikontainers.GetUruncSockAddr(baseDir)
+	// we use different functions here for the sockets, because we have not
+	// created the respective unikontainers instance yet. We need to get the Ack
+	// from urunc create first, since urunc create needs to write the pid of reexec
+	socketPath := unikontainers.GetReexecSockAddr(baseDir)
 	err = unikontainers.ListenAndAwaitMsg(socketPath, unikontainers.AckReexec)
 	if err != nil {
 		return err
@@ -406,14 +420,63 @@ func reexecUnikontainer(cmd *cli.Command) error {
 	metrics.Capture(m.TS10)
 
 	// wait StartExecve message on urunc.sock from urunc start process
-	err = unikontainers.ListenAndAwaitMsg(socketPath, unikontainers.StartExecve)
+	err = unikontainer.CreateListener(unikontainers.FromReexec)
 	if err != nil {
+		return fmt.Errorf("error creating listener on reexec socket: %w", err)
+	}
+	awaitErr := unikontainer.AwaitMsg(unikontainers.StartExecve)
+	// Before checking for any errors, make sure to clean up the socket
+	cleanErr := unikontainer.DestroyListener(unikontainers.FromReexec)
+	if cleanErr != nil {
+		logrus.WithError(cleanErr).Error("failed to destroy listener on reexec socket")
+		cleanErr = fmt.Errorf("error destroying listener on reexec socket: %w", cleanErr)
+	}
+	// NOTE: Currently, we do not fail in case the socket cleanup fails
+	// because urunc start has told reexec to start preparing the execution
+	// environment for the monitor. Therefore, if the socket cleanup affects the
+	// preparation the error will get manifested later. However, if environment
+	// setup goes well and the socket was not cleaned up corectly,
+	// we execve the monitor and we rely on Go's close-on-exec feature in all file
+	// descriptors. THerefore, we might want to rethink this in future and not rely
+	// on Go, but this requires quite a a lot of changes.
+	if awaitErr != nil {
+		awaitErr = fmt.Errorf("error waiting START message: %w", awaitErr)
+		err = errors.Join(awaitErr, cleanErr)
 		return err
 	}
 	metrics.Capture(m.TS14)
 
+	err = unikontainer.CreateConn(unikontainers.FromReexec)
+	if err != nil {
+		return fmt.Errorf("error creating connection to urunc socket: %w", err)
+	}
+	// NOTE: More changes are required for a proper handling of this cleanup.
+	// Currently, the cleanup will happen if something fails in the container
+	// setup and unikontainers.Exec returns with an error. In that case, we also
+	// ignore any errors, since it is a simple socket cleanup and the process exits.
+	// If unikontainers.Exec succeeds though, then we will never execute this
+	// cleanup, since we execve to the monitor process. In that case, we relyonce more
+	// in Go's close on exec handling of all file descriptors. In the future, we might
+	// want to revisit this and rely less in Go.
+	defer func() {
+		tmpErr := unikontainer.DestroyConn(unikontainers.FromReexec)
+		if tmpErr != nil {
+			logrus.WithError(tmpErr).Error("failed to destroy connection on reexec socket")
+		}
+	}()
+
 	// execve
 	// we need to pass metrics to Exec() function, as the unikontainer
 	// struct does not have the part of urunc config that configures metrics
-	return unikontainer.Exec(metrics)
+	var sockErr error
+	err = unikontainer.Exec(metrics)
+	if err != nil {
+		logrus.WithError(err).Error("Setting up execution environment for monitor")
+		sockErr = unikontainer.SendMessage(unikontainers.StartErr)
+		if sockErr != nil {
+			logrus.WithError(sockErr).Error("failed to send error message to urunc socket")
+		}
+	}
+
+	return errors.Join(err, sockErr)
 }
diff --git a/cmd/urunc/start.go b/cmd/urunc/start.go
@@ -16,6 +16,8 @@ package main
 
 import (
 	"context"
+	"errors"
+	"fmt"
 	"os"
 
 	"github.com/sirupsen/logrus"
@@ -56,27 +58,56 @@ func startUnikontainer(cmd *cli.Command) error {
 	}
 	metrics.Capture(m.TS12)
 
-	sockAddr := unikontainers.GetStartSockAddr(unikontainer.BaseDir)
-	listener, cleaner, err := unikontainers.CreateListener(sockAddr, true)
+	err = unikontainer.CreateListener(!unikontainers.FromReexec)
 	if err != nil {
 		return err
 	}
-	defer cleaner()
+	// NOTE: We ignore any errors from the DestroyListener here, because
+	// the reexec process has already started the monitor execution and hence
+	// returning an error would confuse the shim. Furthermore, this process
+	// exits. However, we might want to revisit this in the future and
+	// handle it better.
+	defer func() {
+		tmpErr := unikontainer.DestroyListener(!unikontainers.FromReexec)
+		if tmpErr != nil {
+			logrus.WithError(tmpErr).Error("failed to destroy listener on reexec socket")
+		}
+	}()
 
-	err = unikontainer.SendStartExecve()
+	// Send message to reexec to start the monitor
+	err = unikontainer.CreateConn(!unikontainers.FromReexec)
+	if err != nil {
+		err = fmt.Errorf("failed to create connection with reexec socket: %w", err)
+		return err
+	}
+	sendErr := unikontainer.SendMessage(unikontainers.StartExecve)
+	if sendErr != nil {
+		logrus.WithError(sendErr).Error("failed to send START message to reexec")
+		sendErr = fmt.Errorf("error sending START message: %w", sendErr)
+	}
+	// Regardless of the SendMessage status, make sure to clean up the socket,
+	// since it is not required anymore
+	cleanErr := unikontainer.DestroyConn(!unikontainers.FromReexec)
+	if cleanErr != nil {
+		logrus.WithError(cleanErr).Error("failed to destroy connection to reexec socket")
+		cleanErr = fmt.Errorf("error destroying connection to reexec socket: %w", cleanErr)
+	}
+	err = errors.Join(sendErr, cleanErr)
 	if err != nil {
 		return err
 	}
 	metrics.Capture(m.TS13)
 
 	// wait ContainerStarted message on start.sock from reexec process
-	err = unikontainers.AwaitMessage(listener, unikontainers.ContainerStarted)
+	err = unikontainer.AwaitMsg(unikontainers.StartSuccess)
 	if err != nil {
+		err = fmt.Errorf("failed to get message from successful start from reexec: %w", err)
 		return err
 	}
 
 	err = unikontainer.SetRunningState()
 	if err != nil {
+		err = fmt.Errorf("failed to set the state as running for container: %w", err)
 		return err
 	}
 
diff --git a/pkg/unikontainers/ipc.go b/pkg/unikontainers/ipc.go
@@ -30,14 +30,18 @@ import (
 type IPCMessage string
 
 const (
-	startSock                   = "start.sock"
-	uruncSock                   = "urunc.sock"
-	ReexecStarted    IPCMessage = "BOOTED"
-	AckReexec        IPCMessage = "ACK"
-	StartExecve      IPCMessage = "START"
-	ContainerStarted IPCMessage = "CNTR_STARTED"
-	maxRetries                  = 50
-	waitTime                    = 5 * time.Millisecond
+	// Socket for messages towards reexec. The reexec process listens in this socket
+	reexecSock = "reexec.sock"
+	// Socket for messages from reexec. The reexec process writes in this socket
+	uruncSock                = "urunc.sock"
+	ReexecStarted IPCMessage = "RX_START"
+	AckReexec     IPCMessage = "UC_ACK"
+	StartExecve   IPCMessage = "UC_START"
+	StartSuccess  IPCMessage = "RX_SUCCESS"
+	StartErr      IPCMessage = "RX_EDROR"
+	maxRetries               = 50
+	waitTime                 = 5 * time.Millisecond
+	FromReexec               = true
 )
 
 func getSockAddr(dir string, name string) string {
@@ -48,8 +52,12 @@ func getUruncSockAddr(containerDir string) string {
 	return getSockAddr(containerDir, uruncSock)
 }
 
-func getStartSockAddr(baseDir string) string {
-	return getSockAddr(baseDir, startSock)
+func getReexecSockAddr(baseDir string) string {
+	return getSockAddr(baseDir, reexecSock)
+}
+
+func GetReexecSockAddr(baseDir string) string {
+	return getReexecSockAddr(baseDir)
 }
 
 func ensureValidSockAddr(sockAddr string) error {
@@ -125,32 +133,21 @@ func sendIPCMessageWithRetry(socketAddress string, message IPCMessage, mustBeVal
 	return err
 }
 
-// CreateListener sets up a listener for new connection to socketAddress
-func CreateListener(socketAddress string, mustBeValid bool) (*net.UnixListener, func(), error) {
+// createListener sets up a listener for new connection to socketAddress
+func createListener(socketAddress string, mustBeValid bool) (*net.UnixListener, error) {
 	if mustBeValid {
 		err := ensureValidSockAddr(socketAddress)
 		if err != nil {
-			return nil, nil, err
+			return nil, err
 		}
 	}
 
 	listener, err := net.ListenUnix("unix", &net.UnixAddr{Name: socketAddress, Net: "unix"})
 	if err != nil {
-		return nil, nil, err
-	}
-
-	cleanup := func() {
-		derr := listener.Close()
-		if derr != nil {
-			logrus.WithError(derr).Error("failed to close listener")
-		}
-		derr = syscall.Unlink(socketAddress)
-		if derr != nil {
-			logrus.WithError(derr).Errorf("failed to unlink %s", socketAddress)
-		}
+		return nil, err
 	}
 
-	return listener, cleanup, nil
+	return listener, nil
 }
 
 // awaitMessage opens a new connection to socketAddress
@@ -177,3 +174,29 @@ func AwaitMessage(listener *net.UnixListener, expectedMessage IPCMessage) error
 	}
 	return nil
 }
+
+func ListenAndAwaitMsg(sockAddr string, msg IPCMessage) error {
+	listener, err := createListener(sockAddr, true)
+	if err != nil {
+		err = fmt.Errorf("failed to create listener at %s: %w", sockAddr, err)
+		return err
+	}
+
+	err = AwaitMessage(listener, msg)
+	if err != nil {
+		err = fmt.Errorf("failed to get message %s: %w", msg, err)
+		return err
+	}
+
+	err = listener.Close()
+	if err != nil {
+		uniklog.WithError(err).Errorf("failed to close listener at %s", sockAddr)
+	}
+
+	err = syscall.Unlink(sockAddr)
+	if err != nil {
+		uniklog.WithError(err).Errorf("failed to unlink socket at %s", sockAddr)
+	}
+
+	return nil
+}
diff --git a/pkg/unikontainers/ipc_test.go b/pkg/unikontainers/ipc_test.go
@@ -141,11 +141,11 @@ func TestSendIPCMessageWithRetry(t *testing.T) {
 func TestCreateListener(t *testing.T) {
 	socketAddress := "/tmp/test_create_listener.sock"
 
-	listener, cleaner, err := CreateListener(socketAddress, true)
+	listener, err := createListener(socketAddress, true)
 	if err != nil {
 		t.Fatalf("Failed to create listener: %v", err)
 	}
-	defer cleaner()
+	defer listener.Close()
 
 	assert.NotNil(t, listener, "Expected listener to be created")
 }
@@ -154,11 +154,11 @@ func TestAwaitMessage(t *testing.T) {
 	socketAddress := "/tmp/test_await_message.sock"
 	expectedMessage := ReexecStarted
 
-	listener, cleaner, err := CreateListener(socketAddress, true)
+	listener, err := createListener(socketAddress, true)
 	if err != nil {
 		t.Fatalf("Failed to create listener: %v", err)
 	}
-	defer cleaner()
+	defer listener.Close()
 
 	go func() {
 		conn, err := net.Dial("unix", socketAddress)
diff --git a/pkg/unikontainers/rootfs.go b/pkg/unikontainers/rootfs.go
@@ -172,7 +172,7 @@ func (rs *rootfsSelector) tryContainerRootfs() (types.RootfsParams, bool) {
 		return result, true
 	}
 
-	uniklog.Error("can not use the container rootfs as block, or through shared-fs")
+	uniklog.Error("can not use the container rootfs as the sandbox's guest rootfs through block or shared-fs")
 	return types.RootfsParams{}, false
 }
 
@@ -225,7 +225,7 @@ func chooseRootfs(bundle string, cntrRootfs string, annot map[string]string,
 	}
 
 	if selector.shouldMountContainerRootfs() {
-		return types.RootfsParams{}, fmt.Errorf("can not mount container's rootfs as block or through shared-fs to guest")
+		return types.RootfsParams{}, fmt.Errorf("can not use the container rootfs as the sandbox's guest rootfs through block or shared-fs")
 	}
 
 	uniklog.Info("no rootfs configured for guest")
diff --git a/pkg/unikontainers/unikontainers.go b/pkg/unikontainers/unikontainers.go

Original file line number	Diff line number	Diff line change
`@@ -172,7 +172,7 @@ func (rs *rootfsSelector) tryContainerRootfs() (types.RootfsParams, bool) {`
`172`	`172`	`return result, true`
`173`	`173`	`}`
`174`	`174`
`175`		`- uniklog.Error("can not use the container rootfs as block, or through shared-fs")`
	`175`	`+ uniklog.Error("can not use the container rootfs as the sandbox's guest rootfs through block or shared-fs")`
`176`	`176`	`return types.RootfsParams{}, false`
`177`	`177`	`}`
`178`	`178`
`@@ -225,7 +225,7 @@ func chooseRootfs(bundle string, cntrRootfs string, annot map[string]string,`
`225`	`225`	`}`
`226`	`226`
`227`	`227`	`if selector.shouldMountContainerRootfs() {`
`228`		`- return types.RootfsParams{}, fmt.Errorf("can not mount container's rootfs as block or through shared-fs to guest")`
	`228`	`+ return types.RootfsParams{}, fmt.Errorf("can not use the container rootfs as the sandbox's guest rootfs through block or shared-fs")`
`229`	`229`	`}`
`230`	`230`
`231`	`231`	`uniklog.Info("no rootfs configured for guest")`