Merge pull request #25586 from mheon/fix_25585

Fix a potential deadlock during `podman cp`
2025-03-14 15:13:24 +00:00 · 2025-03-14 15:13:24 +00:00 · ca10fce595
parent f981584f91 687fe08f42
commit ca10fce595
3 changed files with 15 additions and 18 deletions
--- a/libpod/container_copy_common.go
+++ b/libpod/container_copy_common.go
@ -160,10 +160,10 @@ func (c *Container) copyFromArchive(path string, chown, noOverwriteDirNonDir boo
 			// populated the volume and that will block a future
 			// copy-up.
 			volume.lock.Lock()
+			defer volume.lock.Unlock()

 			if err := volume.update(); err != nil {
 				logrus.Errorf("Unable to update volume %s status: %v", volume.Name(), err)
-				volume.lock.Unlock()
 				return
 			}

@ -172,15 +172,12 @@ func (c *Container) copyFromArchive(path string, chown, noOverwriteDirNonDir boo
 				volume.state.CopiedUp = true
 				if err := volume.save(); err != nil {
 					logrus.Errorf("Unable to save volume %s state: %v", volume.Name(), err)
-					volume.lock.Unlock()
 					return
 				}

-				volume.lock.Unlock()
-
 				for _, namedVol := range c.config.NamedVolumes {
 					if namedVol.Name == volume.Name() {
-						if err := c.fixVolumePermissions(namedVol); err != nil {
+						if err := c.fixVolumePermissionsUnlocked(namedVol, volume); err != nil {
 							logrus.Errorf("Unable to fix volume %s permissions: %v", volume.Name(), err)
 						}
 						return
--- a/libpod/container_internal_common.go
+++ b/libpod/container_internal_common.go
@ -2949,6 +2949,10 @@ func (c *Container) fixVolumePermissions(v *ContainerNamedVolume) error {
 	vol.lock.Lock()
 	defer vol.lock.Unlock()

+	return c.fixVolumePermissionsUnlocked(v, vol)
+}
+
+func (c *Container) fixVolumePermissionsUnlocked(v *ContainerNamedVolume, vol *Volume) error {
 	// The volume may need a copy-up. Check the state.
 	if err := vol.update(); err != nil {
 		return err
--- a/test/e2e/cp_test.go
+++ b/test/e2e/cp_test.go
@ -280,22 +280,18 @@ RUN chown 9999:9999 %s`, ALPINE, ctrVolPath, ctrVolPath)
 		defer srcFile.Close()
 		defer os.Remove(srcFile.Name())

-		volCreate := podmanTest.Podman([]string{"volume", "create", volName})
-		volCreate.WaitWithDefaultTimeout()
-		Expect(volCreate).Should(ExitCleanly())
+		_ = podmanTest.PodmanExitCleanly("volume", "create", volName)
+		_ = podmanTest.PodmanExitCleanly("create", "--name", ctrName, "-v", fmt.Sprintf("%s:%s", volName, ctrVolPath), imgName, "sh")

-		ctrCreate := podmanTest.Podman([]string{"create", "--name", ctrName, "-v", fmt.Sprintf("%s:%s", volName, ctrVolPath), imgName, "sh"})
-		ctrCreate.WaitWithDefaultTimeout()
-		Expect(ctrCreate).To(ExitCleanly())
+		_ = podmanTest.PodmanExitCleanly("cp", srcFile.Name(), fmt.Sprintf("%s:%s", ctrName, ctrVolPath))

-		cp := podmanTest.Podman([]string{"cp", srcFile.Name(), fmt.Sprintf("%s:%s", ctrName, ctrVolPath)})
-		cp.WaitWithDefaultTimeout()
-		Expect(cp).To(ExitCleanly())
-
-		ls := podmanTest.Podman([]string{"run", "-v", fmt.Sprintf("%s:%s", volName, ctrVolPath), ALPINE, "ls", "-al", ctrVolPath})
-		ls.WaitWithDefaultTimeout()
-		Expect(ls).To(ExitCleanly())
+		ls := podmanTest.PodmanExitCleanly("run", "-v", fmt.Sprintf("%s:%s", volName, ctrVolPath), ALPINE, "ls", "-al", ctrVolPath)
 		Expect(ls.OutputToString()).To(ContainSubstring("9999 9999"))
 		Expect(ls.OutputToString()).To(ContainSubstring(filepath.Base(srcFile.Name())))
+
+		// Test for #25585
+		_ = podmanTest.PodmanExitCleanly("rm", ctrName)
+		_ = podmanTest.PodmanExitCleanly("create", "--name", ctrName, "-v", fmt.Sprintf("%s:%s", volName, ctrVolPath), imgName, "sh")
+		_ = podmanTest.PodmanExitCleanly("cp", srcFile.Name(), fmt.Sprintf("%s:%sfile2", ctrName, ctrVolPath))
 	})
 })