Skip to content

Commit

Permalink
Compare mount by value instead of reference
Browse files Browse the repository at this point in the history
This has to be since the mounts are reloaded
each time a mount is added. In case of two
mounts mounting at the same time there will
be a race condition for applying policy.

Signed-off-by: NymanRobin <[email protected]>
  • Loading branch information
NymanRobin committed May 2, 2024
1 parent 54745f1 commit fcea5c9
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 1 deletion.
3 changes: 2 additions & 1 deletion actions/policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import (
"os"
"os/user"

"github.com/google/go-cmp/cmp"
"github.com/pkg/errors"
"google.golang.org/protobuf/proto"

Expand Down Expand Up @@ -525,7 +526,7 @@ func (policy *Policy) RemoveProtector(protectorDescriptor string) error {
func (policy *Policy) Apply(path string) error {
if pathMount, err := filesystem.FindMount(path); err != nil {
return err
} else if pathMount != policy.Context.Mount {
} else if !cmp.Equal(pathMount, policy.Context.Mount) {
return &ErrDifferentFilesystem{policy.Context.Mount, pathMount}
}

Expand Down
20 changes: 20 additions & 0 deletions filesystem/mountpoint_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ import (
"path/filepath"
"strings"
"testing"

"github.com/google/go-cmp/cmp"
)

func TestLoadMountInfo(t *testing.T) {
Expand Down Expand Up @@ -544,3 +546,21 @@ func BenchmarkLoadFirst(b *testing.B) {
}
}
}

// Test mount comparison by values instead of by reference,
// as the map mountsByDevice gets recreated on each load.
// This ensures that concurrent mounts work properly.
func TestMountComparission(t *testing.T) {
var mountinfo = `
15 0 259:3 / /home rw,relatime shared:1 - ext4 /dev/root rw,data=ordered
`
beginLoadMountInfoTest()
loadMountInfoFromString(mountinfo)
fisrtMnt := mountForDevice("259:3")
loadMountInfoFromString(mountinfo)
defer endLoadMountInfoTest()
secondMnt := mountForDevice("259:3")
if !cmp.Equal(fisrtMnt, secondMnt) {
t.Fatal("Mount comparission does not work")

Check failure on line 564 in filesystem/mountpoint_test.go

View workflow job for this annotation

GitHub Actions / Generate, format, and lint

"comparission" is a misspelling of "comparisons"
}
}
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ require (
require (
github.com/BurntSushi/toml v1.3.2 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a // indirect
golang.org/x/mod v0.12.0 // indirect
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
Expand Down

0 comments on commit fcea5c9

Please sign in to comment.