From 5b87aca29829338b046ece8a434c94a476d704ba Mon Sep 17 00:00:00 2001 From: Lucy C <12953208+elvece@users.noreply.github.com> Date: Fri, 21 Jan 2022 10:53:59 -0700 Subject: [PATCH] Bugfix/backup lock (#1093) * add write lock before getting model * update compat cargo.lock file * update encryptfs passphrase cmd * add additional safeguards around dropping stdin handles * proper lock ordering for server status --- appmgr/src/action/docker.rs | 3 ++ appmgr/src/backup/backup_bulk.rs | 14 ++++-- appmgr/src/disk/mount/filesystem/ecryptfs.rs | 4 +- appmgr/src/manager/mod.rs | 2 +- system-images/compat/Cargo.lock | 49 ++++++++++---------- 5 files changed, 40 insertions(+), 32 deletions(-) diff --git a/appmgr/src/action/docker.rs b/appmgr/src/action/docker.rs index f60d5e8a9..f24ab36c3 100644 --- a/appmgr/src/action/docker.rs +++ b/appmgr/src/action/docker.rs @@ -109,6 +109,9 @@ impl DockerAction { .write_all(input) .await .with_kind(crate::ErrorKind::Docker)?; + stdin.flush().await?; + stdin.shutdown().await?; + drop(stdin); } enum Race { Done(T), diff --git a/appmgr/src/backup/backup_bulk.rs b/appmgr/src/backup/backup_bulk.rs index 11b9a5ff0..4e50d35a8 100644 --- a/appmgr/src/backup/backup_bulk.rs +++ b/appmgr/src/backup/backup_bulk.rs @@ -133,7 +133,14 @@ pub async fn backup_all( } let revision = assure_backing_up(&mut db).await?; tokio::task::spawn(async move { - match perform_backup(&ctx, &mut db, backup_guard).await { + let backup_res = perform_backup(&ctx, &mut db, backup_guard).await; + let status_model = crate::db::DatabaseModel::new().server_info().status(); + status_model + .clone() + .lock(&mut db, LockType::Write) + .await + .expect("failed to lock server status"); + match backup_res { Ok(report) if report.iter().all(|(_, rep)| rep.error.is_none()) => ctx .notification_manager .notify( @@ -195,9 +202,7 @@ pub async fn backup_all( .expect("failed to send notification"); } } - crate::db::DatabaseModel::new() - .server_info() - .status() + status_model .put(&mut db, &ServerStatus::Running) .await .expect("failed to change server status"); @@ -268,6 +273,7 @@ async fn perform_backup( let main_status_model = installed_model.clone().status().main(); let mut tx = db.begin().await?; // for lock scope + main_status_model.lock(&mut tx, LockType::Write).await?; let (started, health) = match main_status_model.get(&mut tx, true).await?.into_owned() { MainStatus::Starting => (Some(Utc::now()), Default::default()), MainStatus::Running { started, health } => (Some(started), health.clone()), diff --git a/appmgr/src/disk/mount/filesystem/ecryptfs.rs b/appmgr/src/disk/mount/filesystem/ecryptfs.rs index 16e226e32..7582163a3 100644 --- a/appmgr/src/disk/mount/filesystem/ecryptfs.rs +++ b/appmgr/src/disk/mount/filesystem/ecryptfs.rs @@ -23,8 +23,8 @@ pub async fn mount_ecryptfs, P1: AsRef>( .arg(src.as_ref()) .arg(dst.as_ref()) .arg("-o") - // for more information `man ecryptfs` - .arg(format!("key=passphrase,passwd={},ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y", key)) + // for more information `man ecryptfs` + .arg(format!("key=passphrase:passphrase_passwd={},ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y", key)) .stdin(std::process::Stdio::piped()) .stderr(std::process::Stdio::piped()) .spawn()?; diff --git a/appmgr/src/manager/mod.rs b/appmgr/src/manager/mod.rs index 660f251cf..5baaeebb0 100644 --- a/appmgr/src/manager/mod.rs +++ b/appmgr/src/manager/mod.rs @@ -426,7 +426,7 @@ impl Manager { } Ok(()) } - + /// this will depend on locks to main status. if you hold any locks when calling this function that conflict, this will deadlock pub async fn synchronize(&self) { self.shared.synchronize_now.notify_waiters(); self.shared.synchronized.notified().await diff --git a/system-images/compat/Cargo.lock b/system-images/compat/Cargo.lock index 5700196b5..ee90ad15a 100644 --- a/system-images/compat/Cargo.lock +++ b/system-images/compat/Cargo.lock @@ -309,7 +309,7 @@ dependencies = [ "serde_json", "serde_urlencoded", "thiserror", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-util", "url", "winapi", @@ -920,7 +920,7 @@ dependencies = [ "stderrlog", "tar", "thiserror", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-compat-02", "tokio-stream", "tokio-tar", @@ -1284,7 +1284,7 @@ dependencies = [ "http", "indexmap", "slab", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-util", "tracing", ] @@ -1405,7 +1405,7 @@ dependencies = [ "itoa", "pin-project-lite 0.2.7", "socket2", - "tokio 1.12.0", + "tokio 1.15.0", "tower-service", "tracing", "want", @@ -1420,7 +1420,7 @@ dependencies = [ "bytes 1.1.0", "hyper", "native-tls", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-native-tls", ] @@ -1436,7 +1436,7 @@ dependencies = [ "hyper", "log", "sha-1 0.9.8", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-tungstenite", ] @@ -1450,7 +1450,7 @@ dependencies = [ "hex", "hyper", "pin-project", - "tokio 1.12.0", + "tokio 1.15.0", ] [[package]] @@ -2138,7 +2138,7 @@ dependencies = [ "serde_cbor 0.11.1", "serde_json", "thiserror", - "tokio 1.12.0", + "tokio 1.15.0", "tracing", "tracing-error", ] @@ -2658,7 +2658,7 @@ dependencies = [ "serde_json", "serde_urlencoded", "time 0.2.27", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-native-tls", "tokio-socks", "url", @@ -2720,7 +2720,7 @@ dependencies = [ "serde_cbor 0.11.2", "serde_json", "thiserror", - "tokio 1.12.0", + "tokio 1.15.0", "url", "yajrc", ] @@ -3248,7 +3248,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "14302b678d9c76b28f2e60115211e25e0aabc938269991745a169753dc00e35c" dependencies = [ "once_cell", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-rustls", ] @@ -3601,11 +3601,10 @@ dependencies = [ [[package]] name = "tokio" -version = "1.12.0" +version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2c2416fdedca8443ae44b4527de1ea633af61d8f7169ffa6e72c5b53d24efcc" +checksum = "fbbf1c778ec206785635ce8ad57fe52b3009ae9e0c9f574a728f3049d3e55838" dependencies = [ - "autocfg", "bytes 1.1.0", "libc", "memchr", @@ -3629,15 +3628,15 @@ dependencies = [ "once_cell", "pin-project-lite 0.2.7", "tokio 0.2.25", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-stream", ] [[package]] name = "tokio-macros" -version = "1.3.0" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54473be61f4ebe4efd09cec9bd5d16fa51d70ea0192213d754d2d500457db110" +checksum = "b557f72f448c511a979e2564e55d74e6c4432fc96ff4f6241bc6bded342643b7" dependencies = [ "proc-macro2 1.0.29", "quote 1.0.9", @@ -3651,7 +3650,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f7d995660bd2b7f8c1568414c1126076c13fbb725c40112dc0120b78eb9b717b" dependencies = [ "native-tls", - "tokio 1.12.0", + "tokio 1.15.0", ] [[package]] @@ -3661,7 +3660,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bc6844de72e57df1980054b38be3a9f4702aba4858be64dd700181a8a6d0e1b6" dependencies = [ "rustls", - "tokio 1.12.0", + "tokio 1.15.0", "webpki", ] @@ -3674,7 +3673,7 @@ dependencies = [ "either", "futures-util", "thiserror", - "tokio 1.12.0", + "tokio 1.15.0", ] [[package]] @@ -3685,7 +3684,7 @@ checksum = "7b2f3f698253f03119ac0102beaa64f67a67e08074d03a22d18784104543727f" dependencies = [ "futures-core", "pin-project-lite 0.2.7", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-util", ] @@ -3698,7 +3697,7 @@ dependencies = [ "futures-core", "libc", "redox_syscall 0.2.10", - "tokio 1.12.0", + "tokio 1.15.0", "tokio-stream", "xattr", ] @@ -3712,7 +3711,7 @@ dependencies = [ "futures-util", "log", "pin-project", - "tokio 1.12.0", + "tokio 1.15.0", "tungstenite", ] @@ -3727,7 +3726,7 @@ dependencies = [ "futures-sink", "log", "pin-project-lite 0.2.7", - "tokio 1.12.0", + "tokio 1.15.0", ] [[package]] @@ -3756,7 +3755,7 @@ dependencies = [ "serde_derive", "sha2", "sha3", - "tokio 1.12.0", + "tokio 1.15.0", ] [[package]]