From 810b2d698f4d47c4a9be88c9b3cabe6d7fcdbcd8 Mon Sep 17 00:00:00 2001 From: Roberto Scolaro Date: Wed, 15 Jan 2025 17:42:02 +0000 Subject: [PATCH] fix(libsinsp/runc): use old logic and fallback for containerd Signed-off-by: Roberto Scolaro --- userspace/libsinsp/runc.cpp | 37 ++++++++----------- .../test/container_engine/cri_settings.ut.cpp | 3 +- 2 files changed, 17 insertions(+), 23 deletions(-) diff --git a/userspace/libsinsp/runc.cpp b/userspace/libsinsp/runc.cpp index a61b083aef..2fcad374b8 100644 --- a/userspace/libsinsp/runc.cpp +++ b/userspace/libsinsp/runc.cpp @@ -27,6 +27,7 @@ namespace { const size_t CONTAINER_ID_LENGTH = 64; const size_t REPORTED_CONTAINER_ID_LENGTH = 12; +const char *CONTAINER_ID_VALID_CHARACTERS = "0123456789abcdefABCDEF"; static_assert(REPORTED_CONTAINER_ID_LENGTH <= CONTAINER_ID_LENGTH, "Reported container ID length cannot be longer than actual length"); @@ -40,21 +41,6 @@ inline static bool endswith(const std::string &s, const std::string &suffix) { return s.rfind(suffix) == (s.size() - suffix.size()); } -inline static bool is_host(const std::string &cgroup) { - // A good approximation to minize false-positives is to exclude systemd suffixes. - if(endswith(cgroup, ".slice") || endswith(cgroup, ".service")) { - return true; - } else if(endswith(cgroup, ".scope")) { - if(cgroup.find("crio-") != std::string::npos || - cgroup.find("docker-") != std::string::npos) { - return false; - } - return true; - } - - return false; -} - // check if cgroup ends with // If true, set to a truncated version of the id and return true. // Otherwise return false and leave container_id unchanged @@ -73,6 +59,12 @@ bool match_one_container_id(const std::string &cgroup, return false; } + if(end_pos - start_pos == CONTAINER_ID_LENGTH && + cgroup.find_first_not_of(CONTAINER_ID_VALID_CHARACTERS, start_pos) >= CONTAINER_ID_LENGTH) { + container_id = cgroup.substr(start_pos, REPORTED_CONTAINER_ID_LENGTH); + return true; + } + // In some container runtimes the container the container id is not // necessarly CONTAINER_ID_LENGTH long and can be arbitrarly defined. // To keep it simple we only discard the container id > of CONTAINER_ID_LENGTH. @@ -80,15 +72,16 @@ bool match_one_container_id(const std::string &cgroup, return false; } - if(is_host(cgroup)) { - return false; + if(cgroup.rfind("/default/") == 0 && !endswith(cgroup, ".service") && + !endswith(cgroup, ".slice")) { + size_t reported_len = end_pos - start_pos >= REPORTED_CONTAINER_ID_LENGTH + ? REPORTED_CONTAINER_ID_LENGTH + : end_pos; + container_id = cgroup.substr(start_pos, reported_len); + return true; } - size_t reported_len = end_pos - start_pos >= REPORTED_CONTAINER_ID_LENGTH - ? REPORTED_CONTAINER_ID_LENGTH - : end_pos; - container_id = cgroup.substr(start_pos, reported_len); - return true; + return false; } bool match_container_id(const std::string &cgroup, diff --git a/userspace/libsinsp/test/container_engine/cri_settings.ut.cpp b/userspace/libsinsp/test/container_engine/cri_settings.ut.cpp index 1480bd3013..74ca9e69cc 100644 --- a/userspace/libsinsp/test/container_engine/cri_settings.ut.cpp +++ b/userspace/libsinsp/test/container_engine/cri_settings.ut.cpp @@ -35,9 +35,10 @@ TEST_F(sinsp_with_test_input, default_cri_socket_paths) { auto socket_paths = cri_settings.get_cri_unix_socket_paths(); - ASSERT_EQ(socket_paths.size(), 3); + ASSERT_EQ(socket_paths.size(), 4); ASSERT_TRUE("/run/containerd/containerd.sock" == socket_paths[0]); ASSERT_TRUE("/run/crio/crio.sock" == socket_paths[1]); ASSERT_TRUE("/run/k3s/containerd/containerd.sock" == socket_paths[2]); + ASSERT_TRUE("/run/host-containerd/containerd.sock" == socket_paths[3]); } #endif