From ee845e4e6f14475ca47b58c229de755ff8265d9c Mon Sep 17 00:00:00 2001
From: Jamie Liu <jamieliu@google.com>
Date: Thu, 24 Oct 2024 14:29:56 -0700
Subject: [PATCH] vfs: skip unresolved mount promises in procfs

Also handle PathnameReachable() failure in GenerateProcMounts() consistently
with GenerateProcMountInfo() (the latter changed in cl/485155018).

PiperOrigin-RevId: 689518020
---
 pkg/sentry/vfs/mount.go | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/pkg/sentry/vfs/mount.go b/pkg/sentry/vfs/mount.go
index fb8721a85f..c612138cf1 100644
--- a/pkg/sentry/vfs/mount.go
+++ b/pkg/sentry/vfs/mount.go
@@ -1366,17 +1366,20 @@ func (vfs *VirtualFilesystem) GenerateProcMounts(ctx context.Context, taskRootDi
 			mount:  mnt,
 			dentry: mnt.root,
 		}
+		if mp := vfs.getMountPromise(mntRootVD); mp != nil && !mp.resolved.Load() {
+			// Skip unresolved mount promises for consistency with
+			// GenerateProcMountInfo.
+			continue
+		}
 		path, err := vfs.PathnameReachable(ctx, taskRootDir, mntRootVD)
 		if err != nil {
-			// For some reason we didn't get a path. Log a warning
-			// and run with empty path.
+			// For some reason we didn't get a path.
 			ctx.Warningf("VFS.GenerateProcMounts: error getting pathname for mount root: %v", err)
-			path = ""
+			continue
 		}
 		if path == "" {
-			// Either an error occurred, or path is not reachable
-			// from root.
-			break
+			// The path is not reachable from root.
+			continue
 		}
 
 		mntOpts := mnt.Options()
@@ -1433,10 +1436,14 @@ func (vfs *VirtualFilesystem) GenerateProcMountInfo(ctx context.Context, taskRoo
 			mount:  mnt,
 			dentry: mnt.root,
 		}
+		if mp := vfs.getMountPromise(mntRootVD); mp != nil && !mp.resolved.Load() {
+			// Skip unresolved mount promises to prevent mounters from
+			// deadlocking by reading /proc/*/mountinfo.
+			continue
+		}
 		pathFromRoot, err := vfs.PathnameReachable(ctx, taskRootDir, mntRootVD)
 		if err != nil {
-			// For some reason we didn't get a path. Log a warning
-			// and run with empty path.
+			// For some reason we didn't get a path.
 			ctx.Warningf("VFS.GenerateProcMountInfo: error getting pathname for mount root: %v", err)
 			continue
 		}