Skip to content

cmd/containerd-shim-runhcs-v1: serialize confidential container bring-up#2804

Open
EmanuelOprea wants to merge 1 commit into
microsoft:mainfrom
EmanuelOprea:dev/emanueloprea/cwcow-serialize-container-create
Open

cmd/containerd-shim-runhcs-v1: serialize confidential container bring-up#2804
EmanuelOprea wants to merge 1 commit into
microsoft:mainfrom
EmanuelOprea:dev/emanueloprea/cwcow-serialize-container-create

Conversation

@EmanuelOprea

Copy link
Copy Markdown

Problem

Starting the containers of a multi-container container group in a single confidential WCOW UVM concurrently reliably crashes the guest: the guest resets and the GCS bridge drops (�ridge closed: use of closed network connection), and all containers end up Exited.

Root cause

Container bring-up is concurrent. createContainer runs on its own goroutine per container, so two containers' hcsoci.CreateContainer calls overlap. CreateContainer performs the bring-up: block-CIM mount, scratch SCSI attach, CombineLayers/hive-merge and the guest container create.

The host-side device hot-adds (uvm.modify -> hcsSystem.Modify) go straight to the VM worker and do not travel over the GCS bridge, so nothing serializes them. Overlapping mount/device operations into the confidential guest put it into a bad state and it resets.

Fix

Serialize the bring-up with a per-UVM lock held across CreateContainer, taken only for confidential UVMs (HasConfidentialPolicy). This makes container starts effectively one-at-a-time into a given confidential UVM. createContainer is shared with LCOW, hence the generic name and the confidential-only guard.

Testing

Validated on a confidential WCOW UVM (VBS). Concurrent multi-container groups that previously crashed every time now come up cleanly and repeatably:

  • 2x nanoserver
  • 2x mount-host
  • 1x mount-host + 2x nanoserver

Removing the lock reproduces the crash on the same image. LCOW is unaffected (guard + non-confidential path unchanged).

@EmanuelOprea EmanuelOprea requested a review from a team as a code owner July 2, 2026 10:48
Starting the containers of a multi-container container group in a single
confidential WCOW UVM concurrently reliably crashes the guest: the guest
resets and the GCS bridge drops ("bridge closed: use of closed network
connection"), and all containers end up Exited.

Root cause is concurrent container bring-up into one confidential UVM.
createContainer runs on its own goroutine per container, so two containers'
hcsoci.CreateContainer calls overlap. CreateContainer performs the container
bring-up: block-CIM mount, scratch SCSI attach, CombineLayers/hive-merge and
the guest container create. The host-side device hot-adds (uvm.modify ->
hcsSystem.Modify) go straight to the VM worker and do not travel over the GCS
bridge, so nothing serializes them; overlapping mount/device operations into
the confidential guest put it into a bad state and it resets.

Serialize the bring-up with a per-UVM lock held across CreateContainer, taken
only for confidential UVMs (HasConfidentialPolicy). This makes the container
starts effectively one-at-a-time into a given confidential UVM. createContainer
is shared with LCOW, hence the generic name and the confidential-only guard.

Validated on a confidential WCOW UVM (VBS): concurrent multi-container groups
that previously crashed every time (2x nanoserver, 2x mount-host,
1x mount-host + 2x nanoserver) now come up cleanly and repeatably; removing the
lock reproduces the crash on the same image.

Signed-off-by: Emanuel Oprea <2664342+EmanuelOprea@users.noreply.github.com>
@EmanuelOprea EmanuelOprea force-pushed the dev/emanueloprea/cwcow-serialize-container-create branch from 869709c to 94e13cd Compare July 2, 2026 10:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant