storage: overlay: only unmount storage home if needed

If the storage home directory is a mountpoint, `mount.MakePrivate()`
changes the existing mountpoint instead of creating a new bind mount
of the storage home onto itself. In this case, attempting to unmount
the storage home upon cleanup will remove the externally created
mountpoint, thus breaking the pre-existing system configuration.

Since it is not easily possible to detect whether a given mountpoint
is a self-bind-mount, instead remember whether we ended up performing
one and only attempt to unmount it if we did.

This should be considered a hack because it leaks the implementation
details of `mount.MakePrivate()` (i.e. the fact that a new bind mount
is only created if the target is not already a mountpoint).

Fixes: containers/podman#27012
Signed-off-by: Ivan Shapovalov <[email protected]>

Author: intelfx

storage/drivers/overlay/overlay.go

@@ -138,6 +138,8 @@ type Driver struct {
 	stagingDirsLocks map[string]*staging_lockfile.StagingLockFile
 
 	supportsIDMappedMounts *bool
+
+	homeNeedsUnmount bool
 }
 
 type additionalLayerStore struct {
@@ -421,7 +423,16 @@ func Init(home string, options graphdriver.Options) (graphdriver.Driver, error)
 		}
 	}
 
+	var homeNeedsUnmount bool
 	if !opts.skipMountHome {
+		// mount.MakePrivate() will either bind the home directory onto itself
+		// or make the existing mountpoint private if it is already a mountpoint.
+		// Upon shutdown, we must ensure that we do not remove any mountpoint
+		// that was not created by us.
+		// XXX: this leaks implementation details of mount.MakePrivate()
+		if mounted, err := mount.Mounted(home); err != nil {
+			homeNeedsUnmount = !mounted
+		}
 		if err := mount.MakePrivate(home); err != nil {
 			return nil, fmt.Errorf("overlay: failed to make mount private: %w", err)
 		}
@@ -445,6 +456,7 @@ func Init(home string, options graphdriver.Options) (graphdriver.Driver, error)
 		options:               *opts,
 		stagingDirsLocksMutex: sync.Mutex{},
 		stagingDirsLocks:      make(map[string]*staging_lockfile.StagingLockFile),
+		homeNeedsUnmount:      homeNeedsUnmount,
 	}
 
 	d.naiveDiff = graphdriver.NewNaiveDiffDriver(d, graphdriver.NewNaiveLayerIDMapUpdater(d))
@@ -863,7 +875,10 @@ func (d *Driver) Cleanup() error {
 	if anyPresent {
 		return nil
 	}
-	return mount.Unmount(d.home)
+	if d.homeNeedsUnmount {
+		return mount.Unmount(d.home)
+	}
+	return nil
 }
 
 // pruneStagingDirectories cleans up any staging directory that was leaked.