From 227cba6b10a8dcbda6a0e2f82710a7c0711dd8f9 Mon Sep 17 00:00:00 2001
From: Evan Foster <efoster@adobe.com>
Date: Mon, 31 Aug 2020 10:12:56 -0600
Subject: [PATCH] sandbox: Disconnect from agent after VM shutdown

When a one-shot pod dies in CRI-O, the shimv2 process isn't killed until
the pod is actually deleted, even though the VM is shut down. In this
case, the shim appears to busyloop when attempting to talk to the (now
dead) agent via VSOCK. To address this, we disconnect from the agent
after the VM is shut down.

This is especially catastrophic for one-shot pods that may persist for
hours or days, but it also applies to any shimv2 pod where Kata is
configured to use VSOCK for communication.

Backport of https://github.com/kata-containers/kata-containers/pull/556
to kata-containers/runtime master branch.

See github.com/kata-containers/runtime#2719 for details.
Fixes #2719

Signed-off-by: Evan Foster <efoster@adobe.com>
---
 virtcontainers/sandbox.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/virtcontainers/sandbox.go b/virtcontainers/sandbox.go
index cdd2aff9d4..6f8cb41c2d 100644
--- a/virtcontainers/sandbox.go
+++ b/virtcontainers/sandbox.go
@@ -1603,6 +1603,11 @@ func (s *Sandbox) Stop(force bool) error {
 		return err
 	}
 
+	// Stop communicating with the agent.
+	if err := s.agent.disconnect(); err != nil && !force {
+		return err
+	}
+
 	return nil
 }