From b133a2368a3b7f5b63dae351da439860f7d4aac8 Mon Sep 17 00:00:00 2001
From: yangfeiyu <yangfeiyu20102011@163.com>
Date: Tue, 11 Jan 2022 15:49:31 +0800
Subject: [PATCH] runtime: it should rollback when failed in Sandbox
 AddInterface

When Sandbox AddInterface() is called, it may fail after endpoint.HotAttach,
we'd better rollback and call save() in the end.

Fixes: #3419

Signed-off-by: yangfeiyu <yangfeiyu20102011@163.com>
---
 src/runtime/virtcontainers/sandbox.go | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/runtime/virtcontainers/sandbox.go b/src/runtime/virtcontainers/sandbox.go
index cbf1d7b471..3574d28eab 100644
--- a/src/runtime/virtcontainers/sandbox.go
+++ b/src/runtime/virtcontainers/sandbox.go
@@ -869,15 +869,28 @@ func (s *Sandbox) AddInterface(ctx context.Context, inf *pbTypes.Interface) (*pb
 		return nil, err
 	}
 
-	// Update the sandbox storage
-	s.networkNS.Endpoints = append(s.networkNS.Endpoints, endpoint)
-	if err := s.Save(); err != nil {
-		return nil, err
-	}
+	defer func() {
+		if err != nil {
+			if errDetach := endpoint.HotDetach(ctx, s.hypervisor, s.networkNS.NetNsCreated, s.networkNS.NetNsPath); errDetach != nil {
+				s.Logger().WithField("endpoint-type", endpoint.Type()).WithError(errDetach).Error("rollback hot attaching endpoint failed")
+			}
+		}
+	}()
 
 	// Add network for vm
 	inf.PciPath = endpoint.PciPath().String()
-	return s.agent.updateInterface(ctx, inf)
+	result, err := s.agent.updateInterface(ctx, inf)
+	if err != nil {
+		return nil, err
+	}
+
+	// Update the sandbox storage
+	s.networkNS.Endpoints = append(s.networkNS.Endpoints, endpoint)
+	if err = s.Save(); err != nil {
+		return nil, err
+	}
+
+	return result, nil
 }
 
 // RemoveInterface removes a nic of the sandbox.