|
 |
16d03e |
From 46ec7b5a94d370c4963ca361e9d96cb78d75d118 Mon Sep 17 00:00:00 2001
|
|
|
16d03e |
From: Kir Kolyshkin <kolyshkin@gmail.com>
|
|
|
16d03e |
Date: Tue, 23 Feb 2021 18:14:37 -0800
|
|
|
16d03e |
Subject: [PATCH 2/5] libct/rootfs: introduce and use mountConfig
|
|
|
16d03e |
|
|
|
16d03e |
The code is already passing three parameters around from
|
|
|
16d03e |
mountToRootfs to mountCgroupV* to mountToRootfs again.
|
|
|
16d03e |
|
|
|
16d03e |
I am about to add another parameter, so let's introduce and
|
|
|
16d03e |
use struct mountConfig to pass around.
|
|
|
16d03e |
|
|
|
16d03e |
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
|
|
16d03e |
---
|
|
|
16d03e |
libcontainer/rootfs_linux.go | 42 ++++++++++++++++++++++--------------
|
|
|
16d03e |
1 file changed, 26 insertions(+), 16 deletions(-)
|
|
|
16d03e |
|
|
|
16d03e |
diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go
|
|
|
16d03e |
index 411496ab7c6d..a384abb7e8a5 100644
|
|
|
16d03e |
--- a/libcontainer/rootfs_linux.go
|
|
|
16d03e |
+++ b/libcontainer/rootfs_linux.go
|
|
|
16d03e |
@@ -29,6 +29,12 @@ import (
|
|
|
16d03e |
|
|
|
16d03e |
const defaultMountFlags = unix.MS_NOEXEC | unix.MS_NOSUID | unix.MS_NODEV
|
|
|
16d03e |
|
|
|
16d03e |
+type mountConfig struct {
|
|
|
16d03e |
+ root string
|
|
|
16d03e |
+ label string
|
|
|
16d03e |
+ cgroupns bool
|
|
|
16d03e |
+}
|
|
|
16d03e |
+
|
|
|
16d03e |
// needsSetupDev returns true if /dev needs to be set up.
|
|
|
16d03e |
func needsSetupDev(config *configs.Config) bool {
|
|
|
16d03e |
for _, m := range config.Mounts {
|
|
|
16d03e |
@@ -48,7 +54,11 @@ func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig) (err error) {
|
|
|
16d03e |
return newSystemErrorWithCause(err, "preparing rootfs")
|
|
|
16d03e |
}
|
|
|
16d03e |
|
|
|
16d03e |
- hasCgroupns := config.Namespaces.Contains(configs.NEWCGROUP)
|
|
|
16d03e |
+ mountConfig := &mountConfig{
|
|
|
16d03e |
+ root: config.Rootfs,
|
|
|
16d03e |
+ label: config.MountLabel,
|
|
|
16d03e |
+ cgroupns: config.Namespaces.Contains(configs.NEWCGROUP),
|
|
|
16d03e |
+ }
|
|
|
16d03e |
setupDev := needsSetupDev(config)
|
|
|
16d03e |
for _, m := range config.Mounts {
|
|
|
16d03e |
for _, precmd := range m.PremountCmds {
|
|
|
16d03e |
@@ -56,7 +66,7 @@ func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig) (err error) {
|
|
|
16d03e |
return newSystemErrorWithCause(err, "running premount command")
|
|
|
16d03e |
}
|
|
|
16d03e |
}
|
|
|
16d03e |
- if err := mountToRootfs(m, config.Rootfs, config.MountLabel, hasCgroupns); err != nil {
|
|
|
16d03e |
+ if err := mountToRootfs(m, mountConfig); err != nil {
|
|
|
16d03e |
return newSystemErrorWithCausef(err, "mounting %q to rootfs at %q", m.Source, m.Destination)
|
|
|
16d03e |
}
|
|
|
16d03e |
|
|
|
16d03e |
@@ -222,7 +232,7 @@ func prepareBindMount(m *configs.Mount, rootfs string) error {
|
|
|
16d03e |
return nil
|
|
|
16d03e |
}
|
|
|
16d03e |
|
|
|
16d03e |
-func mountCgroupV1(m *configs.Mount, rootfs, mountLabel string, enableCgroupns bool) error {
|
|
|
16d03e |
+func mountCgroupV1(m *configs.Mount, c *mountConfig) error {
|
|
|
16d03e |
binds, err := getCgroupMounts(m)
|
|
|
16d03e |
if err != nil {
|
|
|
16d03e |
return err
|
|
|
16d03e |
@@ -242,12 +252,12 @@ func mountCgroupV1(m *configs.Mount, rootfs, mountLabel string, enableCgroupns b
|
|
|
16d03e |
Data: "mode=755",
|
|
|
16d03e |
PropagationFlags: m.PropagationFlags,
|
|
|
16d03e |
}
|
|
|
16d03e |
- if err := mountToRootfs(tmpfs, rootfs, mountLabel, enableCgroupns); err != nil {
|
|
|
16d03e |
+ if err := mountToRootfs(tmpfs, c); err != nil {
|
|
|
16d03e |
return err
|
|
|
16d03e |
}
|
|
|
16d03e |
for _, b := range binds {
|
|
|
16d03e |
- if enableCgroupns {
|
|
|
16d03e |
- subsystemPath := filepath.Join(rootfs, b.Destination)
|
|
|
16d03e |
+ if c.cgroupns {
|
|
|
16d03e |
+ subsystemPath := filepath.Join(c.root, b.Destination)
|
|
|
16d03e |
if err := os.MkdirAll(subsystemPath, 0755); err != nil {
|
|
|
16d03e |
return err
|
|
|
16d03e |
}
|
|
|
16d03e |
@@ -266,7 +276,7 @@ func mountCgroupV1(m *configs.Mount, rootfs, mountLabel string, enableCgroupns b
|
|
|
16d03e |
return err
|
|
|
16d03e |
}
|
|
|
16d03e |
} else {
|
|
|
16d03e |
- if err := mountToRootfs(b, rootfs, mountLabel, enableCgroupns); err != nil {
|
|
|
16d03e |
+ if err := mountToRootfs(b, c); err != nil {
|
|
|
16d03e |
return err
|
|
|
16d03e |
}
|
|
|
16d03e |
}
|
|
|
16d03e |
@@ -276,7 +286,7 @@ func mountCgroupV1(m *configs.Mount, rootfs, mountLabel string, enableCgroupns b
|
|
|
16d03e |
// symlink(2) is very dumb, it will just shove the path into
|
|
|
16d03e |
// the link and doesn't do any checks or relative path
|
|
|
16d03e |
// conversion. Also, don't error out if the cgroup already exists.
|
|
|
16d03e |
- if err := os.Symlink(mc, filepath.Join(rootfs, m.Destination, ss)); err != nil && !os.IsExist(err) {
|
|
|
16d03e |
+ if err := os.Symlink(mc, filepath.Join(c.root, m.Destination, ss)); err != nil && !os.IsExist(err) {
|
|
|
16d03e |
return err
|
|
|
16d03e |
}
|
|
|
16d03e |
}
|
|
|
16d03e |
@@ -284,8 +294,8 @@ func mountCgroupV1(m *configs.Mount, rootfs, mountLabel string, enableCgroupns b
|
|
|
16d03e |
return nil
|
|
|
16d03e |
}
|
|
|
16d03e |
|
|
|
16d03e |
-func mountCgroupV2(m *configs.Mount, rootfs, mountLabel string, enableCgroupns bool) error {
|
|
|
16d03e |
- cgroupPath, err := securejoin.SecureJoin(rootfs, m.Destination)
|
|
|
16d03e |
+func mountCgroupV2(m *configs.Mount, c *mountConfig) error {
|
|
|
16d03e |
+ cgroupPath, err := securejoin.SecureJoin(c.root, m.Destination)
|
|
|
16d03e |
if err != nil {
|
|
|
16d03e |
return err
|
|
|
16d03e |
}
|
|
|
16d03e |
@@ -302,10 +312,10 @@ func mountCgroupV2(m *configs.Mount, rootfs, mountLabel string, enableCgroupns b
|
|
|
16d03e |
return nil
|
|
|
16d03e |
}
|
|
|
16d03e |
|
|
|
16d03e |
-func mountToRootfs(m *configs.Mount, rootfs, mountLabel string, enableCgroupns bool) error {
|
|
|
16d03e |
- var (
|
|
|
16d03e |
- dest = m.Destination
|
|
|
16d03e |
- )
|
|
|
16d03e |
+func mountToRootfs(m *configs.Mount, c *mountConfig) error {
|
|
|
16d03e |
+ rootfs := c.root
|
|
|
16d03e |
+ mountLabel := c.label
|
|
|
16d03e |
+ dest := m.Destination
|
|
|
16d03e |
if !strings.HasPrefix(dest, rootfs) {
|
|
|
16d03e |
dest = filepath.Join(rootfs, dest)
|
|
|
16d03e |
}
|
|
|
16d03e |
@@ -424,9 +434,9 @@ func mountToRootfs(m *configs.Mount, rootfs, mountLabel string, enableCgroupns b
|
|
|
16d03e |
}
|
|
|
16d03e |
case "cgroup":
|
|
|
16d03e |
if cgroups.IsCgroup2UnifiedMode() {
|
|
|
16d03e |
- return mountCgroupV2(m, rootfs, mountLabel, enableCgroupns)
|
|
|
16d03e |
+ return mountCgroupV2(m, c)
|
|
|
16d03e |
}
|
|
|
16d03e |
- return mountCgroupV1(m, rootfs, mountLabel, enableCgroupns)
|
|
|
16d03e |
+ return mountCgroupV1(m, c)
|
|
|
16d03e |
default:
|
|
|
16d03e |
// ensure that the destination of the mount is resolved of symlinks at mount time because
|
|
|
16d03e |
// any previous mounts can invalidate the next mount's destination.
|
|
|
16d03e |
--
|
|
|
16d03e |
2.31.1
|
|
|
16d03e |
|