From 0f756bece17253aadfe72e8f2eafe8a61d969f87 Mon Sep 17 00:00:00 2001 From: wujing Date: Tue, 14 Apr 2020 04:53:05 -0400 Subject: [PATCH 23/49] Supporting rootfs mount propagation Signed-off-by: wujing --- src/lxc/conf.c | 429 +++++++++++++++++++++++++++++++++++----- src/lxc/conf.h | 24 ++- src/lxc/confile.c | 19 ++ src/lxc/criu.c | 7 + src/lxc/storage/btrfs.c | 11 ++ src/lxc/storage/dir.c | 38 +++- src/lxc/storage/overlay.c | 8 + src/lxc/storage/storage_utils.c | 13 +- src/lxc/storage/zfs.c | 9 + src/lxc/utils.h | 4 + 10 files changed, 498 insertions(+), 64 deletions(-) diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 4088363..e0a6f98 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -61,6 +61,8 @@ #include "loop.h" #include "utils.h" #include "uuid.h" +#include "path.h" +#include "utils.h" #ifdef MAJOR_IN_MKDEV #include @@ -1236,12 +1238,106 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs) return 0; } +static void null_endofword(char *word) +{ + while (*word && *word != ' ' && *word != '\t') + word++; + *word = '\0'; +} + +/* skip @nfields spaces in @src */ +static char *get_field(char *src, int nfields) +{ + int i; + char *p = src; + + for (i = 0; i < nfields; i++) { + while (*p && *p != ' ' && *p != '\t') + p++; + + if (!*p) + break; + + p++; + } + + return p; +} + +#ifdef HAVE_ISULAD +static int rootfs_parent_mount_private(char *rootfs) +{ + /* walk /proc/self/mountinfo and change parent of rootfs to private */ + FILE *f = fopen("/proc/self/mountinfo", "r"); + char *line = NULL; + char *parent = NULL, *options = NULL; + size_t len = 0; + int ret = 0; + + if (!f) { + SYSERROR("Failed to open /proc/self/mountinfo to make parent of rootfs to private"); + return -1; + } + + while (getline(&line, &len, f) != -1) { + char *target = NULL; + char *opts = NULL; + char *tmptarget = NULL; + target = get_field(line, 4); + if (!target) + continue; + tmptarget = safe_strdup(target); + null_endofword(tmptarget); + if (!strstr(rootfs, tmptarget)) { + free(tmptarget); + continue; + } + if (!parent || strlen(tmptarget) > strlen(parent)) { + free(parent); + parent = tmptarget; + } else { + free(tmptarget); + continue; + } + opts = get_field(target, 2); + if (!opts) + continue; + null_endofword(opts); + free(options); + options = safe_strdup(opts); + } + + if (!parent || !options) { + ERROR("Could not find parent mount of %s", rootfs); + ret = -1; + } else { + if (strstr(options, "shared")) { + if (mount(NULL, parent, NULL, MS_PRIVATE, NULL)) { + SYSERROR("Failed to make %s private", parent); + ret = -1; + } + DEBUG("Mounted parent %s of rootfs %s to private", parent, rootfs); + } + } + free(parent); + free(options); + fclose(f); + free(line); + return ret; +} +#endif + static int lxc_mount_rootfs(struct lxc_conf *conf) { int ret; struct lxc_storage *bdev; const struct lxc_rootfs *rootfs = &conf->rootfs; +#ifdef HAVE_ISULAD + unsigned long flags, mntflags, pflags; + char *mntdata = NULL; +#endif + if (!rootfs->path) { ret = mount("", "/", NULL, MS_SLAVE | MS_REC, 0); if (ret < 0) @@ -1255,6 +1351,44 @@ static int lxc_mount_rootfs(struct lxc_conf *conf) return log_error_errno(-1, errno, "Failed to access to \"%s\". Check it is present", rootfs->mount); +#ifdef HAVE_ISULAD + // Support mount propagations of rootfs + // Get rootfs mnt propagation options, such as slave or shared + if (parse_mntopts(conf->rootfs.options, &mntflags, &pflags, &mntdata) < 0) { + free(mntdata); + return -1; + } + free(mntdata); + + flags = MS_SLAVE | MS_REC; + if (pflags) + flags = pflags; + + /* Mount propagation inside container can not greater than host. + * So we must change propagation of root according to flags, default is rslave. + * That means shared propagation inside container is disabled by default. + */ + ret = mount("", "/", NULL, flags, NULL); + if (ret < 0) { + return log_error_errno(-1, errno, "Failed to make / to propagation flags %lu.", flags); + } + + /* Make parent mount private to make sure following bind mount does + * not propagate in other namespaces. Also it will help with kernel + * check pass in pivot_root. (IS_SHARED(new_mnt->mnt_parent)) + */ + ret = rootfs_parent_mount_private(conf->rootfs.mount); + if (ret != 0) { + return log_error(-1, "Failed to make parent of rootfs %s to private.", conf->rootfs.mount); + } + + ret = mount(conf->rootfs.mount, conf->rootfs.mount, "bind", MS_BIND | MS_REC, NULL); + if (ret < 0) { + SYSERROR("Failed to mount rootfs %s", conf->rootfs.mount); + return -1; + } +#endif + bdev = storage_init(conf); if (!bdev) return log_error(-1, "Failed to mount rootfs \"%s\" onto \"%s\" with options \"%s\"", @@ -1802,7 +1936,43 @@ static int lxc_setup_console(const struct lxc_rootfs *rootfs, return lxc_setup_ttydir_console(rootfs, console, ttydir); } +#ifdef HAVE_ISULAD +static void parse_mntopt(char *opt, unsigned long *mflags, unsigned long *pflags, char **data, size_t size) +{ + struct mount_opt *mo; + + /* If opt is found in mount_opt, set or clear flags. + * Otherwise append it to data. */ + + for (mo = &mount_opt[0]; mo->name != NULL; mo++) { + if (strncmp(opt, mo->name, strlen(mo->name)) == 0) { + if (mo->clear) + *mflags &= ~mo->flag; + else + *mflags |= mo->flag; + return; + } + } + + /* If opt is found in propagation_opt, set or clear flags. */ + for (mo = &propagation_opt[0]; mo->name != NULL; mo++) { + if (strncmp(opt, mo->name, strlen(mo->name)) != 0) + continue; + + if (mo->clear) + *pflags &= ~mo->flag; + else + *pflags |= mo->flag; + + return; + } + if (strlen(*data)) + (void)strlcat(*data, ",", size); + + (void)strlcat(*data, opt, size); +} +#else static int parse_mntopt(char *opt, unsigned long *flags, char **data, size_t size) { ssize_t ret; @@ -1839,7 +2009,43 @@ static int parse_mntopt(char *opt, unsigned long *flags, char **data, size_t siz return 0; } +#endif + +#ifdef HAVE_ISULAD +int parse_mntopts(const char *mntopts, unsigned long *mntflags, unsigned long *pflags, char **mntdata) +{ + char *data, *p, *s; + size_t size; + + *mntdata = NULL; + *mntflags = 0L; + *pflags = 0L; + + if (!mntopts) + return 0; + + s = safe_strdup(mntopts); + size = strlen(s) + 1; + data = malloc(size); + if (!data) { + free(s); + return -1; + } + *data = 0; + + lxc_iterate_parts(p, s, ",") + parse_mntopt(p, mntflags, pflags, &data, size); + + if (*data) + *mntdata = data; + else + free(data); + free(s); + + return 0; +} +#else int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata) { __do_free char *mntopts_new = NULL, *mntopts_dup = NULL; @@ -1870,6 +2076,7 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata) return 0; } +#endif static void parse_propagationopt(char *opt, unsigned long *flags) { @@ -1908,32 +2115,6 @@ int parse_propagationopts(const char *mntopts, unsigned long *pflags) return 0; } -static void null_endofword(char *word) -{ - while (*word && *word != ' ' && *word != '\t') - word++; - *word = '\0'; -} - -/* skip @nfields spaces in @src */ -static char *get_field(char *src, int nfields) -{ - int i; - char *p = src; - - for (i = 0; i < nfields; i++) { - while (*p && *p != ' ' && *p != '\t') - p++; - - if (!*p) - break; - - p++; - } - - return p; -} - static int mount_entry(const char *fsname, const char *target, const char *fstype, unsigned long mountflags, unsigned long pflags, const char *data, bool optional, @@ -2186,6 +2367,82 @@ retry: return 0; } + +/* isulad: checkMountDestination checks to ensure that the mount destination is not over the top of /proc. + * dest is required to be an abs path and have any symlinks resolved before calling this function. */ +static int check_mount_destination(const char *rootfs, const char *dest) +{ + const char *invalid_destinations[] = { + "/proc", + NULL + }; + // White list, it should be sub directories of invalid destinations + const char *valid_destinations[] = { + // These entries can be bind mounted by files emulated by fuse, + // so commands like top, free displays stats in container. + "/proc/cpuinfo", + "/proc/diskstats", + "/proc/meminfo", + "/proc/stat", + "/proc/swaps", + "/proc/uptime", + "/proc/net/dev", + NULL + }; + const char **valid = NULL; + const char **invalid = NULL; + + for(valid = valid_destinations; *valid != NULL; valid++) { + char *fullpath = NULL; + char *relpath = NULL; + const char *parts[3] = { + rootfs, + *valid, + NULL + }; + fullpath = lxc_string_join("/", parts, false); + if (!fullpath) { + ERROR("Out of memory"); + return -1; + } + relpath = path_relative(fullpath, dest); + free(fullpath); + if (!relpath) + return -1; + if (!strcmp(relpath, ".")) { + free(relpath); + return 0; + } + free(relpath); + } + + for(invalid = invalid_destinations; *invalid != NULL; invalid++) { + char *fullpath = NULL; + char *relpath = NULL; + const char *parts[3] = { + rootfs, + *invalid, + NULL + }; + fullpath = lxc_string_join("/", parts, false); + if (!fullpath) { + ERROR("Out of memory"); + return -1; + } + relpath = path_relative(fullpath, dest); + free(fullpath); + if (!relpath) + return -1; + if (!strcmp(relpath, ".") || strncmp(relpath, "..", 2)) { + ERROR("%s cannot be mounted because it is located inside %s", dest, *invalid); + free(relpath); + return -1; + } + free(relpath); + } + + return 0; +} #endif /* rootfs, lxc_name, and lxc_path can be NULL when the container is created @@ -2201,18 +2458,51 @@ static inline int mount_entry_on_generic(struct mntent *mntent, char *rootfs_path = NULL; int ret; bool dev, optional, relative; - const char *dest = path; + const char *dest = path; + +#ifdef HAVE_ISULAD + char *rpath = NULL; +#endif optional = hasmntopt(mntent, "optional") != NULL; dev = hasmntopt(mntent, "dev") != NULL; relative = hasmntopt(mntent, "relative") != NULL; +#ifdef HAVE_ISULAD + // isulad: ensure that the destination of the bind mount is resolved of symlinks at mount time because + // any previous mounts can invalidate the next mount's destination. + // this can happen when a user specifies mounts within other mounts to cause breakouts or other + // evil stuff to try to escape the container's rootfs. + if (rootfs_path) { + rpath = follow_symlink_in_scope(path, rootfs_path); + if (!rpath) { + ERROR("Failed to get real path of '%s' in scope '%s'.", path, rootfs_path); + lxc_write_error_message(rootfs->errfd, "%s:%d: failed to get real path of '%s' in scope '%s'.", + __FILE__, __LINE__, path, rootfs_path); + return -1; + } + dest = rpath; + + ret = check_mount_destination(rootfs_path, dest); + if (ret) { + ERROR("Mount destination is invalid: '%s'", dest); + lxc_write_error_message(rootfs->errfd, "%s:%d: mount destination is invalid: '%s'.", + __FILE__, __LINE__, dest); + free(rpath); + return -1; + } + } +#else if (rootfs && rootfs->path) rootfs_path = rootfs->mount; +#endif ret = mount_entry_create_dir_file(mntent, path, rootfs, lxc_name, lxc_path); if (ret < 0) { +#ifdef HAVE_ISULAD + free(rpath); +#endif if (optional) return 0; @@ -2220,6 +2510,29 @@ static inline int mount_entry_on_generic(struct mntent *mntent, } cull_mntent_opt(mntent); +#ifdef HAVE_ISULAD + ret = parse_mntopts(mntent->mnt_opts, &mntflags, &pflags, &mntdata); + if (ret < 0) { + free(rpath); + return -1; + } + + // support squashfs + if (strcmp(mntent->mnt_type, "squashfs") == 0) { + ret = mount_entry_with_loop_dev(mntent->mnt_fsname, dest, mntent->mnt_type, + mntent->mnt_opts, rootfs_path); + } else { + ret = mount_entry(mntent->mnt_fsname, dest, mntent->mnt_type, mntflags, + pflags, mntdata, optional, dev, relative, rootfs_path); + } + + if (ret < 0) { + lxc_write_error_message(rootfs->errfd, "%s:%d: failed to mount %s as type %s.", + __FILE__, __LINE__, mntent->mnt_fsname, mntent->mnt_type); + } + + free(rpath); +#else ret = parse_propagationopts(mntent->mnt_opts, &pflags); if (ret < 0) return -1; @@ -2228,18 +2541,10 @@ static inline int mount_entry_on_generic(struct mntent *mntent, if (ret < 0) return ret; -#ifdef HAVE_ISULAD - // isulad: support squashfs - if (strcmp(mntent->mnt_type, "squashfs") == 0) { - ret = mount_entry_with_loop_dev(mntent->mnt_fsname, dest, mntent->mnt_type, - mntent->mnt_opts, rootfs_path); - } else { -#endif - ret = mount_entry(mntent->mnt_fsname, dest, mntent->mnt_type, mntflags, - pflags, mntdata, optional, dev, relative, rootfs_path); -#ifdef HAVE_ISULAD - } + ret = mount_entry(mntent->mnt_fsname, dest, mntent->mnt_type, mntflags, + pflags, mntdata, optional, dev, relative, rootfs_path); #endif + return ret; } @@ -2329,6 +2634,28 @@ static int mount_file_entries(const struct lxc_conf *conf, while (getmntent_r(file, &mntent, buf, sizeof(buf))) { int ret; +#ifdef HAVE_ISULAD + //isulad, system contaienr, skip "proc/sys/xxx" path + if (conf->systemd != NULL && strcmp(conf->systemd, "true") == 0) { + if (strstr(mntent.mnt_dir, "proc/sys") != NULL) { + continue; + } + } + + /* Note: Workaround for volume file path with space*/ + mntent.mnt_fsname = lxc_string_replace(SPACE_MAGIC_STR, " ", mntent.mnt_fsname); + if(!mntent.mnt_fsname) { + SYSERROR("memory allocation error"); + return -1; + } + mntent.mnt_dir = lxc_string_replace(SPACE_MAGIC_STR, " ", mntent.mnt_dir); + if(!mntent.mnt_dir) { + SYSERROR("memory allocation error"); + free(mntent.mnt_fsname); + return -1; + } +#endif + if (!rootfs->path) ret = mount_entry_on_systemfs(&mntent); else if (mntent.mnt_dir[0] != '/') @@ -2337,6 +2664,14 @@ static int mount_file_entries(const struct lxc_conf *conf, else ret = mount_entry_on_absolute_rootfs(&mntent, rootfs, lxc_name, lxc_path); + +#ifdef HAVE_ISULAD + free(mntent.mnt_fsname); + mntent.mnt_fsname = NULL; + free(mntent.mnt_dir); + mntent.mnt_dir = NULL; +#endif + if (ret < 0) return -1; } @@ -3391,7 +3726,13 @@ int lxc_setup_rootfs_prepare_root(struct lxc_conf *conf, const char *name, return log_trace(0, "Bind mounted container / onto itself"); } +#ifdef HAVE_ISULAD + if (!conf->rootfs.options) { + remount_all_slave(); + } +#else remount_all_slave(); +#endif ret = run_lxc_hooks(name, "pre-mount", conf, NULL); if (ret < 0) @@ -3585,16 +3926,12 @@ reset_umask: static int setup_rootfs_mountopts(const struct lxc_rootfs *rootfs) { unsigned long mflags, mntflags, pflags; - char *mntdata; + char *mntdata = NULL; if(!rootfs || !rootfs->options) return 0; - if (parse_propagationopts(rootfs->options, &pflags) < 0) { - return -1; - } - - if (parse_mntopts(rootfs->options, &mntflags, &mntdata) < 0) { + if (parse_mntopts(rootfs->options, &mntflags, &pflags, &mntdata) < 0) { free(mntdata); return -1; } @@ -3602,9 +3939,9 @@ static int setup_rootfs_mountopts(const struct lxc_rootfs *rootfs) if (mntflags & MS_RDONLY) { mflags = add_required_remount_flags("/", NULL, MS_BIND | MS_REC | mntflags | pflags | MS_REMOUNT); - DEBUG("remounting /"); + DEBUG("remounting / as readonly"); if (mount("/", "/", NULL, mflags, 0) < 0) { - SYSERROR("Failed to remount /"); + SYSERROR("Failed to make / readonly."); return -1; } } diff --git a/src/lxc/conf.h b/src/lxc/conf.h index 482fe0d..22c554d 100644 --- a/src/lxc/conf.h +++ b/src/lxc/conf.h @@ -156,10 +156,12 @@ struct lxc_rootfs { bool managed; #ifdef HAVE_ISULAD - /* isulad: maskedpaths */ - struct lxc_list maskedpaths; - /* isulad: ropaths */ - struct lxc_list ropaths; + /* isulad: maskedpaths */ + struct lxc_list maskedpaths; + /* isulad: ropaths */ + struct lxc_list ropaths; + /* isulad: errfd */ + int errfd; #endif }; @@ -444,6 +446,8 @@ struct lxc_conf { int exit_fd; /* exit fifo fd*/ char *errmsg; /* record error messages */ + + char *systemd; //systemd value #endif }; @@ -492,8 +496,6 @@ extern int userns_exec_1(const struct lxc_conf *conf, int (*fn)(void *), void *data, const char *fn_name); extern int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *), void *data, const char *fn_name); -extern int parse_mntopts(const char *mntopts, unsigned long *mntflags, - char **mntdata); extern int parse_propagationopts(const char *mntopts, unsigned long *pflags); extern void tmp_proc_unmount(struct lxc_conf *lxc_conf); extern void remount_all_slave(void); @@ -519,6 +521,16 @@ extern int userns_exec_minimal(const struct lxc_conf *conf, int (*fn_parent)(void *), void *fn_parent_data, int (*fn_child)(void *), void *fn_child_data); #ifdef HAVE_ISULAD +// isulad modify +extern int parse_mntopts(const char *mntopts, unsigned long *mntflags, + unsigned long *pflags, char **mntdata); +#else +extern int parse_mntopts(const char *mntopts, unsigned long *mntflags, + char **mntdata); +#endif + +#ifdef HAVE_ISULAD +// isulad add int lxc_clear_init_args(struct lxc_conf *lxc_conf); int lxc_clear_populate_devices(struct lxc_conf *c); int lxc_clear_rootfs_masked_paths(struct lxc_conf *c); diff --git a/src/lxc/confile.c b/src/lxc/confile.c index 0fcebd4..9ba3c7c 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -1358,6 +1358,10 @@ static int set_config_environment(const char *key, const char *value, { struct lxc_list *list_item = NULL; +#ifdef HAVE_ISULAD + char *replaced = NULL; +#endif + if (lxc_config_value_empty(value)) return lxc_clear_environment(lxc_conf); @@ -1378,7 +1382,16 @@ static int set_config_environment(const char *key, const char *value, env_var[1] = env_val; list_item->elem = lxc_string_join("=", env_var, false); } else { +#ifdef HAVE_ISULAD + /* isulad: recover space replaced by SPACE_MAGIC_STR */ + replaced = lxc_string_replace(SPACE_MAGIC_STR, " ", value); + if(!replaced) + goto on_error; + + list_item->elem = replaced; +#else list_item->elem = strdup(value); +#endif } if (!list_item->elem) @@ -2594,6 +2607,11 @@ static int set_config_rootfs_options(const char *key, const char *value, int ret; struct lxc_rootfs *rootfs = &lxc_conf->rootfs; +#ifdef HAVE_ISULAD + ret = parse_mntopts(value, &mflags, &pflags, &mdata); + if (ret < 0) + return -EINVAL; +#else ret = parse_mntopts(value, &mflags, &mdata); if (ret < 0) return -EINVAL; @@ -2603,6 +2621,7 @@ static int set_config_rootfs_options(const char *key, const char *value, free(mdata); return -EINVAL; } +#endif ret = set_config_string_item(&opts, value); if (ret < 0) { diff --git a/src/lxc/criu.c b/src/lxc/criu.c index 1a909bb..14a8aae 100644 --- a/src/lxc/criu.c +++ b/src/lxc/criu.c @@ -371,8 +371,15 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct lxc_conf *conf, char *mntdata = NULL; char arg[2 * PATH_MAX + 2]; +#ifdef HAVE_ISULAD + unsigned long pflags; + + if (parse_mntopts(mntent.mnt_opts, &flags, &pflags, &mntdata) < 0) + goto err; +#else if (parse_mntopts(mntent.mnt_opts, &flags, &mntdata) < 0) goto err; +#endif free(mntdata); diff --git a/src/lxc/storage/btrfs.c b/src/lxc/storage/btrfs.c index 92a4a6d..069a9dd 100644 --- a/src/lxc/storage/btrfs.c +++ b/src/lxc/storage/btrfs.c @@ -197,16 +197,27 @@ int btrfs_mount(struct lxc_storage *bdev) const char *src; int ret; +#ifdef HAVE_ISULAD + unsigned long pflags = 0; +#endif + if (strcmp(bdev->type, "btrfs")) return -22; if (!bdev->src || !bdev->dest) return -22; +#ifdef HAVE_ISULAD + if (parse_mntopts(bdev->mntopts, &mntflags, &pflags, &mntdata) < 0) { + free(mntdata); + return -22; + } +#else if (parse_mntopts(bdev->mntopts, &mntflags, &mntdata) < 0) { free(mntdata); return -22; } +#endif src = lxc_storage_get_path(bdev->src, "btrfs"); diff --git a/src/lxc/storage/dir.c b/src/lxc/storage/dir.c index b3dbbd0..1dc95f1 100644 --- a/src/lxc/storage/dir.c +++ b/src/lxc/storage/dir.c @@ -124,14 +124,39 @@ bool dir_detect(const char *path) return false; } +#ifdef HAVE_ISULAD int dir_mount(struct lxc_storage *bdev) { __do_free char *mntdata = NULL; -#ifdef HAVE_ISULAD unsigned long mntflags = 0, pflags = 0; + int ret; + const char *src; + + if (strcmp(bdev->type, "dir")) + return -22; + + if (!bdev->src || !bdev->dest) + return -22; + + ret = parse_mntopts(bdev->mntopts, &mntflags, &pflags, &mntdata); + if (ret < 0) + return log_error_errno(ret, errno, "Failed to parse mount options \"%s\"", bdev->mntopts); + + src = lxc_storage_get_path(bdev->src, bdev->type); + + ret = mount(src, bdev->dest, "bind", MS_BIND | MS_REC | (mntflags & ~MS_RDONLY) | pflags, mntdata); + if (ret < 0) { + return log_error_errno(-errno, errno, "Failed to mount \"%s\" on \"%s\"", src, bdev->dest); + } + TRACE("Mounted \"%s\" on \"%s\"", src, bdev->dest); + + return 0; +} #else +int dir_mount(struct lxc_storage *bdev) +{ + __do_free char *mntdata = NULL; unsigned long mflags = 0, mntflags = 0, pflags = 0; -#endif int ret; const char *src; @@ -151,13 +176,6 @@ int dir_mount(struct lxc_storage *bdev) src = lxc_storage_get_path(bdev->src, bdev->type); -#ifdef HAVE_ISULAD - ret = mount(src, bdev->dest, "bind", MS_BIND | MS_REC | (mntflags & ~MS_RDONLY) | pflags, mntdata); - if (ret < 0) { - return log_error_errno(-errno, errno, "Failed to mount \"%s\" on \"%s\"", src, bdev->dest); - } - TRACE("Mounted \"%s\" on \"%s\"", src, bdev->dest); -#else ret = mount(src, bdev->dest, "bind", MS_BIND | MS_REC | mntflags | pflags, mntdata); if (ret < 0) return log_error_errno(-errno, errno, "Failed to mount \"%s\" on \"%s\"", src, bdev->dest); @@ -174,10 +192,10 @@ int dir_mount(struct lxc_storage *bdev) } TRACE("Mounted \"%s\" on \"%s\" with options \"%s\", mount flags \"%lu\", and propagation flags \"%lu\"", src ? src : "(none)", bdev->dest ? bdev->dest : "(none)", mntdata, mflags, pflags); -#endif return 0; } +#endif int dir_umount(struct lxc_storage *bdev) { diff --git a/src/lxc/storage/overlay.c b/src/lxc/storage/overlay.c index 770785c..75a81de 100644 --- a/src/lxc/storage/overlay.c +++ b/src/lxc/storage/overlay.c @@ -349,6 +349,9 @@ int ovl_mount(struct lxc_storage *bdev) char *work, *lastslash; size_t len, len2; int ret, ret2; +#ifdef HAVE_ISULAD + unsigned long pflags = 0; +#endif if (strcmp(bdev->type, "overlay") && strcmp(bdev->type, "overlayfs")) return -22; @@ -414,7 +417,12 @@ int ovl_mount(struct lxc_storage *bdev) work = must_make_path(upper, LXC_OVERLAY_WORK_DIR, NULL); upper[lastslash - upper] = '/'; +#ifdef HAVE_ISULAD + ret = parse_mntopts(bdev->mntopts, &mntflags, &pflags, &mntdata); +#else ret = parse_mntopts(bdev->mntopts, &mntflags, &mntdata); +#endif + if (ret < 0) { ERROR("Failed to parse mount options"); free(mntdata); diff --git a/src/lxc/storage/storage_utils.c b/src/lxc/storage/storage_utils.c index 07eee22..6fec638 100644 --- a/src/lxc/storage/storage_utils.c +++ b/src/lxc/storage/storage_utils.c @@ -340,6 +340,10 @@ int find_fstype_cb(char *buffer, void *data) char mount_err[BUFSIZ] = {0}; int ret; +#ifdef HAVE_ISULAD + unsigned long pflags = 0; +#endif + /* we don't try 'nodev' entries */ if (strstr(buffer, "nodev")) return 0; @@ -351,14 +355,19 @@ int find_fstype_cb(char *buffer, void *data) DEBUG("Trying to mount \"%s\"->\"%s\" with FSType \"%s\"", cbarg->rootfs, cbarg->target, fstype); - if (parse_mntopts(cbarg->options, &mntflags, &mntdata) < 0) { +#ifdef HAVE_ISULAD + if (parse_mntopts(cbarg->options, &mntflags, &pflags, &mntdata) < 0) { free(mntdata); return 0; } -#ifdef HAVE_ISULAD if (mount(cbarg->rootfs, cbarg->target, fstype, (mntflags & ~MS_RDONLY), mntdata)) { #else + if (parse_mntopts(cbarg->options, &mntflags, &mntdata) < 0) { + free(mntdata); + return 0; + } + if (mount(cbarg->rootfs, cbarg->target, fstype, mntflags, mntdata)) { #endif SYSDEBUG("Failed to mount"); diff --git a/src/lxc/storage/zfs.c b/src/lxc/storage/zfs.c index 4cc171f..025cf95 100644 --- a/src/lxc/storage/zfs.c +++ b/src/lxc/storage/zfs.c @@ -167,13 +167,22 @@ int zfs_mount(struct lxc_storage *bdev) const char *src; char cmd_output[PATH_MAX] = {0}; +#ifdef HAVE_ISULAD + unsigned long pflags = 0; +#endif + if (strcmp(bdev->type, "zfs")) return -22; if (!bdev->src || !bdev->dest) return -22; +#ifdef HAVE_ISULAD + ret = parse_mntopts(bdev->mntopts, &mntflags, &pflags, &mntdata); +#else ret = parse_mntopts(bdev->mntopts, &mntflags, &mntdata); +#endif + if (ret < 0) { ERROR("Failed to parse mount options"); free(mntdata); diff --git a/src/lxc/utils.h b/src/lxc/utils.h index 677f632..36c458e 100644 --- a/src/lxc/utils.h +++ b/src/lxc/utils.h @@ -27,8 +27,12 @@ #include "memory_utils.h" #include "raw_syscalls.h" #include "string_utils.h" + #ifdef HAVE_ISULAD #include "isulad_utils.h" + +/* isulad: replace space with SPACE_MAGIC_STR */ +#define SPACE_MAGIC_STR "[#)" #endif /* returns 1 on success, 0 if there were any failures */ -- 1.8.3.1