summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/fsimpl/verity
diff options
context:
space:
mode:
authorChong Cai <chongc@google.com>2020-09-23 17:10:43 -0700
committergVisor bot <gvisor-bot@google.com>2020-09-23 17:12:13 -0700
commit994062ec9ca70110c39d9c004cad62e23d4c7a41 (patch)
treed5d39a6b89620f097c4440e693c19e41b8e1a18c /pkg/sentry/fsimpl/verity
parentc3c66ea428c8f56ff64e415961035feffef718f3 (diff)
Set verity underlying fs mount as internal
PiperOrigin-RevId: 333404727
Diffstat (limited to 'pkg/sentry/fsimpl/verity')
-rw-r--r--pkg/sentry/fsimpl/verity/verity.go1
1 files changed, 1 insertions, 0 deletions
diff --git a/pkg/sentry/fsimpl/verity/verity.go b/pkg/sentry/fsimpl/verity/verity.go
index 9182df317..996c04b37 100644
--- a/pkg/sentry/fsimpl/verity/verity.go
+++ b/pkg/sentry/fsimpl/verity/verity.go
@@ -159,6 +159,7 @@ func (fstype FilesystemType) GetFilesystem(ctx context.Context, vfsObj *vfs.Virt
// verity, and should not be exposed or connected.
mopts := &vfs.MountOptions{
GetFilesystemOptions: iopts.LowerGetFSOptions,
+ InternalMount: true,
}
mnt, err := vfsObj.MountDisconnected(ctx, creds, "", iopts.LowerName, mopts)
if err != nil {