summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/loader/interpreter.go
diff options
context:
space:
mode:
authorNicolas Lacasse <nlacasse@google.com>2018-07-03 10:35:27 -0700
committerShentubot <shentubot@google.com>2018-07-03 10:36:22 -0700
commit4500155ffc5edfc2d417297d3367f5656dbea5a7 (patch)
treee96250e876f7a8022ee4169a87f20860f4a718a1 /pkg/sentry/loader/interpreter.go
parent614475196201a380d969ed269d99a8ad70ca1885 (diff)
runsc: Mount "mandatory" mounts right after mounting the root.
The /proc and /sys mounts are "mandatory" in the sense that they should be mounted in the sandbox even when they are not included in the spec. Runsc treats /tmp similarly, because it is faster to use the internal tmpfs implementation instead of proxying to the host. However, the spec may contain submounts of these mandatory mounts (particularly for /tmp). In those cases, we must mount our mandatory mounts before the submount, otherwise the submount will be masked. Since the mandatory mounts are all top-level directories, we can mount them right after the root. PiperOrigin-RevId: 203145635 Change-Id: Id69bae771d32c1a5b67e08c8131b73d9b42b2fbf
Diffstat (limited to 'pkg/sentry/loader/interpreter.go')
0 files changed, 0 insertions, 0 deletions