Plumb VFS2 inside the Sentry

- Added fsbridge package with interface that can be used to open and read from VFS1 and VFS2 files. - Converted ELF loader to use fsbridge - Added VFS2 types to FSContext - Added vfs.MountNamespace to ThreadGroup Updates #1623 PiperOrigin-RevId: 295183950
author: gVisor bot <gvisor-bot@google.com> 2020-02-14 11:11:55 -0800
committer: gVisor bot <gvisor-bot@google.com> 2020-02-14 11:12:47 -0800
commit: 4075de11be44372c454aae7f9650cdc814c52229 (patch)
tree: 6c61b83a9cfd07af87446262f917652f58c5205f /runsc/boot
parent: b2e86906ea4f7bc43b8d2d3a4735a87eca779b33 (diff)
1 files changed, 7 insertions, 4 deletions
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index 9f0d5d7af..239ca5302 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -795,16 +795,19 @@ func (l *Loader) executeAsync(args *control.ExecArgs) (kernel.ThreadID, error) {
 		return 0, fmt.Errorf("container %q not started", args.ContainerID)
 	}
 
+	// TODO(gvisor.dev/issue/1623): Add VFS2 support
+
 	// Get the container MountNamespace from the Task.
 	tg.Leader().WithMuLocked(func(t *kernel.Task) {
-		// task.MountNamespace() does not take a ref, so we must do so
-		// ourselves.
+		// task.MountNamespace() does not take a ref, so we must do so ourselves.
 		args.MountNamespace = t.MountNamespace()
 		args.MountNamespace.IncRef()
 	})
-	defer args.MountNamespace.DecRef()
+	if args.MountNamespace != nil {
+		defer args.MountNamespace.DecRef()
+	}
 
-	// Add the HOME enviroment varible if it is not already set.
+	// Add the HOME environment variable if it is not already set.
 	root := args.MountNamespace.Root()
 	defer root.DecRef()
 	ctx := fs.WithRoot(l.k.SupervisorContext(), root)
author	gVisor bot <gvisor-bot@google.com>	2020-02-14 11:11:55 -0800
committer	gVisor bot <gvisor-bot@google.com>	2020-02-14 11:12:47 -0800
commit	4075de11be44372c454aae7f9650cdc814c52229 (patch)
tree	6c61b83a9cfd07af87446262f917652f58c5205f /runsc/boot
parent	b2e86906ea4f7bc43b8d2d3a4735a87eca779b33 (diff)