diff options
| author | moricho <ikeda.morito@gmail.com> | 2020-04-20 17:03:00 +0900 |
|---|---|---|
| committer | moricho <ikeda.morito@gmail.com> | 2020-04-25 22:04:39 +0900 |
| commit | 0b3166f6243472fbb72cc749c57d3a59aa481979 (patch) | |
| tree | ee1abca69c56990c83fcf4b46c03bf5541fc7877 /runsc | |
| parent | 93e510e26fca90a90e10a550ce6ca8d7dfa0b55c (diff) | |
add bind/rbind options for mount
Signed-off-by: moricho <ikeda.morito@gmail.com>
Diffstat (limited to 'runsc')
| -rw-r--r-- | runsc/boot/fs.go | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/runsc/boot/fs.go b/runsc/boot/fs.go index e1519673c..78d6a0c14 100644 --- a/runsc/boot/fs.go +++ b/runsc/boot/fs.go @@ -63,8 +63,13 @@ const ( nonefs = "none" ) -// tmpfs has some extra supported options that we must pass through. -var tmpfsAllowedOptions = []string{"mode", "uid", "gid"} +var ( + // tmpfs has some extra supported options that we must pass through. + tmpfsAllowedOptions = []string{"mode", "uid", "gid"} + + // filesystems supported on gVisor. + supportedFilesystems = []string{bind, devpts, devtmpfs, proc, sysfs, tmpfs} +) func addOverlay(ctx context.Context, conf *Config, lower *fs.Inode, name string, lowerFlags fs.MountSourceFlags) (*fs.Inode, error) { // Upper layer uses the same flags as lower, but it must be read-write. @@ -219,6 +224,8 @@ func mountFlags(opts []string) fs.MountSourceFlags { mf.NoAtime = true case "noexec": mf.NoExec = true + case "bind", "rbind": + mf.Bind = true default: log.Warningf("ignoring unknown mount option %q", o) } @@ -230,6 +237,10 @@ func isSupportedMountFlag(fstype, opt string) bool { switch opt { case "rw", "ro", "noatime", "noexec": return true + case "bind", "rbind": + if fstype == nonefs || !specutils.ContainsStr(supportedFilesystems, fstype) { + return true + } } if fstype == tmpfs { ok, err := parseMountOption(opt, tmpfsAllowedOptions...) @@ -756,12 +767,14 @@ func (c *containerMounter) createRootMount(ctx context.Context, conf *Config) (* return rootInode, nil } +// getBindMountNameAndOptions retrieves the fsName, opts, and useOverlay values +// used for bind mounts. func (c *containerMounter) getBindMountNameAndOptions(conf *Config, m specs.Mount) (string, []string, bool) { fd := c.fds.remove() - fsName = "9p" - opts = p9MountOptions(fd, c.getMountAccessType(m)) + fsName := "9p" + opts := p9MountOptions(fd, c.getMountAccessType(m)) // If configured, add overlay to all writable mounts. - useOverlay = conf.Overlay && !mountFlags(m.Options).ReadOnly + useOverlay := conf.Overlay && !mountFlags(m.Options).ReadOnly return fsName, opts, useOverlay } |