diff options
| author | Fabricio Voznika <fvoznika@google.com> | 2021-03-30 11:35:03 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-03-30 11:36:55 -0700 |
| commit | 71f3dccbb3d47cbf572afe0737a29c8d87fde9c9 (patch) | |
| tree | 9b829889119c9abaf0b764ccbc9b015121054366 /test | |
| parent | 8a2f7e716dcc62f04d2808e8ade34941c94fc956 (diff) | |
Fix panic when overriding /dev files with VFS2
VFS1 skips over mounts that overrides files in /dev because the list of
files is hardcoded. This is not needed for VFS2 and a recent change
lifted this restriction. However, parts of the code were still skipping
/dev mounts even in VFS2, causing the loader to panic when it ran short
of FDs to connect to the gofer.
PiperOrigin-RevId: 365858436
Diffstat (limited to 'test')
| -rw-r--r-- | test/e2e/integration_test.go | 46 |
1 files changed, 44 insertions, 2 deletions
diff --git a/test/e2e/integration_test.go b/test/e2e/integration_test.go index 49cd74887..e83576722 100644 --- a/test/e2e/integration_test.go +++ b/test/e2e/integration_test.go @@ -399,15 +399,15 @@ func TestTmpFile(t *testing.T) { // TestTmpMount checks that mounts inside '/tmp' are not overridden. func TestTmpMount(t *testing.T) { - ctx := context.Background() dir, err := ioutil.TempDir(testutil.TmpDir(), "tmp-mount") if err != nil { t.Fatalf("TempDir(): %v", err) } - want := "123" + const want = "123" if err := ioutil.WriteFile(filepath.Join(dir, "file.txt"), []byte("123"), 0666); err != nil { t.Fatalf("WriteFile(): %v", err) } + ctx := context.Background() d := dockerutil.MakeContainer(ctx, t) defer d.CleanUp(ctx) @@ -430,6 +430,48 @@ func TestTmpMount(t *testing.T) { } } +// Test that it is allowed to mount a file on top of /dev files, e.g. +// /dev/random. +func TestMountOverDev(t *testing.T) { + if usingVFS2, err := dockerutil.UsingVFS2(); !usingVFS2 { + t.Skip("VFS1 doesn't allow /dev/random to be mounted.") + } else if err != nil { + t.Fatalf("Failed to read config for runtime %s: %v", dockerutil.Runtime(), err) + } + + random, err := ioutil.TempFile(testutil.TmpDir(), "random") + if err != nil { + t.Fatal("ioutil.TempFile() failed:", err) + } + const want = "123" + if _, err := random.WriteString(want); err != nil { + t.Fatalf("WriteString() to %q: %v", random.Name(), err) + } + + ctx := context.Background() + d := dockerutil.MakeContainer(ctx, t) + defer d.CleanUp(ctx) + + opts := dockerutil.RunOpts{ + Image: "basic/alpine", + Mounts: []mount.Mount{ + { + Type: mount.TypeBind, + Source: random.Name(), + Target: "/dev/random", + }, + }, + } + cmd := "dd count=1 bs=5 if=/dev/random 2> /dev/null" + got, err := d.Run(ctx, opts, "sh", "-c", cmd) + if err != nil { + t.Fatalf("docker run failed: %v", err) + } + if want != got { + t.Errorf("invalid file content, want: %q, got: %q", want, got) + } +} + // TestSyntheticDirs checks that submounts can be created inside a readonly // mount even if the target path does not exist. func TestSyntheticDirs(t *testing.T) { |