summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--runsc/boot/loader_test.go7
-rw-r--r--runsc/boot/vfs.go15
2 files changed, 7 insertions, 15 deletions
diff --git a/runsc/boot/loader_test.go b/runsc/boot/loader_test.go
index 55d27a632..7a30fea70 100644
--- a/runsc/boot/loader_test.go
+++ b/runsc/boot/loader_test.go
@@ -438,7 +438,6 @@ func createMountTestcases(vfs2 bool) []*CreateMountTestcase {
// Test that MountNamespace can be created with various specs.
func TestCreateMountNamespace(t *testing.T) {
-
for _, tc := range createMountTestcases(false /* vfs2 */) {
t.Run(tc.name, func(t *testing.T) {
conf := testConfig()
@@ -476,7 +475,6 @@ func TestCreateMountNamespace(t *testing.T) {
// Test that MountNamespace can be created with various specs.
func TestCreateMountNamespaceVFS2(t *testing.T) {
-
for _, tc := range createMountTestcases(true /* vfs2 */) {
t.Run(tc.name, func(t *testing.T) {
defer resetSyscallTable()
@@ -485,6 +483,7 @@ func TestCreateMountNamespaceVFS2(t *testing.T) {
spec.Mounts = tc.spec.Mounts
spec.Root = tc.spec.Root
+ t.Logf("Using root: %q", spec.Root.Path)
l, loaderCleanup, err := createLoader(true /* VFS2 Enabled */, spec)
if err != nil {
t.Fatalf("failed to create loader: %v", err)
@@ -497,7 +496,7 @@ func TestCreateMountNamespaceVFS2(t *testing.T) {
t.Fatalf("failed process hints: %v", err)
}
- ctx := l.rootProcArgs.NewContext(l.k)
+ ctx := l.k.SupervisorContext()
mns, err := mntr.setupVFS2(ctx, l.conf, &l.rootProcArgs)
if err != nil {
t.Fatalf("failed to setupVFS2: %v", err)
@@ -506,7 +505,6 @@ func TestCreateMountNamespaceVFS2(t *testing.T) {
root := mns.Root()
defer root.DecRef()
for _, p := range tc.expectedPaths {
-
target := &vfs.PathOperation{
Root: root,
Start: root,
@@ -518,7 +516,6 @@ func TestCreateMountNamespaceVFS2(t *testing.T) {
} else {
d.DecRef()
}
-
}
})
}
diff --git a/runsc/boot/vfs.go b/runsc/boot/vfs.go
index 448fc4459..d1397ed2c 100644
--- a/runsc/boot/vfs.go
+++ b/runsc/boot/vfs.go
@@ -166,30 +166,28 @@ func (c *containerMounter) setupVFS2(ctx context.Context, conf *Config, procArgs
// Create context with root credentials to mount the filesystem (the current
// user may not be privileged enough).
+ rootCreds := auth.NewRootCredentials(procArgs.Credentials.UserNamespace)
rootProcArgs := *procArgs
rootProcArgs.WorkingDirectory = "/"
- rootProcArgs.Credentials = auth.NewRootCredentials(procArgs.Credentials.UserNamespace)
+ rootProcArgs.Credentials = rootCreds
rootProcArgs.Umask = 0022
rootProcArgs.MaxSymlinkTraversals = linux.MaxSymlinkTraversals
rootCtx := procArgs.NewContext(c.k)
- creds := procArgs.Credentials
- if err := registerFilesystems(rootCtx, c.k.VFS(), creds); err != nil {
+ if err := registerFilesystems(rootCtx, c.k.VFS(), rootCreds); err != nil {
return nil, fmt.Errorf("register filesystems: %w", err)
}
- mns, err := c.createMountNamespaceVFS2(ctx, conf, creds)
+ mns, err := c.createMountNamespaceVFS2(rootCtx, conf, rootCreds)
if err != nil {
return nil, fmt.Errorf("creating mount namespace: %w", err)
}
-
rootProcArgs.MountNamespaceVFS2 = mns
// Mount submounts.
- if err := c.mountSubmountsVFS2(rootCtx, conf, mns, creds); err != nil {
+ if err := c.mountSubmountsVFS2(rootCtx, conf, mns, rootCreds); err != nil {
return nil, fmt.Errorf("mounting submounts vfs2: %w", err)
}
-
return mns, nil
}
@@ -318,7 +316,6 @@ func p9MountOptionsVFS2(fd int, fa FileAccessType) []string {
}
func (c *containerMounter) makeSyntheticMount(ctx context.Context, currentPath string, root vfs.VirtualDentry, creds *auth.Credentials) error {
-
target := &vfs.PathOperation{
Root: root,
Start: root,
@@ -327,12 +324,10 @@ func (c *containerMounter) makeSyntheticMount(ctx context.Context, currentPath s
_, err := c.k.VFS().StatAt(ctx, creds, target, &vfs.StatOptions{})
switch {
-
case err == syserror.ENOENT:
if err := c.makeSyntheticMount(ctx, path.Dir(currentPath), root, creds); err != nil {
return err
}
-
mkdirOpts := &vfs.MkdirOptions{Mode: 0777, ForSyntheticMountpoint: true}
if err := c.k.VFS().MkdirAt(ctx, creds, target, mkdirOpts); err != nil {
return fmt.Errorf("failed to makedir for mount %+v: %w", target, err)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 05:53:45 +0000