diff options
Diffstat (limited to 'pkg/sentry')
-rw-r--r-- | pkg/sentry/fs/copy_up_test.go | 4 | ||||
-rw-r--r-- | pkg/sentry/fs/dev/fs.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/filesystems.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/gofer/fs.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/gofer/session_state.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/host/fs.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/host/fs_test.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/mount_overlay.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/proc/fs.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/restore.go | 7 | ||||
-rw-r--r-- | pkg/sentry/fs/sys/fs.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/tmpfs/fs.go | 2 | ||||
-rw-r--r-- | pkg/sentry/fs/tty/fs.go | 2 | ||||
-rw-r--r-- | pkg/sentry/syscalls/linux/sys_mount.go | 2 |
14 files changed, 19 insertions, 16 deletions
diff --git a/pkg/sentry/fs/copy_up_test.go b/pkg/sentry/fs/copy_up_test.go index 2b2f4bb8f..98a0b7638 100644 --- a/pkg/sentry/fs/copy_up_test.go +++ b/pkg/sentry/fs/copy_up_test.go @@ -98,7 +98,7 @@ func makeOverlayTestFiles(t *testing.T) []*overlayTestFile { // Create a lower tmpfs mount. fsys, _ := fs.FindFilesystem("tmpfs") - lower, err := fsys.Mount(contexttest.Context(t), "", fs.MountSourceFlags{}, "") + lower, err := fsys.Mount(contexttest.Context(t), "", fs.MountSourceFlags{}, "", nil) if err != nil { t.Fatalf("failed to mount tmpfs: %v", err) } @@ -147,7 +147,7 @@ func makeOverlayTestFiles(t *testing.T) []*overlayTestFile { } // Create an empty upper tmpfs mount which we will copy up into. - upper, err := fsys.Mount(ctx, "", fs.MountSourceFlags{}, "") + upper, err := fsys.Mount(ctx, "", fs.MountSourceFlags{}, "", nil) if err != nil { t.Fatalf("failed to mount tmpfs: %v", err) } diff --git a/pkg/sentry/fs/dev/fs.go b/pkg/sentry/fs/dev/fs.go index abfe689f0..cf4e7d00f 100644 --- a/pkg/sentry/fs/dev/fs.go +++ b/pkg/sentry/fs/dev/fs.go @@ -66,7 +66,7 @@ func (*filesystem) Flags() fs.FilesystemFlags { } // Mount returns a devtmpfs root that can be positioned in the vfs. -func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) { +func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) { // device is always ignored. // devtmpfs backed by ramfs ignores bad options. See fs/ramfs/inode.c:ramfs_parse_options. // -> we should consider parsing the mode and backing devtmpfs by this. diff --git a/pkg/sentry/fs/filesystems.go b/pkg/sentry/fs/filesystems.go index ba8be85e4..aa664b973 100644 --- a/pkg/sentry/fs/filesystems.go +++ b/pkg/sentry/fs/filesystems.go @@ -50,7 +50,7 @@ type Filesystem interface { // data options. // // Mount may return arbitrary errors. They do not need syserr translations. - Mount(ctx context.Context, device string, flags MountSourceFlags, data string) (*Inode, error) + Mount(ctx context.Context, device string, flags MountSourceFlags, data string, dataObj interface{}) (*Inode, error) // AllowUserMount determines whether mount(2) is allowed to mount a // file system of this type. diff --git a/pkg/sentry/fs/gofer/fs.go b/pkg/sentry/fs/gofer/fs.go index 2dc000c6f..adff0abac 100644 --- a/pkg/sentry/fs/gofer/fs.go +++ b/pkg/sentry/fs/gofer/fs.go @@ -120,7 +120,7 @@ func (*filesystem) Flags() fs.FilesystemFlags { } // Mount returns an attached 9p client that can be positioned in the vfs. -func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) { +func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) { // Parse and validate the mount options. o, err := options(data) if err != nil { diff --git a/pkg/sentry/fs/gofer/session_state.go b/pkg/sentry/fs/gofer/session_state.go index d9fd7a221..0ad5d63b5 100644 --- a/pkg/sentry/fs/gofer/session_state.go +++ b/pkg/sentry/fs/gofer/session_state.go @@ -57,7 +57,7 @@ func (s *session) afterLoad() { } // Validate the mount flags and options. - opts, err := options(args.Data) + opts, err := options(args.DataString) if err != nil { panic("failed to parse mount options: " + err.Error()) } diff --git a/pkg/sentry/fs/host/fs.go b/pkg/sentry/fs/host/fs.go index d2ba38449..800649211 100644 --- a/pkg/sentry/fs/host/fs.go +++ b/pkg/sentry/fs/host/fs.go @@ -82,7 +82,7 @@ func (*Filesystem) Flags() fs.FilesystemFlags { // Mount returns an fs.Inode exposing the host file system. It is intended to be locked // down in PreExec below. -func (f *Filesystem) Mount(ctx context.Context, _ string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) { +func (f *Filesystem) Mount(ctx context.Context, _ string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) { // Parse generic comma-separated key=value options. options := fs.GenericMountSourceOptions(data) diff --git a/pkg/sentry/fs/host/fs_test.go b/pkg/sentry/fs/host/fs_test.go index 44db61ecd..c83b29a16 100644 --- a/pkg/sentry/fs/host/fs_test.go +++ b/pkg/sentry/fs/host/fs_test.go @@ -321,7 +321,7 @@ func TestRootPath(t *testing.T) { hostFS := &Filesystem{} ctx := contexttest.Context(t) data := fmt.Sprintf("%s=%s,%s=%s", rootPathKey, rootPath, whitelistKey, whitelisted.Name()) - inode, err := hostFS.Mount(ctx, "", fs.MountSourceFlags{}, data) + inode, err := hostFS.Mount(ctx, "", fs.MountSourceFlags{}, data, nil) if err != nil { t.Fatalf("Mount failed: %v", err) } diff --git a/pkg/sentry/fs/mount_overlay.go b/pkg/sentry/fs/mount_overlay.go index fb91635bc..4c89673b5 100644 --- a/pkg/sentry/fs/mount_overlay.go +++ b/pkg/sentry/fs/mount_overlay.go @@ -122,6 +122,6 @@ func (*overlayFilesystem) AllowUserList() bool { } // Mount implements Filesystem.Mount. -func (ofs *overlayFilesystem) Mount(ctx context.Context, device string, flags MountSourceFlags, data string) (*Inode, error) { +func (ofs *overlayFilesystem) Mount(ctx context.Context, device string, flags MountSourceFlags, data string, _ interface{}) (*Inode, error) { panic("overlayFilesystem.Mount should not be called!") } diff --git a/pkg/sentry/fs/proc/fs.go b/pkg/sentry/fs/proc/fs.go index 63f737ff4..666a2d054 100644 --- a/pkg/sentry/fs/proc/fs.go +++ b/pkg/sentry/fs/proc/fs.go @@ -57,7 +57,7 @@ func (*filesystem) Flags() fs.FilesystemFlags { } // Mount returns the root of a procfs that can be positioned in the vfs. -func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) { +func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) { // device is always ignored. // Parse generic comma-separated key=value options, this file system expects them. diff --git a/pkg/sentry/fs/restore.go b/pkg/sentry/fs/restore.go index da2df7e1d..a6645b41e 100644 --- a/pkg/sentry/fs/restore.go +++ b/pkg/sentry/fs/restore.go @@ -41,8 +41,11 @@ type MountArgs struct { // Flags corresponds to the flags argument of Mount. Flags MountSourceFlags - // Data corresponds to the data argument of Mount. - Data string + // DataString corresponds to the data argument of Mount. + DataString string + + // DataObj corresponds to the data interface argument of Mount. + DataObj interface{} } // restoreEnv holds the fs package global RestoreEnvironment. diff --git a/pkg/sentry/fs/sys/fs.go b/pkg/sentry/fs/sys/fs.go index 301fef038..44ae43754 100644 --- a/pkg/sentry/fs/sys/fs.go +++ b/pkg/sentry/fs/sys/fs.go @@ -57,7 +57,7 @@ func (*filesystem) Flags() fs.FilesystemFlags { } // Mount returns a sysfs root which can be positioned in the vfs. -func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) { +func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) { // device is always ignored. // sysfs ignores data, see fs/sysfs/mount.c:sysfs_mount. diff --git a/pkg/sentry/fs/tmpfs/fs.go b/pkg/sentry/fs/tmpfs/fs.go index d495430e9..d0c93028f 100644 --- a/pkg/sentry/fs/tmpfs/fs.go +++ b/pkg/sentry/fs/tmpfs/fs.go @@ -82,7 +82,7 @@ func (*Filesystem) Flags() fs.FilesystemFlags { } // Mount returns a tmpfs root that can be positioned in the vfs. -func (f *Filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) { +func (f *Filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) { // device is always ignored. // Parse generic comma-separated key=value options, this file system expects them. diff --git a/pkg/sentry/fs/tty/fs.go b/pkg/sentry/fs/tty/fs.go index 0c412eb21..43e0e2a04 100644 --- a/pkg/sentry/fs/tty/fs.go +++ b/pkg/sentry/fs/tty/fs.go @@ -59,7 +59,7 @@ func (*filesystem) Flags() fs.FilesystemFlags { } // MountSource returns a devpts root that can be positioned in the vfs. -func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) { +func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) { // device is always ignored. // No options are supported. diff --git a/pkg/sentry/syscalls/linux/sys_mount.go b/pkg/sentry/syscalls/linux/sys_mount.go index bf0df7302..6b8d75d24 100644 --- a/pkg/sentry/syscalls/linux/sys_mount.go +++ b/pkg/sentry/syscalls/linux/sys_mount.go @@ -101,7 +101,7 @@ func Mount(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall superFlags.ReadOnly = true } - rootInode, err := rsys.Mount(t, sourcePath, superFlags, data) + rootInode, err := rsys.Mount(t, sourcePath, superFlags, data, nil) if err != nil { return 0, nil, syserror.EINVAL } |