summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry')
-rw-r--r--pkg/sentry/fs/copy_up_test.go4
-rw-r--r--pkg/sentry/fs/dev/fs.go2
-rw-r--r--pkg/sentry/fs/filesystems.go2
-rw-r--r--pkg/sentry/fs/gofer/fs.go2
-rw-r--r--pkg/sentry/fs/gofer/session_state.go2
-rw-r--r--pkg/sentry/fs/host/fs.go2
-rw-r--r--pkg/sentry/fs/host/fs_test.go2
-rw-r--r--pkg/sentry/fs/mount_overlay.go2
-rw-r--r--pkg/sentry/fs/proc/fs.go2
-rw-r--r--pkg/sentry/fs/restore.go7
-rw-r--r--pkg/sentry/fs/sys/fs.go2
-rw-r--r--pkg/sentry/fs/tmpfs/fs.go2
-rw-r--r--pkg/sentry/fs/tty/fs.go2
-rw-r--r--pkg/sentry/syscalls/linux/sys_mount.go2
14 files changed, 19 insertions, 16 deletions
diff --git a/pkg/sentry/fs/copy_up_test.go b/pkg/sentry/fs/copy_up_test.go
index 2b2f4bb8f..98a0b7638 100644
--- a/pkg/sentry/fs/copy_up_test.go
+++ b/pkg/sentry/fs/copy_up_test.go
@@ -98,7 +98,7 @@ func makeOverlayTestFiles(t *testing.T) []*overlayTestFile {
// Create a lower tmpfs mount.
fsys, _ := fs.FindFilesystem("tmpfs")
- lower, err := fsys.Mount(contexttest.Context(t), "", fs.MountSourceFlags{}, "")
+ lower, err := fsys.Mount(contexttest.Context(t), "", fs.MountSourceFlags{}, "", nil)
if err != nil {
t.Fatalf("failed to mount tmpfs: %v", err)
}
@@ -147,7 +147,7 @@ func makeOverlayTestFiles(t *testing.T) []*overlayTestFile {
}
// Create an empty upper tmpfs mount which we will copy up into.
- upper, err := fsys.Mount(ctx, "", fs.MountSourceFlags{}, "")
+ upper, err := fsys.Mount(ctx, "", fs.MountSourceFlags{}, "", nil)
if err != nil {
t.Fatalf("failed to mount tmpfs: %v", err)
}
diff --git a/pkg/sentry/fs/dev/fs.go b/pkg/sentry/fs/dev/fs.go
index abfe689f0..cf4e7d00f 100644
--- a/pkg/sentry/fs/dev/fs.go
+++ b/pkg/sentry/fs/dev/fs.go
@@ -66,7 +66,7 @@ func (*filesystem) Flags() fs.FilesystemFlags {
}
// Mount returns a devtmpfs root that can be positioned in the vfs.
-func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) {
+func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) {
// device is always ignored.
// devtmpfs backed by ramfs ignores bad options. See fs/ramfs/inode.c:ramfs_parse_options.
// -> we should consider parsing the mode and backing devtmpfs by this.
diff --git a/pkg/sentry/fs/filesystems.go b/pkg/sentry/fs/filesystems.go
index ba8be85e4..aa664b973 100644
--- a/pkg/sentry/fs/filesystems.go
+++ b/pkg/sentry/fs/filesystems.go
@@ -50,7 +50,7 @@ type Filesystem interface {
// data options.
//
// Mount may return arbitrary errors. They do not need syserr translations.
- Mount(ctx context.Context, device string, flags MountSourceFlags, data string) (*Inode, error)
+ Mount(ctx context.Context, device string, flags MountSourceFlags, data string, dataObj interface{}) (*Inode, error)
// AllowUserMount determines whether mount(2) is allowed to mount a
// file system of this type.
diff --git a/pkg/sentry/fs/gofer/fs.go b/pkg/sentry/fs/gofer/fs.go
index 2dc000c6f..adff0abac 100644
--- a/pkg/sentry/fs/gofer/fs.go
+++ b/pkg/sentry/fs/gofer/fs.go
@@ -120,7 +120,7 @@ func (*filesystem) Flags() fs.FilesystemFlags {
}
// Mount returns an attached 9p client that can be positioned in the vfs.
-func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) {
+func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) {
// Parse and validate the mount options.
o, err := options(data)
if err != nil {
diff --git a/pkg/sentry/fs/gofer/session_state.go b/pkg/sentry/fs/gofer/session_state.go
index d9fd7a221..0ad5d63b5 100644
--- a/pkg/sentry/fs/gofer/session_state.go
+++ b/pkg/sentry/fs/gofer/session_state.go
@@ -57,7 +57,7 @@ func (s *session) afterLoad() {
}
// Validate the mount flags and options.
- opts, err := options(args.Data)
+ opts, err := options(args.DataString)
if err != nil {
panic("failed to parse mount options: " + err.Error())
}
diff --git a/pkg/sentry/fs/host/fs.go b/pkg/sentry/fs/host/fs.go
index d2ba38449..800649211 100644
--- a/pkg/sentry/fs/host/fs.go
+++ b/pkg/sentry/fs/host/fs.go
@@ -82,7 +82,7 @@ func (*Filesystem) Flags() fs.FilesystemFlags {
// Mount returns an fs.Inode exposing the host file system. It is intended to be locked
// down in PreExec below.
-func (f *Filesystem) Mount(ctx context.Context, _ string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) {
+func (f *Filesystem) Mount(ctx context.Context, _ string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) {
// Parse generic comma-separated key=value options.
options := fs.GenericMountSourceOptions(data)
diff --git a/pkg/sentry/fs/host/fs_test.go b/pkg/sentry/fs/host/fs_test.go
index 44db61ecd..c83b29a16 100644
--- a/pkg/sentry/fs/host/fs_test.go
+++ b/pkg/sentry/fs/host/fs_test.go
@@ -321,7 +321,7 @@ func TestRootPath(t *testing.T) {
hostFS := &Filesystem{}
ctx := contexttest.Context(t)
data := fmt.Sprintf("%s=%s,%s=%s", rootPathKey, rootPath, whitelistKey, whitelisted.Name())
- inode, err := hostFS.Mount(ctx, "", fs.MountSourceFlags{}, data)
+ inode, err := hostFS.Mount(ctx, "", fs.MountSourceFlags{}, data, nil)
if err != nil {
t.Fatalf("Mount failed: %v", err)
}
diff --git a/pkg/sentry/fs/mount_overlay.go b/pkg/sentry/fs/mount_overlay.go
index fb91635bc..4c89673b5 100644
--- a/pkg/sentry/fs/mount_overlay.go
+++ b/pkg/sentry/fs/mount_overlay.go
@@ -122,6 +122,6 @@ func (*overlayFilesystem) AllowUserList() bool {
}
// Mount implements Filesystem.Mount.
-func (ofs *overlayFilesystem) Mount(ctx context.Context, device string, flags MountSourceFlags, data string) (*Inode, error) {
+func (ofs *overlayFilesystem) Mount(ctx context.Context, device string, flags MountSourceFlags, data string, _ interface{}) (*Inode, error) {
panic("overlayFilesystem.Mount should not be called!")
}
diff --git a/pkg/sentry/fs/proc/fs.go b/pkg/sentry/fs/proc/fs.go
index 63f737ff4..666a2d054 100644
--- a/pkg/sentry/fs/proc/fs.go
+++ b/pkg/sentry/fs/proc/fs.go
@@ -57,7 +57,7 @@ func (*filesystem) Flags() fs.FilesystemFlags {
}
// Mount returns the root of a procfs that can be positioned in the vfs.
-func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) {
+func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) {
// device is always ignored.
// Parse generic comma-separated key=value options, this file system expects them.
diff --git a/pkg/sentry/fs/restore.go b/pkg/sentry/fs/restore.go
index da2df7e1d..a6645b41e 100644
--- a/pkg/sentry/fs/restore.go
+++ b/pkg/sentry/fs/restore.go
@@ -41,8 +41,11 @@ type MountArgs struct {
// Flags corresponds to the flags argument of Mount.
Flags MountSourceFlags
- // Data corresponds to the data argument of Mount.
- Data string
+ // DataString corresponds to the data argument of Mount.
+ DataString string
+
+ // DataObj corresponds to the data interface argument of Mount.
+ DataObj interface{}
}
// restoreEnv holds the fs package global RestoreEnvironment.
diff --git a/pkg/sentry/fs/sys/fs.go b/pkg/sentry/fs/sys/fs.go
index 301fef038..44ae43754 100644
--- a/pkg/sentry/fs/sys/fs.go
+++ b/pkg/sentry/fs/sys/fs.go
@@ -57,7 +57,7 @@ func (*filesystem) Flags() fs.FilesystemFlags {
}
// Mount returns a sysfs root which can be positioned in the vfs.
-func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) {
+func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) {
// device is always ignored.
// sysfs ignores data, see fs/sysfs/mount.c:sysfs_mount.
diff --git a/pkg/sentry/fs/tmpfs/fs.go b/pkg/sentry/fs/tmpfs/fs.go
index d495430e9..d0c93028f 100644
--- a/pkg/sentry/fs/tmpfs/fs.go
+++ b/pkg/sentry/fs/tmpfs/fs.go
@@ -82,7 +82,7 @@ func (*Filesystem) Flags() fs.FilesystemFlags {
}
// Mount returns a tmpfs root that can be positioned in the vfs.
-func (f *Filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) {
+func (f *Filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) {
// device is always ignored.
// Parse generic comma-separated key=value options, this file system expects them.
diff --git a/pkg/sentry/fs/tty/fs.go b/pkg/sentry/fs/tty/fs.go
index 0c412eb21..43e0e2a04 100644
--- a/pkg/sentry/fs/tty/fs.go
+++ b/pkg/sentry/fs/tty/fs.go
@@ -59,7 +59,7 @@ func (*filesystem) Flags() fs.FilesystemFlags {
}
// MountSource returns a devpts root that can be positioned in the vfs.
-func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string) (*fs.Inode, error) {
+func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error) {
// device is always ignored.
// No options are supported.
diff --git a/pkg/sentry/syscalls/linux/sys_mount.go b/pkg/sentry/syscalls/linux/sys_mount.go
index bf0df7302..6b8d75d24 100644
--- a/pkg/sentry/syscalls/linux/sys_mount.go
+++ b/pkg/sentry/syscalls/linux/sys_mount.go
@@ -101,7 +101,7 @@ func Mount(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall
superFlags.ReadOnly = true
}
- rootInode, err := rsys.Mount(t, sourcePath, superFlags, data)
+ rootInode, err := rsys.Mount(t, sourcePath, superFlags, data, nil)
if err != nil {
return 0, nil, syserror.EINVAL
}