13 files changed, 100 insertions, 124 deletions

diff --git a/runsc/boot/BUILD b/runsc/boot/BUILD
index 7ec15a524..5025401dd 100644
--- a/runsc/boot/BUILD
+++ b/runsc/boot/BUILD
@@ -34,6 +34,7 @@ go_library(
         "//pkg/log",
         "//pkg/memutil",
         "//pkg/rand",
+        "//pkg/refs",
         "//pkg/sentry/arch",
         "//pkg/sentry/arch:registers_go_proto",
         "//pkg/sentry/context",
@@ -51,13 +52,10 @@ go_library(
         "//pkg/sentry/kernel",
         "//pkg/sentry/kernel:uncaught_signal_go_proto",
         "//pkg/sentry/kernel/auth",
-        "//pkg/sentry/kernel/kdefs",
         "//pkg/sentry/limits",
         "//pkg/sentry/loader",
         "//pkg/sentry/pgalloc",
         "//pkg/sentry/platform",
-        "//pkg/sentry/platform/kvm",
-        "//pkg/sentry/platform/ptrace",
         "//pkg/sentry/sighandling",
         "//pkg/sentry/socket/epsocket",
         "//pkg/sentry/socket/hostinet",
@@ -86,6 +84,7 @@ go_library(
         "//pkg/tcpip/transport/udp",
         "//pkg/urpc",
         "//runsc/boot/filter",
+        "//runsc/boot/platforms",
         "//runsc/specutils",
         "@com_github_golang_protobuf//proto:go_default_library",
         "@com_github_opencontainers_runtime-spec//specs-go:go_default_library",
diff --git a/runsc/boot/config.go b/runsc/boot/config.go
index 6d276f207..6f1eb9a41 100644
--- a/runsc/boot/config.go
+++ b/runsc/boot/config.go
@@ -22,40 +22,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/watchdog"
 )
 
-// PlatformType tells which platform to use.
-type PlatformType int
-
-const (
-	// PlatformPtrace runs the sandbox with the ptrace platform.
-	PlatformPtrace PlatformType = iota
-
-	// PlatformKVM runs the sandbox with the KVM platform.
-	PlatformKVM
-)
-
-// MakePlatformType converts type from string.
-func MakePlatformType(s string) (PlatformType, error) {
-	switch s {
-	case "ptrace":
-		return PlatformPtrace, nil
-	case "kvm":
-		return PlatformKVM, nil
-	default:
-		return 0, fmt.Errorf("invalid platform type %q", s)
-	}
-}
-
-func (p PlatformType) String() string {
-	switch p {
-	case PlatformPtrace:
-		return "ptrace"
-	case PlatformKVM:
-		return "kvm"
-	default:
-		return fmt.Sprintf("unknown(%d)", p)
-	}
-}
-
 // FileAccessType tells how the filesystem is accessed.
 type FileAccessType int
 
@@ -187,7 +153,7 @@ type Config struct {
 	LogPackets bool
 
 	// Platform is the platform to run on.
-	Platform PlatformType
+	Platform string
 
 	// Strace indicates that strace should be enabled.
 	Strace bool
@@ -247,7 +213,7 @@ func (c *Config) ToFlags() []string {
 		"--overlay=" + strconv.FormatBool(c.Overlay),
 		"--network=" + c.Network.String(),
 		"--log-packets=" + strconv.FormatBool(c.LogPackets),
-		"--platform=" + c.Platform.String(),
+		"--platform=" + c.Platform,
 		"--strace=" + strconv.FormatBool(c.Strace),
 		"--strace-syscalls=" + strings.Join(c.StraceSyscalls, ","),
 		"--strace-log-size=" + strconv.Itoa(int(c.StraceLogSize)),
diff --git a/runsc/boot/fds.go b/runsc/boot/fds.go
index 59e1b46ec..e5de1f3d7 100644
--- a/runsc/boot/fds.go
+++ b/runsc/boot/fds.go
@@ -21,32 +21,23 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/fs"
 	"gvisor.dev/gvisor/pkg/sentry/fs/host"
 	"gvisor.dev/gvisor/pkg/sentry/kernel"
-	"gvisor.dev/gvisor/pkg/sentry/kernel/kdefs"
-	"gvisor.dev/gvisor/pkg/sentry/limits"
 )
 
-// createFDMap creates an FD map that contains stdin, stdout, and stderr. If
-// console is true, then ioctl calls will be passed through to the host FD.
+// createFDTable creates an FD table that contains stdin, stdout, and stderr.
+// If console is true, then ioctl calls will be passed through to the host FD.
 // Upon success, createFDMap dups then closes stdioFDs.
-func createFDMap(ctx context.Context, l *limits.LimitSet, console bool, stdioFDs []int) (*kernel.FDMap, error) {
+func createFDTable(ctx context.Context, console bool, stdioFDs []int) (*kernel.FDTable, error) {
 	if len(stdioFDs) != 3 {
 		return nil, fmt.Errorf("stdioFDs should contain exactly 3 FDs (stdin, stdout, and stderr), but %d FDs received", len(stdioFDs))
 	}
 
 	k := kernel.KernelFromContext(ctx)
-	fdm := k.NewFDMap()
-	defer fdm.DecRef()
+	fdTable := k.NewFDTable()
+	defer fdTable.DecRef()
 	mounter := fs.FileOwnerFromContext(ctx)
 
-	// Maps sandbox FD to host FD.
-	fdMap := map[int]int{
-		0: stdioFDs[0],
-		1: stdioFDs[1],
-		2: stdioFDs[2],
-	}
-
 	var ttyFile *fs.File
-	for appFD, hostFD := range fdMap {
+	for appFD, hostFD := range stdioFDs {
 		var appFile *fs.File
 
 		if console && appFD < 3 {
@@ -80,11 +71,11 @@ func createFDMap(ctx context.Context, l *limits.LimitSet, console bool, stdioFDs
 		}
 
 		// Add the file to the FD map.
-		if err := fdm.NewFDAt(kdefs.FD(appFD), appFile, kernel.FDFlags{}, l); err != nil {
+		if err := fdTable.NewFDAt(ctx, int32(appFD), appFile, kernel.FDFlags{}); err != nil {
 			return nil, err
 		}
 	}
 
-	fdm.IncRef()
-	return fdm, nil
+	fdTable.IncRef()
+	return fdTable, nil
 }
diff --git a/runsc/boot/filter/BUILD b/runsc/boot/filter/BUILD
index 07898f3de..f5509b6b7 100644
--- a/runsc/boot/filter/BUILD
+++ b/runsc/boot/filter/BUILD
@@ -20,8 +20,6 @@ go_library(
         "//pkg/log",
         "//pkg/seccomp",
         "//pkg/sentry/platform",
-        "//pkg/sentry/platform/kvm",
-        "//pkg/sentry/platform/ptrace",
         "//pkg/tcpip/link/fdbased",
         "@org_golang_x_sys//unix:go_default_library",
     ],
diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go
index e4ccb40d9..0ee5b8bbd 100644
--- a/runsc/boot/filter/config.go
+++ b/runsc/boot/filter/config.go
@@ -437,29 +437,6 @@ func hostInetFilters() seccomp.SyscallRules {
 	}
 }
 
-// ptraceFilters returns syscalls made exclusively by the ptrace platform.
-func ptraceFilters() seccomp.SyscallRules {
-	return seccomp.SyscallRules{
-		unix.SYS_GETCPU:            {},
-		unix.SYS_SCHED_SETAFFINITY: {},
-		syscall.SYS_PTRACE:         {},
-		syscall.SYS_TGKILL:         {},
-		syscall.SYS_WAIT4:          {},
-	}
-}
-
-// kvmFilters returns syscalls made exclusively by the KVM platform.
-func kvmFilters() seccomp.SyscallRules {
-	return seccomp.SyscallRules{
-		syscall.SYS_ARCH_PRCTL:      {},
-		syscall.SYS_IOCTL:           {},
-		syscall.SYS_MMAP:            {},
-		syscall.SYS_RT_SIGSUSPEND:   {},
-		syscall.SYS_RT_SIGTIMEDWAIT: {},
-		0xffffffffffffffff:          {}, // KVM uses syscall -1 to transition to host.
-	}
-}
-
 func controlServerFilters(fd int) seccomp.SyscallRules {
 	return seccomp.SyscallRules{
 		syscall.SYS_ACCEPT: []seccomp.Rule{
diff --git a/runsc/boot/filter/extra_filters.go b/runsc/boot/filter/extra_filters.go
index 1056cd314..e28d4b8d6 100644
--- a/runsc/boot/filter/extra_filters.go
+++ b/runsc/boot/filter/extra_filters.go
@@ -21,7 +21,7 @@ import (
 )
 
 // instrumentationFilters returns additional filters for syscalls used by
-// Go intrumentation tools, e.g. -race, -msan.
+// Go instrumentation tools, e.g. -race, -msan.
 // Returns empty when disabled.
 func instrumentationFilters() seccomp.SyscallRules {
 	return nil
diff --git a/runsc/boot/filter/extra_filters_race.go b/runsc/boot/filter/extra_filters_race.go
index d5bee4453..9ff80276a 100644
--- a/runsc/boot/filter/extra_filters_race.go
+++ b/runsc/boot/filter/extra_filters_race.go
@@ -33,6 +33,7 @@ func instrumentationFilters() seccomp.SyscallRules {
 		syscall.SYS_MUNLOCK:         {},
 		syscall.SYS_NANOSLEEP:       {},
 		syscall.SYS_OPEN:            {},
+		syscall.SYS_OPENAT:          {},
 		syscall.SYS_SET_ROBUST_LIST: {},
 		// Used within glibc's malloc.
 		syscall.SYS_TIME: {},
diff --git a/runsc/boot/filter/filter.go b/runsc/boot/filter/filter.go
index 468481f29..e80c171b3 100644
--- a/runsc/boot/filter/filter.go
+++ b/runsc/boot/filter/filter.go
@@ -18,13 +18,9 @@
 package filter
 
 import (
-	"fmt"
-
 	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/seccomp"
 	"gvisor.dev/gvisor/pkg/sentry/platform"
-	"gvisor.dev/gvisor/pkg/sentry/platform/kvm"
-	"gvisor.dev/gvisor/pkg/sentry/platform/ptrace"
 )
 
 // Options are seccomp filter related options.
@@ -53,14 +49,7 @@ func Install(opt Options) error {
 		s.Merge(profileFilters())
 	}
 
-	switch p := opt.Platform.(type) {
-	case *ptrace.PTrace:
-		s.Merge(ptraceFilters())
-	case *kvm.KVM:
-		s.Merge(kvmFilters())
-	default:
-		return fmt.Errorf("unknown platform type %T", p)
-	}
+	s.Merge(opt.Platform.SyscallFilters())
 
 	return seccomp.Install(s)
 }
diff --git a/runsc/boot/fs.go b/runsc/boot/fs.go
index 67a286212..d3e3196fd 100644
--- a/runsc/boot/fs.go
+++ b/runsc/boot/fs.go
@@ -25,8 +25,10 @@ import (
 
 	// Include filesystem types that OCI spec might mount.
 	_ "gvisor.dev/gvisor/pkg/sentry/fs/dev"
+	"gvisor.dev/gvisor/pkg/sentry/fs/gofer"
 	_ "gvisor.dev/gvisor/pkg/sentry/fs/host"
 	_ "gvisor.dev/gvisor/pkg/sentry/fs/proc"
+	"gvisor.dev/gvisor/pkg/sentry/fs/ramfs"
 	_ "gvisor.dev/gvisor/pkg/sentry/fs/sys"
 	_ "gvisor.dev/gvisor/pkg/sentry/fs/tmpfs"
 	_ "gvisor.dev/gvisor/pkg/sentry/fs/tty"
@@ -36,8 +38,6 @@ import (
 	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/sentry/context"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
-	"gvisor.dev/gvisor/pkg/sentry/fs/gofer"
-	"gvisor.dev/gvisor/pkg/sentry/fs/ramfs"
 	"gvisor.dev/gvisor/pkg/sentry/kernel"
 	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
 	"gvisor.dev/gvisor/pkg/syserror"
@@ -226,7 +226,11 @@ func mustFindFilesystem(name string) fs.Filesystem {
 // addSubmountOverlay overlays the inode over a ramfs tree containing the given
 // paths.
 func addSubmountOverlay(ctx context.Context, inode *fs.Inode, submounts []string) (*fs.Inode, error) {
-	msrc := fs.NewPseudoMountSource(ctx)
+	// Construct a ramfs tree of mount points. The contents never
+	// change, so this can be fully caching. There's no real
+	// filesystem backing this tree, so we set the filesystem to
+	// nil.
+	msrc := fs.NewCachingMountSource(ctx, nil, fs.MountSourceFlags{})
 	mountTree, err := ramfs.MakeDirectoryTree(ctx, msrc, submounts)
 	if err != nil {
 		return nil, fmt.Errorf("creating mount tree: %v", err)
@@ -902,7 +906,10 @@ func (c *containerMounter) mountSharedSubmount(ctx context.Context, mns *fs.Moun
 	}
 	defer target.DecRef()
 
+	// Take a ref on the inode that is about to be (re)-mounted.
+	source.root.IncRef()
 	if err := mns.Mount(ctx, target, source.root); err != nil {
+		source.root.DecRef()
 		return fmt.Errorf("bind mount %q error: %v", mount.Destination, err)
 	}
 
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index 41027416d..8e8c6105b 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -32,6 +32,7 @@ import (
 	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/memutil"
 	"gvisor.dev/gvisor/pkg/rand"
+	"gvisor.dev/gvisor/pkg/refs"
 	"gvisor.dev/gvisor/pkg/sentry/arch"
 	"gvisor.dev/gvisor/pkg/sentry/control"
 	"gvisor.dev/gvisor/pkg/sentry/fs/host"
@@ -41,8 +42,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/loader"
 	"gvisor.dev/gvisor/pkg/sentry/pgalloc"
 	"gvisor.dev/gvisor/pkg/sentry/platform"
-	"gvisor.dev/gvisor/pkg/sentry/platform/kvm"
-	"gvisor.dev/gvisor/pkg/sentry/platform/ptrace"
 	"gvisor.dev/gvisor/pkg/sentry/sighandling"
 	slinux "gvisor.dev/gvisor/pkg/sentry/syscalls/linux"
 	"gvisor.dev/gvisor/pkg/sentry/time"
@@ -58,6 +57,7 @@ import (
 	"gvisor.dev/gvisor/pkg/tcpip/transport/tcp"
 	"gvisor.dev/gvisor/pkg/tcpip/transport/udp"
 	"gvisor.dev/gvisor/runsc/boot/filter"
+	_ "gvisor.dev/gvisor/runsc/boot/platforms" // register all platforms.
 	"gvisor.dev/gvisor/runsc/specutils"
 
 	// Include supported socket providers.
@@ -262,7 +262,7 @@ func New(args Args) (*Loader, error) {
 		// Adjust the total memory returned by the Sentry so that applications that
 		// use /proc/meminfo can make allocations based on this limit.
 		usage.MinimumTotalMemoryBytes = args.TotalMem
-		log.Infof("Setting total memory to %.2f GB", float64(args.TotalMem)/(2^30))
+		log.Infof("Setting total memory to %.2f GB", float64(args.TotalMem)/(1<<30))
 	}
 
 	// Initiate the Kernel object, which is required by the Context passed
@@ -415,19 +415,12 @@ func (l *Loader) Destroy() {
 }
 
 func createPlatform(conf *Config, deviceFile *os.File) (platform.Platform, error) {
-	switch conf.Platform {
-	case PlatformPtrace:
-		log.Infof("Platform: ptrace")
-		return ptrace.New()
-	case PlatformKVM:
-		log.Infof("Platform: kvm")
-		if deviceFile == nil {
-			return nil, fmt.Errorf("kvm device file must be provided")
-		}
-		return kvm.New(deviceFile)
-	default:
-		return nil, fmt.Errorf("invalid platform %v", conf.Platform)
+	p, err := platform.Lookup(conf.Platform)
+	if err != nil {
+		panic(fmt.Sprintf("invalid platform %v: %v", conf.Platform, err))
 	}
+	log.Infof("Platform: %s", conf.Platform)
+	return p.New(deviceFile)
 }
 
 func createMemoryFile() (*pgalloc.MemoryFile, error) {
@@ -516,13 +509,13 @@ func (l *Loader) run() error {
 		// Create the FD map, which will set stdin, stdout, and stderr.  If console
 		// is true, then ioctl calls will be passed through to the host fd.
 		ctx := l.rootProcArgs.NewContext(l.k)
-		fdm, err := createFDMap(ctx, l.rootProcArgs.Limits, l.console, l.stdioFDs)
+		fdTable, err := createFDTable(ctx, l.console, l.stdioFDs)
 		if err != nil {
 			return fmt.Errorf("importing fds: %v", err)
 		}
 		// CreateProcess takes a reference on FDMap if successful. We won't need
 		// ours either way.
-		l.rootProcArgs.FDMap = fdm
+		l.rootProcArgs.FDTable = fdTable
 
 		// cid for root container can be empty. Only subcontainers need it to set
 		// the mount location.
@@ -561,13 +554,13 @@ func (l *Loader) run() error {
 			return fmt.Errorf("creating init process: %v", err)
 		}
 
-		// CreateProcess takes a reference on FDMap if successful.
-		l.rootProcArgs.FDMap.DecRef()
+		// CreateProcess takes a reference on FDTable if successful.
+		l.rootProcArgs.FDTable.DecRef()
 	}
 
 	ep.tg = l.k.GlobalInit()
 	if l.console {
-		ttyFile := l.rootProcArgs.FDMap.GetFile(0)
+		ttyFile, _ := l.rootProcArgs.FDTable.Get(0)
 		defer ttyFile.DecRef()
 		ep.tty = ttyFile.FileOperations.(*host.TTYFileOperations)
 
@@ -647,13 +640,13 @@ func (l *Loader) startContainer(spec *specs.Spec, conf *Config, cid string, file
 
 	// Create the FD map, which will set stdin, stdout, and stderr.
 	ctx := procArgs.NewContext(l.k)
-	fdm, err := createFDMap(ctx, procArgs.Limits, false, stdioFDs)
+	fdTable, err := createFDTable(ctx, false, stdioFDs)
 	if err != nil {
 		return fmt.Errorf("importing fds: %v", err)
 	}
-	// CreateProcess takes a reference on FDMap if successful. We won't need ours
-	// either way.
-	procArgs.FDMap = fdm
+	// CreateProcess takes a reference on fdTable if successful. We won't
+	// need ours either way.
+	procArgs.FDTable = fdTable
 
 	// Can't take ownership away from os.File. dup them to get a new FDs.
 	var goferFDs []int
@@ -682,8 +675,8 @@ func (l *Loader) startContainer(spec *specs.Spec, conf *Config, cid string, file
 	}
 	l.k.StartProcess(tg)
 
-	// CreateProcess takes a reference on FDMap if successful.
-	procArgs.FDMap.DecRef()
+	// CreateProcess takes a reference on FDTable if successful.
+	procArgs.FDTable.DecRef()
 
 	l.processes[eid].tg = tg
 	return nil
@@ -1006,3 +999,8 @@ func (l *Loader) threadGroupFromIDLocked(key execID) (*kernel.ThreadGroup, *host
 	}
 	return ep.tg, ep.tty, nil
 }
+
+func init() {
+	// TODO(gvisor.dev/issue/365): Make this configurable.
+	refs.SetLeakMode(refs.NoLeakChecking)
+}
diff --git a/runsc/boot/loader_test.go b/runsc/boot/loader_test.go
index 4af45bfcc..ff713660d 100644
--- a/runsc/boot/loader_test.go
+++ b/runsc/boot/loader_test.go
@@ -37,6 +37,9 @@ import (
 func init() {
 	log.SetLevel(log.Debug)
 	rand.Seed(time.Now().UnixNano())
+	if err := fsgofer.OpenProcSelfFD(); err != nil {
+		panic(err)
+	}
 }
 
 func testConfig() *Config {
@@ -44,6 +47,7 @@ func testConfig() *Config {
 		RootDir:        "unused_root_dir",
 		Network:        NetworkNone,
 		DisableSeccomp: true,
+		Platform:       "ptrace",
 	}
 }
 
diff --git a/runsc/boot/platforms/BUILD b/runsc/boot/platforms/BUILD
new file mode 100644
index 000000000..03391cdca
--- /dev/null
+++ b/runsc/boot/platforms/BUILD
@@ -0,0 +1,16 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+package(licenses = ["notice"])
+
+go_library(
+    name = "platforms",
+    srcs = ["platforms.go"],
+    importpath = "gvisor.dev/gvisor/runsc/boot/platforms",
+    visibility = [
+        "//runsc:__subpackages__",
+    ],
+    deps = [
+        "//pkg/sentry/platform/kvm",
+        "//pkg/sentry/platform/ptrace",
+    ],
+)
diff --git a/runsc/boot/platforms/platforms.go b/runsc/boot/platforms/platforms.go
new file mode 100644
index 000000000..056b46ad5
--- /dev/null
+++ b/runsc/boot/platforms/platforms.go
@@ -0,0 +1,30 @@
+// Copyright 2019 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package platforms imports all available platform packages.
+package platforms
+
+import (
+	// Import platforms that runsc might use.
+	_ "gvisor.dev/gvisor/pkg/sentry/platform/kvm"
+	_ "gvisor.dev/gvisor/pkg/sentry/platform/ptrace"
+)
+
+const (
+	// Ptrace runs the sandbox with the ptrace platform.
+	Ptrace = "ptrace"
+
+	// KVM runs the sandbox with the KVM platform.
+	KVM = "kvm"
+)