From ccc3d7ca11a2a623587c651a6690aaa46d2c2665 Mon Sep 17 00:00:00 2001 From: Fabricio Voznika Date: Wed, 31 Oct 2018 11:27:10 -0700 Subject: Make lazy open the mode of operation for fsgofer With recent changes to 9P server, path walks are now safe inside open, create, rename and setattr calls. To simplify the code, remove the lazyopen=false mode that was used for bind mounts, and converge all mounts to using lazy open. PiperOrigin-RevId: 219508628 Change-Id: I073e7e1e2e9a9972d150eaf4cb29e553997a9b76 --- runsc/cmd/gofer.go | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'runsc/cmd') diff --git a/runsc/cmd/gofer.go b/runsc/cmd/gofer.go index 3842fdf64..7cc666e10 100644 --- a/runsc/cmd/gofer.go +++ b/runsc/cmd/gofer.go @@ -124,9 +124,6 @@ func (g *Gofer) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}) ats = append(ats, fsgofer.NewAttachPoint("/", fsgofer.Config{ ROMount: spec.Root.Readonly, PanicOnWrite: g.panicOnWrite, - // Docker uses overlay2 by default for the root mount, and overlay2 does a copy-up when - // each file is opened as writable. Thus, we open files lazily to avoid copy-up. - LazyOpenForWrite: true, })) log.Infof("Serving %q mapped to %q on FD %d (ro: %t)", "/", root, g.ioFDs[0], spec.Root.Readonly) @@ -134,9 +131,8 @@ func (g *Gofer) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}) for _, m := range spec.Mounts { if specutils.Is9PMount(m) { cfg := fsgofer.Config{ - ROMount: isReadonlyMount(m.Options), - PanicOnWrite: g.panicOnWrite, - LazyOpenForWrite: false, + ROMount: isReadonlyMount(m.Options), + PanicOnWrite: g.panicOnWrite, } ats = append(ats, fsgofer.NewAttachPoint(m.Destination, cfg)) -- cgit v1.2.3