Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Return an error when passing unsupported mount options #2308

Merged
merged 2 commits into from
Aug 28, 2023
Merged

Return an error when passing unsupported mount options #2308

merged 2 commits into from
Aug 28, 2023

Conversation

utam0k
Copy link
Member

@utam0k utam0k commented Aug 27, 2023
edited
Loading

@utam0k utam0k requested a review from a team August 27, 2023 11:55
@codecov-commenter
Copy link

codecov-commenter commented Aug 27, 2023
edited
Loading

Codecov Report

Merging #2308 (1753b58) into main (8d3be67) will decrease coverage by 0.08%.
The diff coverage is 87.34%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2308      +/-   ##
==========================================
- Coverage   64.88%   64.80%   -0.08%     
==========================================
  Files         129      129              
  Lines       15179    15171       -8     
==========================================
- Hits         9849     9832      -17     
- Misses       5330     5339       +9

@utam0k
Return an error when passing unsupported mount options
1753b58 
Signed-off-by: utam0k <k0ma@utam0k.jp>
Furisto
Furisto reviewed Aug 28, 2023
View reviewed changes
crates/libcontainer/src/rootfs/utils.rs Outdated Show resolved Hide resolved
crates/libcontainer/src/rootfs/utils.rs
@@ -118,7 +159,12 @@ pub fn parse_mount(m: &Mount) -> MountOptionConfig {
"norelatime" => Some((true, MsFlags::MS_RELATIME)),
"strictatime" => Some((true, MsFlags::MS_STRICTATIME)),
"nostrictatime" => Some((true, MsFlags::MS_STRICTATIME)),
_ => None,
unknown => {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't this silently ignore unknown mount options that are not idmap? I think we should always return an error here.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For example, mode=755 should be passed these codes, but we don't need to set MsFlags.
https://github.com/opencontainers/runtime-spec/blob/main/config.md#linux-mount-options

Runtimes SHOULD pass unknown options to mount(2) via the fifth argument (const void *data).

idmap and ridmap are defined in OCI Runtime Spec, So users may think these options will affect their mounts and pass them on. But we do not support them and would like to return an error to be safe in this case.

@utam0k
Address the feedback
4871917 
Signed-off-by: utam0k <k0ma@utam0k.jp>
@utam0k utam0k requested a review from Furisto August 28, 2023 13:05
@Furisto Furisto merged commit 854db28 into youki-dev:main Aug 28, 2023
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Furisto Furisto Furisto approved these changes

Assignees
No one assigned
Labels
kind/feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@utam0k @codecov-commenter @Furisto