virtcontainers: Handle regular files in /dev

The k8s test creates a log file in /dev under /dev/termination-log, which is not the right place to create logs, but we need to handle this. With this commit, we handle regular files under /dev by passing them as 9p shares. All other special files including device files and directories are not passed as 9p shares as these are specific to the host. Any operations on these in the guest would fail anyways. Signed-off-by: Archana Shinde <[email protected]>
kata-containers · Apr 19, 2018 · 71c7a9c · 71c7a9c
1 parent 70c3fe9
commit 71c7a9c
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 0 deletions.
diff --git a/virtcontainers/container.go b/virtcontainers/container.go
@@ -327,6 +327,13 @@ func (c *Container) mountSharedDirMounts(hostSharedDir, guestSharedDir string) (
 			continue
 		}
 
+		// Ignore /dev, directories and all other device files. We handle
+		// only regular files in /dev. It does not make sense to pass the host
+		// device nodes to the guest.
+		if isHostDevice(m.Destination) {
+			continue
+		}
+
 		randBytes, err := generateRandomBytes(8)
 		if err != nil {
 			return nil, err

diff --git a/virtcontainers/mount.go b/virtcontainers/mount.go
@@ -30,6 +30,34 @@ func isSystemMount(m string) bool {
 	return false
 }
 
+func isHostDevice(m string) bool {
+	if m == "/dev" {
+		return true
+	}
+
+	if strings.HasPrefix(m, "/dev/") {
+		// Check if regular file
+		s, err := os.Stat(m)
+
+		// This should not happen. In case file does not exist let the
+		// error be handled by the agent, simply return false here.
+		if err != nil {
+			return false
+		}
+
+		if s.Mode().IsRegular() {
+			return false
+		}
+
+		// This is not a regular file in /dev. It is either a
+		// device file, directory or any other special file which is
+		// specific to the host system.
+		return true
+	}
+
+	return false
+}
+
 func major(dev uint64) int {
 	return int((dev >> 8) & 0xfff)
 }

diff --git a/virtcontainers/mount_test.go b/virtcontainers/mount_test.go
@@ -43,6 +43,41 @@ func TestIsSystemMount(t *testing.T) {
 	}
 }
 
+func TestIsHostDevice(t *testing.T) {
+	tests := []struct {
+		mnt      string
+		expected bool
+	}{
+		{"/dev", true},
+		{"/dev/zero", true},
+		{"/dev/block", true},
+		{"/mnt/dev/block", false},
+	}
+
+	for _, test := range tests {
+		result := isHostDevice(test.mnt)
+		if result != test.expected {
+			t.Fatalf("Expected result for path %s : %v, got %v", test.mnt, test.expected, result)
+		}
+	}
+
+	// Create regular file in /dev
+	path := "/dev/foobar"
+	f, err := os.Create(path)
+	if err != nil {
+		t.Fatal(err)
+	}
+	f.Close()
+
+	if isHostDevice(path) != false {
+		t.Fatalf("Expected result for path %s : %v, got %v", path, false, true)
+	}
+
+	if err := os.Remove(path); err != nil {
+		t.Fatal(err)
+	}
+}
+
 func TestMajorMinorNumber(t *testing.T) {
 	devices := []string{"/dev/zero", "/dev/net/tun"}