From d823b3d3b85117b3b985f5b6f83e5d0c28024068 Mon Sep 17 00:00:00 2001
From: Christophe de Dinechin <dinechin@redhat.com>
Date: Fri, 15 May 2020 16:04:55 +0200
Subject: [PATCH] config: Add hypervisor path override through annotations

The annotation is provided, so it should be respected.
Furthermore, it is important to implement it with the appropriate
protetions similar to what was done for virtiofsd.

Fixes: #3004

Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
---
 virtcontainers/pkg/oci/utils.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/virtcontainers/pkg/oci/utils.go b/virtcontainers/pkg/oci/utils.go
index 7227e773a9..48fac828c5 100644
--- a/virtcontainers/pkg/oci/utils.go
+++ b/virtcontainers/pkg/oci/utils.go
@@ -402,6 +402,13 @@ func addHypervisorConfigOverrides(ocispec specs.Spec, config *vc.SandboxConfig,
 		return err
 	}
 
+	if value, ok := ocispec.Annotations[vcAnnotations.HypervisorPath]; ok {
+		if !regexpContains(runtime.HypervisorConfig.HypervisorPathList, value) {
+			return fmt.Errorf("hypervisor %v required from annotation is not valid", value)
+		}
+		config.HypervisorConfig.HypervisorPath = value
+	}
+
 	if value, ok := ocispec.Annotations[vcAnnotations.KernelParams]; ok {
 		if value != "" {
 			params := vc.DeserializeParams(strings.Fields(value))