diff --git a/crates/libcontainer/src/rootfs/utils.rs b/crates/libcontainer/src/rootfs/utils.rs index 37bbb7e48..a30c0a917 100644 --- a/crates/libcontainer/src/rootfs/utils.rs +++ b/crates/libcontainer/src/rootfs/utils.rs @@ -6,7 +6,7 @@ use nix::sys::stat::SFlag; use oci_spec::runtime::{LinuxDevice, LinuxDeviceBuilder, LinuxDeviceType, Mount}; use super::mount::MountError; -use crate::syscall::linux::{self, MountAttrOption}; +use crate::syscall::linux::{self, MountRecursive}; #[derive(Debug, Clone, PartialEq, Eq)] pub struct MountOptionConfig { @@ -89,18 +89,21 @@ pub fn parse_mount(m: &Mount) -> std::result::Result (is_clear, flag), - MountAttrOption::MountAttrNosuid(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrNodev(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrNoexec(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrAtime(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrRelatime(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrNoatime(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrStrictAtime(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrNoDiratime(is_clear, flag) => (is_clear, flag), - MountAttrOption::MountAttrNosymfollow(is_clear, flag) => (is_clear, flag), + MountRecursive::Rdonly(is_clear, flag) => (is_clear, flag), + MountRecursive::Nosuid(is_clear, flag) => (is_clear, flag), + MountRecursive::Nodev(is_clear, flag) => (is_clear, flag), + MountRecursive::Noexec(is_clear, flag) => (is_clear, flag), + MountRecursive::Atime(is_clear, flag) => (is_clear, flag), + MountRecursive::Relatime(is_clear, flag) => (is_clear, flag), + MountRecursive::Noatime(is_clear, flag) => (is_clear, flag), + MountRecursive::StrictAtime(is_clear, flag) => (is_clear, flag), + MountRecursive::NoDiratime(is_clear, flag) => (is_clear, flag), + MountRecursive::Nosymfollow(is_clear, flag) => (is_clear, flag), }; if mount_attr.is_none() { diff --git a/crates/libcontainer/src/syscall/linux.rs b/crates/libcontainer/src/syscall/linux.rs index 205a17635..2164c3f96 100644 --- a/crates/libcontainer/src/syscall/linux.rs +++ b/crates/libcontainer/src/syscall/linux.rs @@ -39,87 +39,65 @@ const MOUNT_ATTR_NODIRATIME: u64 = 0x00000080; const MOUNT_ATTR_NOSYMFOLLOW: u64 = 0x00200000; /// Constants used by mount_setattr(2). -pub enum MountAttrOption { +pub enum MountRecursive { /// Mount read-only. - MountArrtRdonly(bool, u64), + Rdonly(bool, u64), /// Ignore suid and sgid bits. - MountAttrNosuid(bool, u64), + Nosuid(bool, u64), /// Disallow access to device special files. - MountAttrNodev(bool, u64), + Nodev(bool, u64), /// Disallow program execution. - MountAttrNoexec(bool, u64), + Noexec(bool, u64), /// Setting on how atime should be updated. - MountAttrAtime(bool, u64), + Atime(bool, u64), /// Update atime relative to mtime/ctime. - MountAttrRelatime(bool, u64), + Relatime(bool, u64), /// Do not update access times. - MountAttrNoatime(bool, u64), + Noatime(bool, u64), /// Always perform atime updates. - MountAttrStrictAtime(bool, u64), + StrictAtime(bool, u64), /// Do not update directory access times. - MountAttrNoDiratime(bool, u64), + NoDiratime(bool, u64), /// Prevents following symbolic links. - MountAttrNosymfollow(bool, u64), + Nosymfollow(bool, u64), } -impl FromStr for MountAttrOption { +impl FromStr for MountRecursive { type Err = SyscallError; fn from_str(option: &str) -> std::result::Result { match option { - "rro" => Ok(MountAttrOption::MountArrtRdonly(false, MOUNT_ATTR_RDONLY)), - "rrw" => Ok(MountAttrOption::MountArrtRdonly(true, MOUNT_ATTR_RDONLY)), - "rnosuid" => Ok(MountAttrOption::MountAttrNosuid(false, MOUNT_ATTR_NOSUID)), - "rsuid" => Ok(MountAttrOption::MountAttrNosuid(true, MOUNT_ATTR_NOSUID)), - "rnodev" => Ok(MountAttrOption::MountAttrNodev(false, MOUNT_ATTR_NODEV)), - "rdev" => Ok(MountAttrOption::MountAttrNodev(true, MOUNT_ATTR_NODEV)), - "rnoexec" => Ok(MountAttrOption::MountAttrNoexec(false, MOUNT_ATTR_NOEXEC)), - "rexec" => Ok(MountAttrOption::MountAttrNoexec(true, MOUNT_ATTR_NOEXEC)), - "rnodiratime" => Ok(MountAttrOption::MountAttrNoDiratime( - false, - MOUNT_ATTR_NODIRATIME, - )), - "rdiratime" => Ok(MountAttrOption::MountAttrNoDiratime( - true, - MOUNT_ATTR_NODIRATIME, - )), - "rrelatime" => Ok(MountAttrOption::MountAttrRelatime( - false, - MOUNT_ATTR_RELATIME, - )), - "rnorelatime" => Ok(MountAttrOption::MountAttrRelatime( - true, - MOUNT_ATTR_RELATIME, - )), - "rnoatime" => Ok(MountAttrOption::MountAttrNoatime(false, MOUNT_ATTR_NOATIME)), - "ratime" => Ok(MountAttrOption::MountAttrNoatime(true, MOUNT_ATTR_NOATIME)), - "rstrictatime" => Ok(MountAttrOption::MountAttrStrictAtime( - false, - MOUNT_ATTR_STRICTATIME, - )), - "rnostrictatime" => Ok(MountAttrOption::MountAttrStrictAtime( - true, - MOUNT_ATTR_STRICTATIME, - )), - "rnosymfollow" => Ok(MountAttrOption::MountAttrNosymfollow( - false, - MOUNT_ATTR_NOSYMFOLLOW, - )), - "rsymfollow" => Ok(MountAttrOption::MountAttrNosymfollow( - true, - MOUNT_ATTR_NOSYMFOLLOW, - )), + "rro" => Ok(MountRecursive::Rdonly(false, MOUNT_ATTR_RDONLY)), + "rrw" => Ok(MountRecursive::Rdonly(true, MOUNT_ATTR_RDONLY)), + "rnosuid" => Ok(MountRecursive::Nosuid(false, MOUNT_ATTR_NOSUID)), + "rsuid" => Ok(MountRecursive::Nosuid(true, MOUNT_ATTR_NOSUID)), + "rnodev" => Ok(MountRecursive::Nodev(false, MOUNT_ATTR_NODEV)), + "rdev" => Ok(MountRecursive::Nodev(true, MOUNT_ATTR_NODEV)), + "rnoexec" => Ok(MountRecursive::Noexec(false, MOUNT_ATTR_NOEXEC)), + "rexec" => Ok(MountRecursive::Noexec(true, MOUNT_ATTR_NOEXEC)), + "rnodiratime" => Ok(MountRecursive::NoDiratime(false, MOUNT_ATTR_NODIRATIME)), + "rdiratime" => Ok(MountRecursive::NoDiratime(true, MOUNT_ATTR_NODIRATIME)), + "rrelatime" => Ok(MountRecursive::Relatime(false, MOUNT_ATTR_RELATIME)), + "rnorelatime" => Ok(MountRecursive::Relatime(true, MOUNT_ATTR_RELATIME)), + "rnoatime" => Ok(MountRecursive::Noatime(false, MOUNT_ATTR_NOATIME)), + "ratime" => Ok(MountRecursive::Noatime(true, MOUNT_ATTR_NOATIME)), + "rstrictatime" => Ok(MountRecursive::StrictAtime(false, MOUNT_ATTR_STRICTATIME)), + "rnostrictatime" => Ok(MountRecursive::StrictAtime(true, MOUNT_ATTR_STRICTATIME)), + "rnosymfollow" => Ok(MountRecursive::Nosymfollow(false, MOUNT_ATTR_NOSYMFOLLOW)), + "rsymfollow" => Ok(MountRecursive::Nosymfollow(true, MOUNT_ATTR_NOSYMFOLLOW)), // No support for MOUNT_ATTR_IDMAP yet (needs UserNS FD) - _ => Err(SyscallError::UnexpectedMountAttrOption(option.to_string())), + _ => Err(SyscallError::UnexpectedMountRecursiveOption( + option.to_string(), + )), } } } diff --git a/crates/libcontainer/src/syscall/mod.rs b/crates/libcontainer/src/syscall/mod.rs index d27bf411a..526c5f3e5 100644 --- a/crates/libcontainer/src/syscall/mod.rs +++ b/crates/libcontainer/src/syscall/mod.rs @@ -11,7 +11,7 @@ pub use syscall::Syscall; #[derive(Debug, thiserror::Error)] pub enum SyscallError { #[error("unexpected mount attr option: {0}")] - UnexpectedMountAttrOption(String), + UnexpectedMountRecursiveOption(String), #[error(transparent)] Nix(#[from] nix::Error), #[error(transparent)]