Skip to content

Support mount_setattr(2) attributes (mostly for recursively-readonly mounts) #1090

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
AkihiroSuda wants to merge 1 commit into from
Closed

Support mount_setattr(2) attributes (mostly for recursively-readonly mounts) #1090

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 35 additions & 0 deletions config.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,41 @@ For POSIX platforms the `mounts` structure has the following fields:
]
```

### <a name="configLinuxMounts" />Linux Mounts

For Linux, the `mounts` structure mounts MAY have the following additional fields:
Comment thread
AkihiroSuda marked this conversation as resolved.

* **`attr`** (object, OPTIONAL) specifies `mount_setattr(2)` attributes. Requires kernel 5.12 or later.
The runtime MUST [generate an error](runtime.md#errors) for any values which cannot be mapped to a relevant kernel interface.
* **`flags`** (array of strings, OPTIONAL) specifies the `flags` argument of `mount_setattr(2)` syscall.
e.g., "AT_RECURSIVE"
* **`attr_set`** (array of strings, OPTIONAL) specifies the `attr_set` field of `mount_attr` struct.
e.g., "MOUNT_ATTR_RDONLY"
* **`attr_clr`** (array of strings, OPTIONAL) specifies the `attr_clr` field of `mount_attr` struct.
* **`propagation`** (string, OPTIONAL) specifies the `propagation` field of `mount_attr` struct.
See [Rootfs Mount Propagation](./config-linux.md#configLinuxRootfsMountPropagation) for the string format.

<!-- TODO: consider supporting mount_attr.userns_fd -->

### Example

```json
"mounts": [
{
"destination": "/ro",
"type": "none",
"source": "/volumes/ro",
"options": ["rbind"],
"attr": {
"flags": ["AT_RECURSIVE"],
"attr_set": ["MOUNT_ATTR_RDONLY"],
"attr_clr": ["MOUNT_ATTR_NOEXEC"],
"propagation": "private"
}
Comment on lines +167 to +172
Copy link
Copy Markdown
Member

@thaJeztah thaJeztah Aug 18, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a bit concerned about how this is just a 1:1 mapping of mount_setattr (although I realise we already crossed that path on many other options). The advantage is that it's flexible, but it we only need it for the recursively-readonly, I'm wondering if it would be good to design around that case, making it somewhat more less verbose?

It makes it a bit confusing in some areas, e.g., options would take (r)private, ro and noexec, but attr takes MOUNT_ATTR_RDONLY and MOUNT_ATTR_NOEXEC (in addition to using a "diff" of attributes to add and to remove).

Copy link
Copy Markdown
Member Author

@AkihiroSuda AkihiroSuda Aug 18, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The advantage is that it's flexible, but it we only need it for the recursively-readonly, I'm wondering if it would be good to design around that case, making it somewhat more less verbose?

I don't think this is going to be recursively-readonly only, though we can prioritize recursively-readonly over other potential usecases

It makes it a bit confusing in some areas, e.g., options would take (r)private, ro and noexec, but attr takes MOUNT_ATTR_RDONLY and MOUNT_ATTR_NOEXEC (in addition to using a "diff" of attributes to add and to remove).

MOUNT_ATTR_XXX form corresponds to RLIMIT_XXX form that has already existed.

}
]
```

## <a name="configProcess" />Process

**`process`** (object, OPTIONAL) specifies the container process.
Expand Down
20 changes: 20 additions & 0 deletions schema/defs.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,12 +141,32 @@
},
"type": {
"type": "string"
},
"attr": {
"$ref": "#/definitions/LinuxMountAttr"
}
},
"required": [
"destination"
]
},
"LinuxMountAttr": {
"type": "object",
"properties": {
"flags": {
"$ref": "#/definitions/ArrayOfStrings"
},
"attr_set": {
"$ref": "#/definitions/ArrayOfStrings"
},
"attr_clr": {
"$ref": "#/definitions/ArrayOfStrings"
},
"propagation": {
"type": "string"
}
}
},
"ociVersion": {
"description": "The version of Open Container Initiative Runtime Specification that the document complies with",
"type": "string"
Expand Down
16 changes: 16 additions & 0 deletions specs-go/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,22 @@ type Mount struct {
Source string `json:"source,omitempty"`
// Options are fstab style mount options.
Options []string `json:"options,omitempty"`
// Attr specifies mount_setattr(2) attributes.
Attr *LinuxMountAttr `json:"attr,omitempty"`
}

// LinuxMountAttr specifies mount_setattr(2) attributes.
// Requires Linux kernel 5.12 or later.
type LinuxMountAttr struct {
// Flags specifies the flags argument of mount_setattr(2) syscall. e.g., "AT_RECURSIVE"
Flags []string `json:"flags,omitempty"`
// AttrSet specifies the attr_set field of mount_attr struct. e.g., "MOUNT_ATTR_RDONLY"
AttrSet []string `json:"attr_set,omitempty"`
// AttrClr specifies the attr_clr field of mount_attr struct.
AttrClr []string `json:"attr_clr,omitempty"`
// Propagation specifies the propagation field of mount_attr struct.
// Format corresponds to Linux.RootfsPropagation .
Propagation string `json:"propagation,omitempty"`
}

// Hook specifies a command that is run at a particular event in the lifecycle of a container
Expand Down