From 189739633078d2db018fcd4a69910be4d2ea4504 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 18 Jul 2018 20:40:11 +0200 Subject: [PATCH] drivers: inform Mount of the mappings used by the container Signed-off-by: Giuseppe Scrivano --- drivers/aufs/aufs.go | 2 +- drivers/aufs/aufs_test.go | 12 ++++++------ drivers/btrfs/btrfs.go | 2 +- drivers/btrfs/btrfs_test.go | 2 +- drivers/chown.go | 2 +- drivers/devmapper/driver.go | 2 +- drivers/driver.go | 3 ++- drivers/fsdiff.go | 12 ++++++------ drivers/graphtest/graphbench_unix.go | 4 ++-- drivers/graphtest/graphtest_unix.go | 10 +++++----- drivers/graphtest/testutil.go | 22 +++++++++++----------- drivers/graphtest/testutil_unix.go | 4 ++-- drivers/overlay/overlay.go | 24 +++++++++++++++--------- drivers/vfs/driver.go | 4 ++-- drivers/windows/windows.go | 4 ++-- drivers/zfs/zfs.go | 2 +- layers.go | 9 +++++---- store.go | 2 +- 18 files changed, 65 insertions(+), 57 deletions(-) diff --git a/drivers/aufs/aufs.go b/drivers/aufs/aufs.go index 741394642f..bee4a598ea 100644 --- a/drivers/aufs/aufs.go +++ b/drivers/aufs/aufs.go @@ -416,7 +416,7 @@ func atomicRemove(source string) error { // Get returns the rootfs path for the id. // This will mount the dir at its given path -func (a *Driver) Get(id, mountLabel string) (string, error) { +func (a *Driver) Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) { a.locker.Lock(id) defer a.locker.Unlock(id) parents, err := a.getParentLayerPaths(id) diff --git a/drivers/aufs/aufs_test.go b/drivers/aufs/aufs_test.go index 4fc4eb235b..59be868d1c 100644 --- a/drivers/aufs/aufs_test.go +++ b/drivers/aufs/aufs_test.go @@ -44,7 +44,7 @@ func testInit(dir string, t testing.TB) graphdriver.Driver { } func driverGet(d *Driver, id string, mntLabel string) (string, error) { - return d.Get(id, mntLabel) + return d.Get(id, mntLabel, nil, nil) } func newDriver(t testing.TB) *Driver { @@ -171,7 +171,7 @@ func TestGetWithoutParent(t *testing.T) { t.Fatal(err) } - diffPath, err := d.Get("1", "") + diffPath, err := d.Get("1", "", nil, nil) if err != nil { t.Fatal(err) } @@ -224,7 +224,7 @@ func TestMountedTrueResponse(t *testing.T) { err = d.Create("2", "1", nil) require.NoError(t, err) - _, err = d.Get("2", "") + _, err = d.Get("2", "", nil, nil) require.NoError(t, err) response, err := d.mounted(d.pathCache["2"]) @@ -249,7 +249,7 @@ func TestMountWithParent(t *testing.T) { } }() - mntPath, err := d.Get("2", "") + mntPath, err := d.Get("2", "", nil, nil) if err != nil { t.Fatal(err) } @@ -280,7 +280,7 @@ func TestRemoveMountedDir(t *testing.T) { } }() - mntPath, err := d.Get("2", "") + mntPath, err := d.Get("2", "", nil, nil) if err != nil { t.Fatal(err) } @@ -760,7 +760,7 @@ func BenchmarkConcurrentAccess(b *testing.B) { for i := 0; i < b.N; i++ { innerGroup.Add(1) go func() { - d.Get(id, "") + d.Get(id, "", nil, nil) d.Put(id) innerGroup.Done() }() diff --git a/drivers/btrfs/btrfs.go b/drivers/btrfs/btrfs.go index 842079a1c8..2dd81b0c0d 100644 --- a/drivers/btrfs/btrfs.go +++ b/drivers/btrfs/btrfs.go @@ -634,7 +634,7 @@ func (d *Driver) Remove(id string) error { } // Get the requested filesystem id. -func (d *Driver) Get(id, mountLabel string) (string, error) { +func (d *Driver) Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) { dir := d.subvolumesDirID(id) st, err := os.Stat(dir) if err != nil { diff --git a/drivers/btrfs/btrfs_test.go b/drivers/btrfs/btrfs_test.go index 0aab78b15a..53a17b3b93 100644 --- a/drivers/btrfs/btrfs_test.go +++ b/drivers/btrfs/btrfs_test.go @@ -35,7 +35,7 @@ func TestBtrfsSubvolDelete(t *testing.T) { } defer graphtest.PutDriver(t) - dir, err := d.Get("test", "") + dir, err := d.Get("test", "", nil, nil) if err != nil { t.Fatal(err) } diff --git a/drivers/chown.go b/drivers/chown.go index 07814a962b..168bb7e345 100644 --- a/drivers/chown.go +++ b/drivers/chown.go @@ -114,7 +114,7 @@ func NewNaiveLayerIDMapUpdater(driver ProtoDriver) LayerIDMapUpdater { // same "container" IDs. func (n *naiveLayerIDMapUpdater) UpdateLayerIDMap(id string, toContainer, toHost *idtools.IDMappings, mountLabel string) error { driver := n.ProtoDriver - layerFs, err := driver.Get(id, mountLabel) + layerFs, err := driver.Get(id, mountLabel, nil, nil) if err != nil { return err } diff --git a/drivers/devmapper/driver.go b/drivers/devmapper/driver.go index a4ec6ebfdb..4aaca65084 100644 --- a/drivers/devmapper/driver.go +++ b/drivers/devmapper/driver.go @@ -163,7 +163,7 @@ func (d *Driver) Remove(id string) error { } // Get mounts a device with given id into the root filesystem -func (d *Driver) Get(id, mountLabel string) (string, error) { +func (d *Driver) Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) { d.locker.Lock(id) defer d.locker.Unlock(id) mp := path.Join(d.home, "mnt", id) diff --git a/drivers/driver.go b/drivers/driver.go index 530711f919..40b911ab79 100644 --- a/drivers/driver.go +++ b/drivers/driver.go @@ -66,8 +66,9 @@ type ProtoDriver interface { Remove(id string) error // Get returns the mountpoint for the layered filesystem referred // to by this id. You can optionally specify a mountLabel or "". + // Optionally it gets the mappings used to create the layer. // Returns the absolute path to the mounted layered filesystem. - Get(id, mountLabel string) (dir string, err error) + Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (dir string, err error) // Put releases the system resources for the specified id, // e.g, unmounting layered filesystem. Put(id string) error diff --git a/drivers/fsdiff.go b/drivers/fsdiff.go index 9c11a069c8..64541e269c 100644 --- a/drivers/fsdiff.go +++ b/drivers/fsdiff.go @@ -51,7 +51,7 @@ func (gdw *NaiveDiffDriver) Diff(id string, idMappings *idtools.IDMappings, pare parentMappings = &idtools.IDMappings{} } - layerFs, err := driver.Get(id, mountLabel) + layerFs, err := driver.Get(id, mountLabel, nil, nil) if err != nil { return nil, err } @@ -78,7 +78,7 @@ func (gdw *NaiveDiffDriver) Diff(id string, idMappings *idtools.IDMappings, pare }), nil } - parentFs, err := driver.Get(parent, mountLabel) + parentFs, err := driver.Get(parent, mountLabel, nil, nil) if err != nil { return nil, err } @@ -119,7 +119,7 @@ func (gdw *NaiveDiffDriver) Changes(id string, idMappings *idtools.IDMappings, p parentMappings = &idtools.IDMappings{} } - layerFs, err := driver.Get(id, mountLabel) + layerFs, err := driver.Get(id, mountLabel, nil, nil) if err != nil { return nil, err } @@ -128,7 +128,7 @@ func (gdw *NaiveDiffDriver) Changes(id string, idMappings *idtools.IDMappings, p parentFs := "" if parent != "" { - parentFs, err = driver.Get(parent, mountLabel) + parentFs, err = driver.Get(parent, mountLabel, nil, nil) if err != nil { return nil, err } @@ -149,7 +149,7 @@ func (gdw *NaiveDiffDriver) ApplyDiff(id string, applyMappings *idtools.IDMappin } // Mount the root filesystem so we can apply the diff/layer. - layerFs, err := driver.Get(id, mountLabel) + layerFs, err := driver.Get(id, mountLabel, nil, nil) if err != nil { return } @@ -189,7 +189,7 @@ func (gdw *NaiveDiffDriver) DiffSize(id string, idMappings *idtools.IDMappings, return } - layerFs, err := driver.Get(id, mountLabel) + layerFs, err := driver.Get(id, mountLabel, nil, nil) if err != nil { return } diff --git a/drivers/graphtest/graphbench_unix.go b/drivers/graphtest/graphbench_unix.go index 827d0af484..08517de617 100644 --- a/drivers/graphtest/graphbench_unix.go +++ b/drivers/graphtest/graphbench_unix.go @@ -44,7 +44,7 @@ func DriverBenchGetEmpty(b *testing.B, drivername string, driveroptions ...strin b.ResetTimer() for i := 0; i < b.N; i++ { - _, err := driver.Get(base, "") + _, err := driver.Get(base, "", nil, nil) b.StopTimer() if err != nil { b.Fatalf("Error getting mount: %s", err) @@ -235,7 +235,7 @@ func DriverBenchDeepLayerRead(b *testing.B, layerCount int, drivername string, d b.Fatal(err) } - root, err := driver.Get(topLayer, "") + root, err := driver.Get(topLayer, "", nil, nil) if err != nil { b.Fatal(err) } diff --git a/drivers/graphtest/graphtest_unix.go b/drivers/graphtest/graphtest_unix.go index 806fcd719b..125e572ef4 100644 --- a/drivers/graphtest/graphtest_unix.go +++ b/drivers/graphtest/graphtest_unix.go @@ -99,7 +99,7 @@ func DriverTestCreateEmpty(t testing.TB, drivername string, driverOptions ...str t.Fatal("Newly created image doesn't exist") } - dir, err := driver.Get("empty", "") + dir, err := driver.Get("empty", "", nil, nil) require.NoError(t, err) verifyFile(t, dir, 0755|os.ModeDir, 0, 0) @@ -327,7 +327,7 @@ func DriverTestSetQuota(t *testing.T, drivername string) { t.Fatal(err) } - mountPath, err := driver.Get("zfsTest", "") + mountPath, err := driver.Get("zfsTest", "", nil, nil) if err != nil { t.Fatal(err) } @@ -357,7 +357,7 @@ func DriverTestEcho(t testing.TB, drivername string, driverOptions ...string) { t.Fatal(err) } - if root, err = driver.Get(base, ""); err != nil { + if root, err = driver.Get(base, "", nil, nil); err != nil { t.Fatal(err) } @@ -392,7 +392,7 @@ func DriverTestEcho(t testing.TB, drivername string, driverOptions ...string) { t.Fatal(err) } - if root, err = driver.Get(second, ""); err != nil { + if root, err = driver.Get(second, "", nil, nil); err != nil { t.Fatal(err) } @@ -418,7 +418,7 @@ func DriverTestEcho(t testing.TB, drivername string, driverOptions ...string) { t.Fatal(err) } - if root, err = driver.Get(third, ""); err != nil { + if root, err = driver.Get(third, "", nil, nil); err != nil { t.Fatal(err) } diff --git a/drivers/graphtest/testutil.go b/drivers/graphtest/testutil.go index b50fbc187c..d26aed35f8 100644 --- a/drivers/graphtest/testutil.go +++ b/drivers/graphtest/testutil.go @@ -30,7 +30,7 @@ func randomContent(size int, seed int64) []byte { } func addFiles(drv graphdriver.Driver, layer string, seed int64) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -50,7 +50,7 @@ func addFiles(drv graphdriver.Driver, layer string, seed int64) error { } func checkFile(drv graphdriver.Driver, layer, filename string, content []byte) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -69,7 +69,7 @@ func checkFile(drv graphdriver.Driver, layer, filename string, content []byte) e } func addFile(drv graphdriver.Driver, layer, filename string, content []byte) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -79,7 +79,7 @@ func addFile(drv graphdriver.Driver, layer, filename string, content []byte) err } func addDirectory(drv graphdriver.Driver, layer, dir string) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -89,7 +89,7 @@ func addDirectory(drv graphdriver.Driver, layer, dir string) error { } func removeAll(drv graphdriver.Driver, layer string, names ...string) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -104,7 +104,7 @@ func removeAll(drv graphdriver.Driver, layer string, names ...string) error { } func checkFileRemoved(drv graphdriver.Driver, layer, filename string) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -120,7 +120,7 @@ func checkFileRemoved(drv graphdriver.Driver, layer, filename string) error { } func addManyFiles(drv graphdriver.Driver, layer string, count int, seed int64) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -143,7 +143,7 @@ func addManyFiles(drv graphdriver.Driver, layer string, count int, seed int64) e } func changeManyFiles(drv graphdriver.Driver, layer string, count int, seed int64) ([]archive.Change, error) { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return nil, err } @@ -194,7 +194,7 @@ func changeManyFiles(drv graphdriver.Driver, layer string, count int, seed int64 } func checkManyFiles(drv graphdriver.Driver, layer string, count int, seed int64) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -248,7 +248,7 @@ func checkChanges(expected, actual []archive.Change) error { } func addLayerFiles(drv graphdriver.Driver, layer, parent string, i int) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } @@ -289,7 +289,7 @@ func addManyLayers(drv graphdriver.Driver, baseLayer string, count int) (string, } func checkManyLayers(drv graphdriver.Driver, layer string, count int) error { - root, err := drv.Get(layer, "") + root, err := drv.Get(layer, "", nil, nil) if err != nil { return err } diff --git a/drivers/graphtest/testutil_unix.go b/drivers/graphtest/testutil_unix.go index 919485006a..a399ef92bd 100644 --- a/drivers/graphtest/testutil_unix.go +++ b/drivers/graphtest/testutil_unix.go @@ -40,7 +40,7 @@ func createBase(t testing.TB, driver graphdriver.Driver, name string) { err := driver.CreateReadWrite(name, "", nil) require.NoError(t, err) - dir, err := driver.Get(name, "") + dir, err := driver.Get(name, "", nil, nil) require.NoError(t, err) defer driver.Put(name) @@ -54,7 +54,7 @@ func createBase(t testing.TB, driver graphdriver.Driver, name string) { } func verifyBase(t testing.TB, driver graphdriver.Driver, name string) { - dir, err := driver.Get(name, "") + dir, err := driver.Get(name, "", nil, nil) require.NoError(t, err) defer driver.Put(name) diff --git a/drivers/overlay/overlay.go b/drivers/overlay/overlay.go index 5b298b3d46..e86218e65e 100644 --- a/drivers/overlay/overlay.go +++ b/drivers/overlay/overlay.go @@ -591,16 +591,22 @@ func (d *Driver) getLowerDirs(id string) ([]string, error) { return lowersArray, nil } -func (d *Driver) optsAppendMappings(opts string) string { - if d.uidMaps != nil { +func (d *Driver) optsAppendMappings(opts string, uidMaps, gidMaps []idtools.IDMap) string { + if uidMaps == nil { + uidMaps = d.uidMaps + } + if gidMaps == nil { + gidMaps = d.gidMaps + } + if uidMaps != nil { var uids, gids bytes.Buffer - for _, i := range d.uidMaps { + for _, i := range uidMaps { if uids.Len() > 0 { uids.WriteString(":") } uids.WriteString(fmt.Sprintf("%d:%d:%d", i.ContainerID, i.HostID, i.Size)) } - for _, i := range d.gidMaps { + for _, i := range gidMaps { if gids.Len() > 0 { gids.WriteString(":") } @@ -636,11 +642,11 @@ func (d *Driver) Remove(id string) error { } // Get creates and mounts the required file system for the given id and returns the mount path. -func (d *Driver) Get(id, mountLabel string) (_ string, retErr error) { - return d.get(id, mountLabel, false) +func (d *Driver) Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (_ string, retErr error) { + return d.get(id, mountLabel, false, uidMaps, gidMaps) } -func (d *Driver) get(id, mountLabel string, disableShifting bool) (_ string, retErr error) { +func (d *Driver) get(id, mountLabel string, disableShifting bool, uidMaps, gidMaps []idtools.IDMap) (_ string, retErr error) { d.locker.Lock(id) defer d.locker.Unlock(id) dir := d.dir(id) @@ -747,7 +753,7 @@ func (d *Driver) get(id, mountLabel string, disableShifting bool) (_ string, ret if d.options.mountProgram != "" { mountFunc = func(source string, target string, mType string, flags uintptr, label string) error { if !disableShifting { - label = d.optsAppendMappings(label) + label = d.optsAppendMappings(label, uidMaps, gidMaps) } mountProgram := exec.Command(d.options.mountProgram, "-o", label, target) @@ -946,7 +952,7 @@ func (d *Driver) UpdateLayerIDMap(id string, toContainer, toHost *idtools.IDMapp } // Mount the new layer and handle ownership changes and possible copy_ups in it. - layerFs, err := d.get(id, mountLabel, true) + layerFs, err := d.get(id, mountLabel, true, nil, nil) if err != nil { return err } diff --git a/drivers/vfs/driver.go b/drivers/vfs/driver.go index ed9f70094a..115afb8141 100644 --- a/drivers/vfs/driver.go +++ b/drivers/vfs/driver.go @@ -137,7 +137,7 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts, ro bool label.SetFileLabel(dir, mountLabel) } if parent != "" { - parentDir, err := d.Get(parent, "") + parentDir, err := d.Get(parent, "", nil, nil) if err != nil { return fmt.Errorf("%s: %s", parent, err) } @@ -179,7 +179,7 @@ func (d *Driver) Remove(id string) error { } // Get returns the directory for the given id. -func (d *Driver) Get(id, mountLabel string) (string, error) { +func (d *Driver) Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) { dir := d.dir(id) if st, err := os.Stat(dir); err != nil { return "", err diff --git a/drivers/windows/windows.go b/drivers/windows/windows.go index 42f8aaa484..9d9aac701c 100644 --- a/drivers/windows/windows.go +++ b/drivers/windows/windows.go @@ -362,7 +362,7 @@ func (d *Driver) Remove(id string) error { } // Get returns the rootfs path for the id. This will mount the dir at its given path. -func (d *Driver) Get(id, mountLabel string) (string, error) { +func (d *Driver) Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) { panicIfUsedByLcow() logrus.Debugf("WindowsGraphDriver Get() id %s mountLabel %s", id, mountLabel) var dir string @@ -620,7 +620,7 @@ func (d *Driver) DiffSize(id string, idMappings *idtools.IDMappings, parent stri return } - layerFs, err := d.Get(id, "") + layerFs, err := d.Get(id, "", nil, nil) if err != nil { return } diff --git a/drivers/zfs/zfs.go b/drivers/zfs/zfs.go index 598cc0699f..b8ae59a61e 100644 --- a/drivers/zfs/zfs.go +++ b/drivers/zfs/zfs.go @@ -360,7 +360,7 @@ func (d *Driver) Remove(id string) error { } // Get returns the mountpoint for the given id after creating the target directories if necessary. -func (d *Driver) Get(id, mountLabel string) (string, error) { +func (d *Driver) Get(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) { mountpoint := d.mountPath(id) if count := d.ctr.Increment(mountpoint); count > 1 { return mountpoint, nil diff --git a/layers.go b/layers.go index 6760996d6b..dc4356ca77 100644 --- a/layers.go +++ b/layers.go @@ -208,7 +208,8 @@ type LayerStore interface { // Mount mounts a layer for use. If the specified layer is the parent of other // layers, it should not be written to. An SELinux label to be applied to the // mount can be specified to override the one configured for the layer. - Mount(id, mountLabel string) (string, error) + // The mappings used by the container can be specified. + Mount(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) // Unmount unmounts a layer when it is no longer in use. Unmount(id string, force bool) (bool, error) @@ -635,7 +636,7 @@ func (r *layerStore) Mounted(id string) (int, error) { return layer.MountCount, nil } -func (r *layerStore) Mount(id, mountLabel string) (string, error) { +func (r *layerStore) Mount(id, mountLabel string, uidMaps, gidMaps []idtools.IDMap) (string, error) { if !r.IsReadWrite() { return "", errors.Wrapf(ErrStoreIsReadOnly, "not allowed to update mount locations for layers at %q", r.mountspath()) } @@ -650,7 +651,7 @@ func (r *layerStore) Mount(id, mountLabel string) (string, error) { if mountLabel == "" { mountLabel = layer.MountLabel } - mountpoint, err := r.driver.Get(id, mountLabel) + mountpoint, err := r.driver.Get(id, mountLabel, uidMaps, gidMaps) if mountpoint != "" && err == nil { if layer.MountPoint != "" { delete(r.bymount, layer.MountPoint) @@ -937,7 +938,7 @@ func (r *layerStore) newFileGetter(id string) (drivers.FileGetCloser, error) { if getter, ok := r.driver.(drivers.DiffGetterDriver); ok { return getter.DiffGetter(id) } - path, err := r.Mount(id, "") + path, err := r.Mount(id, "", nil, nil) if err != nil { return nil, err } diff --git a/store.go b/store.go index 1d931944c9..33b91a3538 100644 --- a/store.go +++ b/store.go @@ -2268,7 +2268,7 @@ func (s *store) Mount(id, mountLabel string) (string, error) { rlstore.Load() } if rlstore.Exists(id) { - return rlstore.Mount(id, mountLabel) + return rlstore.Mount(id, mountLabel, uidMap, gidMap) } return "", ErrLayerUnknown }