mcexec: recursively bind mount $prefix/rootfs/ on /
This commit is contained in:
Balazs Gerofi
@ -1,97 +0,0 @@
|
||||
/* executer/config.h.in. Generated from configure.ac by autoheader. */
|
||||
|
||||
/* whether mcoverlayfs is enabled */
|
||||
#undef ENABLE_MCOVERLAYFS
|
||||
|
||||
/* whether memdump feature is enabled */
|
||||
#undef ENABLE_MEMDUMP
|
||||
|
||||
/* Define to 1 if you have the <inttypes.h> header file. */
|
||||
#undef HAVE_INTTYPES_H
|
||||
|
||||
/* Define to 1 if you have the `bfd' library (-lbfd). */
|
||||
#undef HAVE_LIBBFD
|
||||
|
||||
/* Define to 1 if you have the <memory.h> header file. */
|
||||
#undef HAVE_MEMORY_H
|
||||
|
||||
/* Define to 1 if you have the <stdint.h> header file. */
|
||||
#undef HAVE_STDINT_H
|
||||
|
||||
/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
#undef HAVE_STDLIB_H
|
||||
|
||||
/* Define to 1 if you have the <strings.h> header file. */
|
||||
#undef HAVE_STRINGS_H
|
||||
|
||||
/* Define to 1 if you have the <string.h> header file. */
|
||||
#undef HAVE_STRING_H
|
||||
|
||||
/* Define to 1 if you have the <sys/stat.h> header file. */
|
||||
#undef HAVE_SYS_STAT_H
|
||||
|
||||
/* Define to 1 if you have the <sys/types.h> header file. */
|
||||
#undef HAVE_SYS_TYPES_H
|
||||
|
||||
/* Define to 1 if you have the <unistd.h> header file. */
|
||||
#undef HAVE_UNISTD_H
|
||||
|
||||
/* Define to address of kernel symbol __vvar_page, or 0 if exported */
|
||||
#undef MCCTRL_KSYM___vvar_page
|
||||
|
||||
/* Define to address of kernel symbol hpet_address, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_hpet_address
|
||||
|
||||
/* Define to address of kernel symbol hv_clock, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_hv_clock
|
||||
|
||||
/* Define to address of kernel symbol sys_mount, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_sys_mount
|
||||
|
||||
/* Define to address of kernel symbol sys_readlink, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_sys_readlink
|
||||
|
||||
/* Define to address of kernel symbol sys_umount, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_sys_umount
|
||||
|
||||
/* Define to address of kernel symbol sys_unshare, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_sys_unshare
|
||||
|
||||
/* Define to address of kernel symbol vdso_end, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_vdso_end
|
||||
|
||||
/* Define to address of kernel symbol vdso_image_64, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_vdso_image_64
|
||||
|
||||
/* Define to address of kernel symbol vdso_pages, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_vdso_pages
|
||||
|
||||
/* Define to address of kernel symbol vdso_start, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_vdso_start
|
||||
|
||||
/* Define to address of kernel symbol zap_page_range, or 0 if exported */
|
||||
#undef MCCTRL_KSYM_zap_page_range
|
||||
|
||||
/* McKernel specific libraries */
|
||||
#undef MCKERNEL_LIBDIR
|
||||
|
||||
/* Define to the address where bug reports for this package should be sent. */
|
||||
#undef PACKAGE_BUGREPORT
|
||||
|
||||
/* Define to the full name of this package. */
|
||||
#undef PACKAGE_NAME
|
||||
|
||||
/* Define to the full name and version of this package. */
|
||||
#undef PACKAGE_STRING
|
||||
|
||||
/* Define to the one symbol short name of this package. */
|
||||
#undef PACKAGE_TARNAME
|
||||
|
||||
/* Define to the home page for this package. */
|
||||
#undef PACKAGE_URL
|
||||
|
||||
/* Define to the version of this package. */
|
||||
#undef PACKAGE_VERSION
|
||||
|
||||
/* Define to 1 if you have the ANSI C header files. */
|
||||
#undef STDC_HEADERS
|
||||
@ -1,5 +1,5 @@
|
||||
#include <linux/version.h>
|
||||
#include "../../config.h"
|
||||
#include "../../../config.h"
|
||||
#include "../../mcctrl.h"
|
||||
|
||||
#ifdef MCCTRL_KSYM_vdso_image_64
|
||||
|
||||
@ -38,7 +38,7 @@
|
||||
#include <asm/uaccess.h>
|
||||
#include <asm/delay.h>
|
||||
#include <asm/io.h>
|
||||
#include "../../config.h"
|
||||
#include "../../../config.h"
|
||||
#include "mcctrl.h"
|
||||
#include <ihk/ihk_host_user.h>
|
||||
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
#include <linux/slab.h>
|
||||
#include <linux/uaccess.h>
|
||||
#include <linux/version.h>
|
||||
#include "../../config.h"
|
||||
#include "../../../config.h"
|
||||
#include "mcctrl.h"
|
||||
#include "sysfs_msg.h"
|
||||
|
||||
|
||||
@ -65,7 +65,7 @@
|
||||
#include <sys/user.h>
|
||||
#include "../include/uprotocol.h"
|
||||
#include <getopt.h>
|
||||
#include "../config.h"
|
||||
#include "../../config.h"
|
||||
#include <numa.h>
|
||||
#include <numaif.h>
|
||||
|
||||
@ -1379,6 +1379,65 @@ static struct option mcexec_options[] = {
|
||||
#define MCEXEC_DEF_CUR_STACK_SIZE (2 * 1024 * 1024) /* 2 MiB */
|
||||
#define MCEXEC_DEF_MAX_STACK_SIZE (64 * 1024 * 1024) /* 64 MiB */
|
||||
|
||||
#ifdef ENABLE_MCOVERLAYFS
|
||||
void bind_mount_recursive(const char *root, char *prefix)
|
||||
{
|
||||
DIR *dir;
|
||||
struct dirent *entry;
|
||||
char path[PATH_MAX];
|
||||
int len;
|
||||
|
||||
len = snprintf(path, sizeof(path) - 1, "%s/%s", root, prefix);
|
||||
path[len] = 0;
|
||||
|
||||
if (!(dir = opendir(path))) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!(entry = readdir(dir))) {
|
||||
return;
|
||||
}
|
||||
|
||||
do {
|
||||
len = snprintf(path, sizeof(path) - 1,
|
||||
"%s/%s", prefix, entry->d_name);
|
||||
path[len] = 0;
|
||||
|
||||
if (entry->d_type == DT_DIR) {
|
||||
if (strcmp(entry->d_name, ".") == 0 ||
|
||||
strcmp(entry->d_name, "..") == 0)
|
||||
continue;
|
||||
|
||||
bind_mount_recursive(root, path);
|
||||
}
|
||||
else if (entry->d_type == DT_REG) {
|
||||
int ret;
|
||||
struct sys_mount_desc mount_desc;
|
||||
memset(&mount_desc, '\0', sizeof mount_desc);
|
||||
char bind_path[PATH_MAX];
|
||||
|
||||
len = snprintf(bind_path, sizeof(bind_path) - 1,
|
||||
"%s/%s/%s", root, prefix, entry->d_name);
|
||||
bind_path[len] = 0;
|
||||
|
||||
mount_desc.dev_name = bind_path;
|
||||
mount_desc.dir_name = path;
|
||||
mount_desc.type = NULL;
|
||||
mount_desc.flags = MS_BIND | MS_PRIVATE;
|
||||
mount_desc.data = NULL;
|
||||
if ((ret = ioctl(fd, MCEXEC_UP_SYS_MOUNT,
|
||||
(unsigned long)&mount_desc)) != 0) {
|
||||
fprintf(stderr, "WARNING: failed to bind mount %s over %s: %d\n",
|
||||
bind_path, path, ret);
|
||||
}
|
||||
}
|
||||
}
|
||||
while ((entry = readdir(dir)) != NULL);
|
||||
|
||||
closedir(dir);
|
||||
}
|
||||
#endif
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
// int fd;
|
||||
@ -1521,12 +1580,26 @@ int main(int argc, char **argv)
|
||||
struct sys_mount_desc mount_desc;
|
||||
struct sys_umount_desc umount_desc;
|
||||
|
||||
/* Unshare mount namespace */
|
||||
memset(&unshare_desc, '\0', sizeof unshare_desc);
|
||||
memset(&mount_desc, '\0', sizeof mount_desc);
|
||||
unshare_desc.unshare_flags = CLONE_NEWNS;
|
||||
if (ioctl(fd, MCEXEC_UP_SYS_UNSHARE,
|
||||
if (ioctl(fd, MCEXEC_UP_SYS_UNSHARE,
|
||||
(unsigned long)&unshare_desc) != 0) {
|
||||
fprintf(stderr, "Error: Failed to unshare. (%s)\n",
|
||||
fprintf(stderr, "Error: Failed to unshare. (%s)\n",
|
||||
strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Privatize mount namespace */
|
||||
mount_desc.dev_name = NULL;
|
||||
mount_desc.dir_name = "/";
|
||||
mount_desc.type = NULL;
|
||||
mount_desc.flags = MS_PRIVATE | MS_REC;
|
||||
mount_desc.data = NULL;
|
||||
if (ioctl(fd, MCEXEC_UP_SYS_MOUNT,
|
||||
(unsigned long)&mount_desc) != 0) {
|
||||
fprintf(stderr, "Error: Failed to privatize mounts. (%s)\n",
|
||||
strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
@ -1603,6 +1676,9 @@ int main(int argc, char **argv)
|
||||
strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
|
||||
bind_mount_recursive(ROOTFSDIR, "");
|
||||
|
||||
} else if (error == -1) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user