From 70c193132dc84d85964d8eee0e383dffd9723863 Mon Sep 17 00:00:00 2001
From: Archana Shinde <archana.m.shinde@intel.com>
Date: Fri, 22 Mar 2019 16:45:27 -0700
Subject: [PATCH] mounts: Add check for system volumes

We handle system directories differently, if its a bind mount
we mount the guest system directory to the container mount and
skip the 9p share mount.
However, we should not do this for docker volumes which are directories
created by Docker.

This introduces a Docker specific check, but that is the only
information available to us at the OCI layer.

Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
---
 virtcontainers/container.go  |  6 +++++-
 virtcontainers/mount.go      | 16 ++++++++++++++++
 virtcontainers/mount_test.go | 10 ++++++++++
 3 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/virtcontainers/container.go b/virtcontainers/container.go
index 337d07dec..75fcdc98f 100644
--- a/virtcontainers/container.go
+++ b/virtcontainers/container.go
@@ -477,7 +477,11 @@ func (c *Container) mountSharedDirMounts(hostSharedDir, guestSharedDir string) (
 	var sharedDirMounts []Mount
 	var ignoredMounts []Mount
 	for idx, m := range c.mounts {
-		if isSystemMount(m.Destination) || m.Type != "bind" {
+		if isSystemMount(m.Destination) && !IsDockerVolume(m.Source) {
+			continue
+		}
+
+		if m.Type != "bind" {
 			continue
 		}
 
diff --git a/virtcontainers/mount.go b/virtcontainers/mount.go
index 5ffa7c571..6dc6b62f3 100644
--- a/virtcontainers/mount.go
+++ b/virtcontainers/mount.go
@@ -326,3 +326,19 @@ func bindUnmountAllRootfs(ctx context.Context, sharedDir string, sandbox *Sandbo
 		}
 	}
 }
+
+const (
+	dockerVolumePrefix = "/var/lib/docker/volumes"
+	dockerVolumeSuffix = "_data"
+)
+
+// IsDockerVolume returns true if the given source path is
+// a docker volume.
+// This uses a very specific path that is used by docker.
+func IsDockerVolume(path string) bool {
+	if strings.HasPrefix(path, dockerVolumePrefix) && filepath.Base(path) == dockerVolumeSuffix {
+		return true
+	}
+	return false
+}
+
diff --git a/virtcontainers/mount_test.go b/virtcontainers/mount_test.go
index 820fd7447..f39fa3c48 100644
--- a/virtcontainers/mount_test.go
+++ b/virtcontainers/mount_test.go
@@ -282,3 +282,13 @@ func TestIsDeviceMapper(t *testing.T) {
 		t.Fatal()
 	}
 }
+
+func TestIsDockerVolume(t *testing.T) {
+	path := "/var/lib/docker/volumes/00da1347c7cf4f15db35f/_data"
+	isDockerVolume := IsDockerVolume(path)
+	assert.True(t, isDockerVolume)
+
+	path = "/var/lib/testdir"
+	isDockerVolume := IsDockerVolume(path)
+	assert.False(t, isDockerVolume)
+}