virtcontainers: split out Linux parts from mount

Mount handling is often unique in Linux. Let's ensure that the common parts remain in mount.go, while Linux speific parts are within a linux file. Fixes: #6049 Signed-off-by: Eric Ernst <eric_ernst@apple.com>
2025-12-21 16:24:22 +01:00 · 2022-05-13 11:31:39 -07:00
parent 60ff230d80
commit 923cd3fda1
5 changed files with 528 additions and 485 deletions
--- a/src/runtime/virtcontainers/mount_test.go
+++ b/src/runtime/virtcontainers/mount_test.go
@@ -6,15 +6,9 @@
 package virtcontainers

 import (
-	"bytes"
-	"context"
 	"fmt"
 	"os"
-	"os/exec"
 	"path/filepath"
-	"strconv"
-	"strings"
-	"syscall"
 	"testing"

 	ktu "github.com/kata-containers/kata-containers/src/runtime/pkg/katatestutils"
@@ -55,24 +49,6 @@ func TestIsSystemMount(t *testing.T) {
 	}
 }

-func TestIsHostDevice(t *testing.T) {
-	assert := assert.New(t)
-	tests := []struct {
-		mnt      string
-		expected bool
-	}{
-		{"/dev", true},
-		{"/dev/zero", true},
-		{"/dev/block", true},
-		{"/mnt/dev/block", false},
-	}
-
-	for _, test := range tests {
-		result := isHostDevice(test.mnt)
-		assert.Equal(result, test.expected)
-	}
-}
-
 func TestIsHostDeviceCreateFile(t *testing.T) {
 	assert := assert.New(t)
 	if tc.NotValid(ktu.NeedRoot()) {
@@ -89,41 +65,6 @@ func TestIsHostDeviceCreateFile(t *testing.T) {
 	assert.NoError(os.Remove(path))
 }

-func TestMajorMinorNumber(t *testing.T) {
-	assert := assert.New(t)
-	devices := []string{"/dev/zero", "/dev/net/tun"}
-
-	for _, device := range devices {
-		cmdStr := fmt.Sprintf("ls -l %s | awk '{print $5$6}'", device)
-		cmd := exec.Command("sh", "-c", cmdStr)
-		output, err := cmd.Output()
-		assert.NoError(err)
-
-		data := bytes.Split(output, []byte(","))
-		assert.False(len(data) < 2)
-
-		majorStr := strings.TrimSpace(string(data[0]))
-		minorStr := strings.TrimSpace(string(data[1]))
-
-		majorNo, err := strconv.Atoi(majorStr)
-		assert.NoError(err)
-
-		minorNo, err := strconv.Atoi(minorStr)
-		assert.NoError(err)
-
-		stat := syscall.Stat_t{}
-		err = syscall.Stat(device, &stat)
-		assert.NoError(err)
-
-		// Get major and minor numbers for the device itself. Note the use of stat.Rdev instead of Dev.
-		major := major(stat.Rdev)
-		minor := minor(stat.Rdev)
-
-		assert.Equal(minor, minorNo)
-		assert.Equal(major, majorNo)
-	}
-}
-
 func TestGetDeviceForPathRoot(t *testing.T) {
 	assert := assert.New(t)
 	dev, err := getDeviceForPath("/")
@@ -134,16 +75,6 @@ func TestGetDeviceForPathRoot(t *testing.T) {
 	assert.Equal(dev.mountPoint, expected)
 }

-func TestGetDeviceForPathValidMount(t *testing.T) {
-	assert := assert.New(t)
-	dev, err := getDeviceForPath("/proc")
-	assert.NoError(err)
-
-	expected := "/proc"
-
-	assert.Equal(dev.mountPoint, expected)
-}
-
 func TestGetDeviceForPathEmptyPath(t *testing.T) {
 	assert := assert.New(t)
 	_, err := getDeviceForPath("")
@@ -165,64 +96,6 @@ func TestGetDeviceForPath(t *testing.T) {
 	assert.Error(err)
 }

-func TestGetDeviceForPathBindMount(t *testing.T) {
-	assert := assert.New(t)
-
-	if tc.NotValid(ktu.NeedRoot()) {
-		t.Skip(ktu.TestDisabledNeedRoot)
-	}
-
-	source := filepath.Join(testDir, "testDeviceDirSrc")
-	dest := filepath.Join(testDir, "testDeviceDirDest")
-	syscall.Unmount(dest, 0)
-	os.Remove(source)
-	os.Remove(dest)
-
-	err := os.MkdirAll(source, mountPerm)
-	assert.NoError(err)
-
-	defer os.Remove(source)
-
-	err = os.MkdirAll(dest, mountPerm)
-	assert.NoError(err)
-
-	defer os.Remove(dest)
-
-	err = bindMount(context.Background(), source, dest, false, "private")
-	assert.NoError(err)
-
-	defer syscall.Unmount(dest, syscall.MNT_DETACH)
-
-	destFile := filepath.Join(dest, "test")
-	_, err = os.Create(destFile)
-	assert.NoError(err)
-
-	defer os.Remove(destFile)
-
-	sourceDev, _ := getDeviceForPath(source)
-	destDev, _ := getDeviceForPath(destFile)
-
-	assert.Equal(sourceDev, destDev)
-}
-
-func TestIsDeviceMapper(t *testing.T) {
-	assert := assert.New(t)
-
-	// known major, minor for /dev/tty
-	major := 5
-	minor := 0
-
-	isDM, err := isDeviceMapper(major, minor)
-	assert.NoError(err)
-	assert.False(isDM)
-
-	// fake the block device format
-	blockFormatTemplate = "/sys/dev/char/%d:%d"
-	isDM, err = isDeviceMapper(major, minor)
-	assert.NoError(err)
-	assert.True(isDM)
-}
-
 func TestIsDockerVolume(t *testing.T) {
 	assert := assert.New(t)
 	path := "/var/lib/docker/volumes/00da1347c7cf4f15db35f/_data"
@@ -234,38 +107,6 @@ func TestIsDockerVolume(t *testing.T) {
 	assert.False(isDockerVolume)
 }

-func TestIsEphemeralStorage(t *testing.T) {
-	assert := assert.New(t)
-	if tc.NotValid(ktu.NeedRoot()) {
-		t.Skip(ktu.TestDisabledNeedRoot)
-	}
-
-	dir, err := os.MkdirTemp(testDir, "foo")
-	assert.NoError(err)
-	defer os.RemoveAll(dir)
-
-	sampleEphePath := filepath.Join(dir, K8sEmptyDir, "tmp-volume")
-	err = os.MkdirAll(sampleEphePath, testDirMode)
-	assert.Nil(err)
-
-	err = syscall.Mount("tmpfs", sampleEphePath, "tmpfs", 0, "")
-	assert.NoError(err)
-	defer syscall.Unmount(sampleEphePath, 0)
-
-	isEphe := IsEphemeralStorage(sampleEphePath)
-	assert.True(isEphe)
-
-	isHostEmptyDir := Isk8sHostEmptyDir(sampleEphePath)
-	assert.False(isHostEmptyDir)
-
-	sampleEphePath = "/var/lib/kubelet/pods/366c3a75-4869-11e8-b479-507b9ddd5ce4/volumes/cache-volume"
-	isEphe = IsEphemeralStorage(sampleEphePath)
-	assert.False(isEphe)
-
-	isHostEmptyDir = Isk8sHostEmptyDir(sampleEphePath)
-	assert.False(isHostEmptyDir)
-}
-
 func TestIsEmtpyDir(t *testing.T) {
 	assert := assert.New(t)
 	path := "/var/lib/kubelet/pods/5f0861a0-a987-4a3a-bb0f-1058ddb9678f/volumes/kubernetes.io~empty-dir/foobar"
@@ -355,148 +196,3 @@ func TestIsWatchable(t *testing.T) {
 	result = isWatchableMount(configs)
 	assert.False(result)
 }
-
-func TestBindMountInvalidSourceSymlink(t *testing.T) {
-	source := filepath.Join(testDir, "fooFile")
-	os.Remove(source)
-
-	err := bindMount(context.Background(), source, "", false, "private")
-	assert.Error(t, err)
-}
-
-func TestBindMountFailingMount(t *testing.T) {
-	source := filepath.Join(testDir, "fooLink")
-	fakeSource := filepath.Join(testDir, "fooFile")
-	os.Remove(source)
-	os.Remove(fakeSource)
-	assert := assert.New(t)
-
-	_, err := os.OpenFile(fakeSource, os.O_CREATE, mountPerm)
-	assert.NoError(err)
-
-	err = os.Symlink(fakeSource, source)
-	assert.NoError(err)
-
-	err = bindMount(context.Background(), source, "", false, "private")
-	assert.Error(err)
-}
-
-func cleanupFooMount() {
-	dest := filepath.Join(testDir, "fooDirDest")
-
-	syscall.Unmount(dest, 0)
-}
-
-func TestBindMountSuccessful(t *testing.T) {
-	assert := assert.New(t)
-	if tc.NotValid(ktu.NeedRoot()) {
-		t.Skip(testDisabledAsNonRoot)
-	}
-
-	source := filepath.Join(testDir, "fooDirSrc")
-	dest := filepath.Join(testDir, "fooDirDest")
-	t.Cleanup(cleanupFooMount)
-
-	err := os.MkdirAll(source, mountPerm)
-	assert.NoError(err)
-
-	err = os.MkdirAll(dest, mountPerm)
-	assert.NoError(err)
-
-	err = bindMount(context.Background(), source, dest, false, "private")
-	assert.NoError(err)
-}
-
-func TestBindMountReadonlySuccessful(t *testing.T) {
-	assert := assert.New(t)
-	if tc.NotValid(ktu.NeedRoot()) {
-		t.Skip(testDisabledAsNonRoot)
-	}
-
-	source := filepath.Join(testDir, "fooDirSrc")
-	dest := filepath.Join(testDir, "fooDirDest")
-	t.Cleanup(cleanupFooMount)
-
-	err := os.MkdirAll(source, mountPerm)
-	assert.NoError(err)
-
-	err = os.MkdirAll(dest, mountPerm)
-	assert.NoError(err)
-
-	err = bindMount(context.Background(), source, dest, true, "private")
-	assert.NoError(err)
-
-	// should not be able to create file in read-only mount
-	destFile := filepath.Join(dest, "foo")
-	_, err = os.OpenFile(destFile, os.O_CREATE, mountPerm)
-	assert.Error(err)
-}
-
-func TestBindMountInvalidPgtypes(t *testing.T) {
-	assert := assert.New(t)
-	if tc.NotValid(ktu.NeedRoot()) {
-		t.Skip(testDisabledAsNonRoot)
-	}
-
-	source := filepath.Join(testDir, "fooDirSrc")
-	dest := filepath.Join(testDir, "fooDirDest")
-	t.Cleanup(cleanupFooMount)
-
-	err := os.MkdirAll(source, mountPerm)
-	assert.NoError(err)
-
-	err = os.MkdirAll(dest, mountPerm)
-	assert.NoError(err)
-
-	err = bindMount(context.Background(), source, dest, false, "foo")
-	expectedErr := fmt.Sprintf("Wrong propagation type %s", "foo")
-	assert.EqualError(err, expectedErr)
-}
-
-// TestBindUnmountContainerRootfsENOENTNotError tests that if a file
-// or directory attempting to be unmounted doesn't exist, then it
-// is not considered an error
-func TestBindUnmountContainerRootfsENOENTNotError(t *testing.T) {
-	if os.Getuid() != 0 {
-		t.Skip("Test disabled as requires root user")
-	}
-	testMnt := "/tmp/test_mount"
-	sID := "sandIDTest"
-	cID := "contIDTest"
-	assert := assert.New(t)
-
-	// Check to make sure the file doesn't exist
-	testPath := filepath.Join(testMnt, sID, cID, rootfsDir)
-	if _, err := os.Stat(testPath); !os.IsNotExist(err) {
-		assert.NoError(os.Remove(testPath))
-	}
-
-	err := bindUnmountContainerRootfs(context.Background(), filepath.Join(testMnt, sID), cID)
-	assert.NoError(err)
-}
-
-func TestBindUnmountContainerRootfsRemoveRootfsDest(t *testing.T) {
-	assert := assert.New(t)
-	if tc.NotValid(ktu.NeedRoot()) {
-		t.Skip(ktu.TestDisabledNeedRoot)
-	}
-
-	sID := "sandIDTestRemoveRootfsDest"
-	cID := "contIDTestRemoveRootfsDest"
-
-	testPath := filepath.Join(testDir, sID, cID, rootfsDir)
-	syscall.Unmount(testPath, 0)
-	os.Remove(testPath)
-
-	err := os.MkdirAll(testPath, mountPerm)
-	assert.NoError(err)
-	defer os.RemoveAll(filepath.Join(testDir, sID))
-
-	bindUnmountContainerRootfs(context.Background(), filepath.Join(testDir, sID), cID)
-
-	if _, err := os.Stat(testPath); err == nil {
-		t.Fatal("empty rootfs dest should be removed")
-	} else if !os.IsNotExist(err) {
-		t.Fatal(err)
-	}
-}