Use clean path for map and comparison.

Signed-off-by: Lantao Liu <lantaol@google.com>
2019-03-03 21:01:18 -08:00 · 2019-03-03 21:01:18 -08:00 · 0464298b1e
commit 0464298b1e
parent 210e80289b
3 changed files with 22 additions and 6 deletions
--- a/pkg/server/container_create.go
+++ b/pkg/server/container_create.go
@ -186,7 +186,7 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
 	if len(volumeMounts) > 0 {
 		mountMap := make(map[string]string)
 		for _, v := range volumeMounts {
-			mountMap[v.HostPath] = v.ContainerPath
+			mountMap[filepath.Clean(v.HostPath)] = v.ContainerPath
 		}
 		opts = append(opts, customopts.WithVolumes(mountMap))
 	}
@ -750,7 +750,7 @@ func setOCIBindMountsPrivileged(g *generator) {
 	spec := g.Config
 	// clear readonly for /sys and cgroup
 	for i, m := range spec.Mounts {
-		if spec.Mounts[i].Destination == "/sys" {
+		if filepath.Clean(spec.Mounts[i].Destination) == "/sys" {
 			clearReadOnly(&spec.Mounts[i])
 		}
 		if m.Type == "cgroup" {
@ -908,7 +908,7 @@ func defaultRuntimeSpec(id string) (*runtimespec.Spec, error) {
 	// TODO(random-liu): Mount tmpfs for /run and handle copy-up.
 	var mounts []runtimespec.Mount
 	for _, mount := range spec.Mounts {
-		if mount.Destination == "/run" {
+		if filepath.Clean(mount.Destination) == "/run" {
 			continue
 		}
 		mounts = append(mounts, mount)
--- a/pkg/server/container_create_test.go
+++ b/pkg/server/container_create_test.go
@ -307,7 +307,8 @@ func TestContainerSpecWithExtraMounts(t *testing.T) {
 	config, sandboxConfig, imageConfig, specCheck := getCreateContainerTestData()
 	c := newTestCRIService()
 	mountInConfig := &runtime.Mount{
-		ContainerPath: "test-container-path",
+		// Test cleanpath
 		ContainerPath: "test-container-path/",
 		HostPath:      "test-host-path",
 		Readonly:      false,
 	}
@ -334,7 +335,7 @@ func TestContainerSpecWithExtraMounts(t *testing.T) {
 	specCheck(t, testID, testSandboxID, testPid, spec)
 	var mounts, sysMounts, devMounts []runtimespec.Mount
 	for _, m := range spec.Mounts {
-		if m.Destination == "test-container-path" {
+		if strings.HasPrefix(m.Destination, "test-container-path") {
 			mounts = append(mounts, m)
 		} else if m.Destination == "/sys" {
 			sysMounts = append(sysMounts, m)
@ -499,6 +500,21 @@ func TestGenerateVolumeMounts(t *testing.T) {
 				"/test-volume-2",
 			},
 		},
 		"should compare and return cleanpath": {
 			criMounts: []*runtime.Mount{
 				{
 					ContainerPath: "/test-volume-1",
 					HostPath:      "/test-hostpath-1",
 				},
 			},
 			imageVolumes: map[string]struct{}{
 				"/test-volume-1/": {},
 				"/test-volume-2/": {},
 			},
 			expectedMountDest: []string{
 				"/test-volume-2/",
 			},
 		},
 	} {
 		t.Logf("TestCase %q", desc)
 		config := &imagespec.ImageConfig{
--- a/pkg/server/helpers.go
+++ b/pkg/server/helpers.go
@ -374,7 +374,7 @@ func checkSelinuxLevel(level string) (bool, error) {
 // isInCRIMounts checks whether a destination is in CRI mount list.
 func isInCRIMounts(dst string, mounts []*runtime.Mount) bool {
 	for _, m := range mounts {
-		if m.ContainerPath == dst {
+		if filepath.Clean(m.ContainerPath) == filepath.Clean(dst) {
 			return true
 		}
 	}