From 21f532d51891087f850ef3a7ed7e737c8c95b88a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 23 Jun 2021 09:59:46 +0200 Subject: [PATCH 1/2] move sys.FMountat() into mount package It's the only location this is used, so might as well move it into that package. I could not find external users of this utility, so not adding an alias / deprecation. Signed-off-by: Sebastiaan van Stijn --- sys/mount_linux.go => mount/fmountat_linux.go | 2 +- sys/mount_linux_test.go => mount/fmountat_linux_test.go | 4 ++-- mount/mount_linux.go | 3 +-- {sys => mount}/subprocess_unsafe_linux.go | 2 +- {sys => mount}/subprocess_unsafe_linux.s | 0 5 files changed, 5 insertions(+), 6 deletions(-) rename sys/mount_linux.go => mount/fmountat_linux.go (99%) rename sys/mount_linux_test.go => mount/fmountat_linux_test.go (99%) rename {sys => mount}/subprocess_unsafe_linux.go (98%) rename {sys => mount}/subprocess_unsafe_linux.s (100%) diff --git a/sys/mount_linux.go b/mount/fmountat_linux.go similarity index 99% rename from sys/mount_linux.go rename to mount/fmountat_linux.go index a21045529..45732488d 100644 --- a/sys/mount_linux.go +++ b/mount/fmountat_linux.go @@ -14,7 +14,7 @@ limitations under the License. */ -package sys +package mount import ( "runtime" diff --git a/sys/mount_linux_test.go b/mount/fmountat_linux_test.go similarity index 99% rename from sys/mount_linux_test.go rename to mount/fmountat_linux_test.go index 38745f497..4f25acf9b 100644 --- a/sys/mount_linux_test.go +++ b/mount/fmountat_linux_test.go @@ -14,7 +14,7 @@ limitations under the License. */ -package sys +package mount import ( "io/ioutil" @@ -32,7 +32,7 @@ import ( type fMountatCaseFunc func(t *testing.T, root string) func TestFMountat(t *testing.T) { - if !runningPrivileged() { + if unix.Geteuid() != 0 { t.Skip("Needs to be run as root") return } diff --git a/mount/mount_linux.go b/mount/mount_linux.go index 3f05ebc89..e0e066b31 100644 --- a/mount/mount_linux.go +++ b/mount/mount_linux.go @@ -24,7 +24,6 @@ import ( "strings" "time" - "github.com/containerd/containerd/sys" "github.com/pkg/errors" "golang.org/x/sys/unix" ) @@ -378,7 +377,7 @@ func mountAt(chdir string, source, target, fstype string, flags uintptr, data st if !fs.IsDir() { return errors.Wrap(errors.Errorf("%s is not dir", chdir), "failed to mountat") } - return errors.Wrap(sys.FMountat(f.Fd(), source, target, fstype, flags, data), "failed to mountat") + return errors.Wrap(FMountat(f.Fd(), source, target, fstype, flags, data), "failed to mountat") } func (m *Mount) mountWithHelper(helperBinary, typePrefix, target string) error { diff --git a/sys/subprocess_unsafe_linux.go b/mount/subprocess_unsafe_linux.go similarity index 98% rename from sys/subprocess_unsafe_linux.go rename to mount/subprocess_unsafe_linux.go index 6e40a9c7d..c7cb0c034 100644 --- a/sys/subprocess_unsafe_linux.go +++ b/mount/subprocess_unsafe_linux.go @@ -14,7 +14,7 @@ limitations under the License. */ -package sys +package mount import ( _ "unsafe" // required for go:linkname. diff --git a/sys/subprocess_unsafe_linux.s b/mount/subprocess_unsafe_linux.s similarity index 100% rename from sys/subprocess_unsafe_linux.s rename to mount/subprocess_unsafe_linux.s From a964cf0cc4beabfd5cc50e970581d79f195ca4c0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 23 Jun 2021 10:01:43 +0200 Subject: [PATCH 2/2] un-export mount.FMountat It's only used internally, so we can un-export this utility until it is needed elsewhere. Signed-off-by: Sebastiaan van Stijn --- mount/fmountat_linux.go | 4 ++-- mount/fmountat_linux_test.go | 6 +++--- mount/mount_linux.go | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mount/fmountat_linux.go b/mount/fmountat_linux.go index 45732488d..705b95ede 100644 --- a/mount/fmountat_linux.go +++ b/mount/fmountat_linux.go @@ -26,8 +26,8 @@ import ( "golang.org/x/sys/unix" ) -// FMountat performs mount from the provided directory. -func FMountat(dirfd uintptr, source, target, fstype string, flags uintptr, data string) error { +// fMountat performs mount from the provided directory. +func fMountat(dirfd uintptr, source, target, fstype string, flags uintptr, data string) error { var ( sourceP, targetP, fstypeP, dataP *byte pid uintptr diff --git a/mount/fmountat_linux_test.go b/mount/fmountat_linux_test.go index 4f25acf9b..06b3a2667 100644 --- a/mount/fmountat_linux_test.go +++ b/mount/fmountat_linux_test.go @@ -88,7 +88,7 @@ func testFMountatNormal(t *testing.T, root string) { defer f.Close() // mount work to fs - if err = FMountat(f.Fd(), workdir, "fs", "bind", unix.MS_BIND|unix.MS_RDONLY, ""); err != nil { + if err = fMountat(f.Fd(), workdir, "fs", "bind", unix.MS_BIND|unix.MS_RDONLY, ""); err != nil { t.Fatalf("expected no error here, but got error: %+v", err) } defer umount(t, fsdir) @@ -124,7 +124,7 @@ func testFMountatWithFileFd(t *testing.T, root string) { } defer f.Close() - err = FMountat(f.Fd(), filepath.Join(root, "empty"), filepath.Join(root, "work"), "", 0, "") + err = fMountat(f.Fd(), filepath.Join(root, "empty"), filepath.Join(root, "work"), "", 0, "") if !errors.Is(err, expectedErr) { t.Fatalf("expected error %v, but got %v", expectedErr, errors.Cause(err)) } @@ -145,7 +145,7 @@ func testFMountatWithInvalidSource(t *testing.T, root string) { } defer f.Close() - err = FMountat(f.Fd(), filepath.Join(root, "oops"), "at", "bind", unix.MS_BIND, "") + err = fMountat(f.Fd(), filepath.Join(root, "oops"), "at", "bind", unix.MS_BIND, "") if !errors.Is(err, expectedErr) { t.Fatalf("expected error %v, but got %v", expectedErr, err) } diff --git a/mount/mount_linux.go b/mount/mount_linux.go index e0e066b31..31148049a 100644 --- a/mount/mount_linux.go +++ b/mount/mount_linux.go @@ -377,7 +377,7 @@ func mountAt(chdir string, source, target, fstype string, flags uintptr, data st if !fs.IsDir() { return errors.Wrap(errors.Errorf("%s is not dir", chdir), "failed to mountat") } - return errors.Wrap(FMountat(f.Fd(), source, target, fstype, flags, data), "failed to mountat") + return errors.Wrap(fMountat(f.Fd(), source, target, fstype, flags, data), "failed to mountat") } func (m *Mount) mountWithHelper(helperBinary, typePrefix, target string) error {