diff --git a/vmm/sandbox/src/container/handler/storage.rs b/vmm/sandbox/src/container/handler/storage.rs index a3276848..29bd3dda 100644 --- a/vmm/sandbox/src/container/handler/storage.rs +++ b/vmm/sandbox/src/container/handler/storage.rs @@ -21,7 +21,10 @@ use containerd_sandbox::{ Sandbox, }; use log::debug; -use vmm_common::{storage::ANNOTATION_KEY_STORAGE, DEV_SHM, STORAGE_FILE_PREFIX}; +use vmm_common::{ + storage::{Storage, ANNOTATION_KEY_STORAGE}, + DEV_SHM, STORAGE_FILE_PREFIX, +}; use crate::{ container::handler::Handler, sandbox::KuasarSandbox, storage::mount::is_bind_shm, @@ -55,14 +58,18 @@ where let rootfs = &container.data.rootfs; let mut handled_mounts = vec![]; - let mut storages = vec![]; + let mut storages: Vec<&Storage> = vec![]; for mut m in mounts { if let Some(storage) = sandbox.storages.iter().find(|x| x.is_for_mount(&m)) { debug!("found storage {:?} for mount {:?}", storage, m); m.source.clone_from(&storage.mount_point); - m.options = vec!["bind".to_string()]; - if storage.need_guest_handle { + m.options.push("bind".to_string()); + if storage.need_guest_handle + && !storages + .iter() + .any(|s| s.host_source == storage.host_source && s.r#type == storage.r#type) + { storages.push(storage); } } diff --git a/vmm/sandbox/src/storage/mod.rs b/vmm/sandbox/src/storage/mod.rs index 1770a60a..a1fcf48f 100644 --- a/vmm/sandbox/src/storage/mod.rs +++ b/vmm/sandbox/src/storage/mod.rs @@ -128,7 +128,7 @@ where }; let mut storage = Storage { - host_source: source.clone(), + host_source: m.source.clone(), r#type: m.r#type.clone(), id: id.to_string(), device_id: Some(device_id.to_string()), @@ -161,6 +161,13 @@ where } else { m.source.clone() }; + + let options = if m.options.contains(&"ro".to_string()) { + vec!["ro".to_string()] + } else { + vec![] + }; + let host_dest = format!("{}/{}", self.get_sandbox_shared_path(), &storage_id); debug!("bind mount storage for mount {:?}, dest: {}", m, &host_dest); let source_path = Path::new(&*source); @@ -188,7 +195,7 @@ where driver: "".to_string(), driver_options: vec![], fstype: "bind".to_string(), - options: vec![], + options, mount_point: format!("{}/{}", KUASAR_STATE_DIR, &storage_id), }; @@ -209,6 +216,13 @@ where m ))); } + + let options = if m.options.contains(&"ro".to_string()) { + vec!["ro".to_string()] + } else { + vec![] + }; + let host_dest = format!("{}/{}", self.get_sandbox_shared_path(), &storage_id); debug!("overlay mount storage for {:?}, dest: {}", m, &host_dest); tokio::fs::create_dir_all(&host_dest).await?; @@ -226,7 +240,7 @@ where driver: "".to_string(), driver_options: vec![], fstype: "bind".to_string(), - options: vec![], + options, mount_point: format!("{}/{}", KUASAR_STATE_DIR, &storage_id), }; @@ -242,6 +256,12 @@ where m: &Mount, mount_info: &MountInfo, ) -> Result<()> { + let options = if m.options.contains(&"ro".to_string()) { + vec!["ro".to_string()] + } else { + vec![] + }; + let mut storage = Storage { host_source: m.source.clone(), r#type: m.r#type.clone(), @@ -253,7 +273,7 @@ where driver: DRIVEREPHEMERALTYPE.to_string(), driver_options: vec![], fstype: "tmpfs".to_string(), - options: vec![], + options, mount_point: format!("{}{}", KUASAR_GUEST_SHARE_DIR, storage_id), }; // only handle size option because other options may not supported in guest diff --git a/vmm/sandbox/src/storage/utils.rs b/vmm/sandbox/src/storage/utils.rs index f24192cd..d6fdfa8c 100644 --- a/vmm/sandbox/src/storage/utils.rs +++ b/vmm/sandbox/src/storage/utils.rs @@ -41,7 +41,7 @@ pub async fn get_file_type>(path: P) -> Result { let real_path = match tokio::fs::canonicalize(path).await { Ok(rp) => rp, Err(e) => { - return Err(e.into()); + return Err(anyhow!("get file type {}", e).into()); } };