mount_utils: add mount utils

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc · Jul 23, 2020 · 7f88a1a · 7f88a1a
1 parent 7f1d397
commit 7f88a1a
Show file tree

Hide file tree

Showing 5 changed files with 264 additions and 14 deletions.
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
@@ -26,6 +26,7 @@ noinst_HEADERS = api_extensions.h \
 		 macro.h \
 		 memory_utils.h \
 		 monitor.h \
+		 mount_utils.h \
 		 namespace.h \
 		 process_utils.h \
 		 rexec.h \
@@ -125,6 +126,7 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
 		    macro.h \
 		    memory_utils.h \
 		    mainloop.c mainloop.h \
+		    mount_utils.c mount_utils.h \
 		    namespace.c namespace.h \
 		    network.c network.h \
 		    nl.c nl.h \

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
@@ -48,6 +48,7 @@
 #include "lxcseccomp.h"
 #include "macro.h"
 #include "memory_utils.h"
+#include "mount_utils.h"
 #include "namespace.h"
 #include "network.h"
 #include "parse.h"

diff --git a/src/lxc/macro.h b/src/lxc/macro.h
@@ -57,20 +57,6 @@
 #define CAP_SETGID 6
 #endif
 
-/* move_mount */
-#ifndef MOVE_MOUNT_F_EMPTY_PATH
-#define MOVE_MOUNT_F_EMPTY_PATH 0x00000004 /* Empty from path permitted */
-#endif
-
-/* open_tree */
-#ifndef OPEN_TREE_CLONE
-#define OPEN_TREE_CLONE 1 /* Clone the target tree and attach the clone */
-#endif
-
-#ifndef OPEN_TREE_CLOEXEC
-#define OPEN_TREE_CLOEXEC O_CLOEXEC /* Close the file on execve() */
-#endif
-
 /* prctl */
 #ifndef PR_CAPBSET_READ
 #define PR_CAPBSET_READ 23

diff --git a/src/lxc/mount_utils.c b/src/lxc/mount_utils.c
@@ -0,0 +1,110 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+
+#include "macro.h"
+#include "memory_utils.h"
+#include "mount_utils.h"
+#include "syscall_numbers.h"
+#include "syscall_wrappers.h"
+
+int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags)
+{
+	unsigned int flags = 0;
+
+	if (old_flags & MS_RDONLY) {
+		flags |= MOUNT_ATTR_RDONLY;
+		old_flags &= ~MS_RDONLY;
+	}
+
+	if (old_flags & MS_NOSUID) {
+		flags |= MOUNT_ATTR_NOSUID;
+		old_flags &= ~MS_NOSUID;
+	}
+
+	if (old_flags & MS_NODEV) {
+		flags |= MOUNT_ATTR_NODEV;
+		old_flags &= ~MS_NODEV;
+	}
+
+	if (old_flags & MS_NOEXEC) {
+		flags |= MOUNT_ATTR_NOEXEC;
+		old_flags &= ~MS_NOEXEC;
+	}
+
+	if (old_flags & MS_RELATIME) {
+		flags |= MOUNT_ATTR_RELATIME;
+		old_flags &= ~MS_RELATIME;
+	}
+
+	if (old_flags & MS_NOATIME) {
+		flags |= MOUNT_ATTR_NOATIME;
+		old_flags &= ~MS_NOATIME;
+	}
+
+	if (old_flags & MS_STRICTATIME) {
+		flags |= MOUNT_ATTR_STRICTATIME;
+		old_flags &= ~MS_STRICTATIME;
+	}
+
+	if (old_flags & MS_NODIRATIME) {
+		flags |= MOUNT_ATTR_NODIRATIME;
+		old_flags &= ~MS_NODIRATIME;
+	}
+
+	*new_flags |= flags;
+	return old_flags;
+}
+
+int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags)
+{
+	unsigned int flags = 0;
+
+	if (new_flags & MOUNT_ATTR_RDONLY) {
+		flags |= MS_RDONLY;
+		new_flags &= ~MOUNT_ATTR_RDONLY;
+	}
+
+	if (new_flags & MOUNT_ATTR_NOSUID) {
+		flags |= MS_NOSUID;
+		new_flags &= ~MOUNT_ATTR_NOSUID;
+	}
+
+	if (new_flags & MS_NODEV) {
+		flags |= MOUNT_ATTR_NODEV;
+		new_flags &= ~MS_NODEV;
+	}
+
+	if (new_flags & MOUNT_ATTR_NOEXEC) {
+		flags |= MS_NOEXEC;
+		new_flags &= ~MOUNT_ATTR_NOEXEC;
+	}
+
+	if (new_flags & MS_RELATIME) {
+		flags |= MS_RELATIME;
+		new_flags &= ~MOUNT_ATTR_RELATIME;
+	}
+
+	if (new_flags & MS_NOATIME) {
+		flags |= MS_NOATIME;
+		new_flags &= ~MOUNT_ATTR_NOATIME;
+	}
+
+	if (new_flags & MS_STRICTATIME) {
+		flags |= MS_STRICTATIME;
+		new_flags &= ~MOUNT_ATTR_STRICTATIME;
+	}
+
+	if (new_flags & MS_NODIRATIME) {
+		flags |= MS_NODIRATIME;
+		new_flags &= ~MOUNT_ATTR_NODIRATIME;
+	}
+
+	*old_flags |= flags;
+	return new_flags;
+}
diff --git a/src/lxc/mount_utils.h b/src/lxc/mount_utils.h
@@ -0,0 +1,151 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#ifndef __LXC_MOUNT_UTILS_H
+#define __LXC_MOUNT_UTILS_H
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+
+#include "compiler.h"
+
+/* open_tree() flags */
+#ifndef OPEN_TREE_CLONE
+#define OPEN_TREE_CLONE 1
+#endif
+
+#ifndef OPEN_TREE_CLOEXEC
+#define OPEN_TREE_CLOEXEC O_CLOEXEC
+#endif
+
+/* move_mount() flags */
+#ifndef MOVE_MOUNT_F_SYMLINKS
+#define MOVE_MOUNT_F_SYMLINKS 0x00000001 /* Follow symlinks on from path */
+#endif
+
+#ifndef MOVE_MOUNT_F_AUTOMOUNTS
+#define MOVE_MOUNT_F_AUTOMOUNTS 0x00000002 /* Follow automounts on from path */
+#endif
+
+#ifndef MOVE_MOUNT_F_EMPTY_PATH
+#define MOVE_MOUNT_F_EMPTY_PATH 0x00000004 /* Empty from path permitted */
+#endif
+
+#ifndef MOVE_MOUNT_T_SYMLINKS
+#define MOVE_MOUNT_T_SYMLINKS 0x00000010 /* Follow symlinks on to path */
+#endif
+
+#ifndef MOVE_MOUNT_T_AUTOMOUNTS
+#define MOVE_MOUNT_T_AUTOMOUNTS 0x00000020 /* Follow automounts on to path */
+#endif
+
+#ifndef MOVE_MOUNT_T_EMPTY_PATH
+#define MOVE_MOUNT_T_EMPTY_PATH 0x00000040 /* Empty to path permitted */
+#endif
+
+#ifndef MOVE_MOUNT__MASK
+#define MOVE_MOUNT__MASK 0x00000077
+#endif
+
+/* fsopen() flags */
+#ifndef FSOPEN_CLOEXEC
+#define FSOPEN_CLOEXEC 0x00000001
+#endif
+
+/* fspick() flags */
+#ifndef FSPICK_CLOEXEC
+#define FSPICK_CLOEXEC 0x00000001
+#endif
+
+#ifndef FSPICK_SYMLINK_NOFOLLOW
+#define FSPICK_SYMLINK_NOFOLLOW 0x00000002
+#endif
+
+#ifndef FSPICK_NO_AUTOMOUNT
+#define FSPICK_NO_AUTOMOUNT 0x00000004
+#endif
+
+#ifndef FSPICK_EMPTY_PATH
+#define FSPICK_EMPTY_PATH 0x00000008
+#endif
+
+/* fsconfig() commands */
+#ifndef FSCONFIG_SET_FLAG
+#define FSCONFIG_SET_FLAG 0 /* Set parameter, supplying no value */
+#endif
+
+#ifndef FSCONFIG_SET_STRING
+#define FSCONFIG_SET_STRING 1 /* Set parameter, supplying a string value */
+#endif
+
+#ifndef FSCONFIG_SET_BINARY
+#define FSCONFIG_SET_BINARY 2 /* Set parameter, supplying a binary blob value */
+#endif
+
+#ifndef FSCONFIG_SET_PATH
+#define FSCONFIG_SET_PATH 3 /* Set parameter, supplying an object by path */
+#endif
+
+#ifndef FSCONFIG_SET_PATH_EMPTY
+#define FSCONFIG_SET_PATH_EMPTY 4 /* Set parameter, supplying an object by (empty) path */
+#endif
+
+#ifndef FSCONFIG_SET_FD
+#define FSCONFIG_SET_FD 5 /* Set parameter, supplying an object by fd */
+#endif
+
+#ifndef FSCONFIG_CMD_CREATE
+#define FSCONFIG_CMD_CREATE 6 /* Invoke superblock creation */
+#endif
+
+#ifndef FSCONFIG_CMD_RECONFIGURE
+#define	FSCONFIG_CMD_RECONFIGURE 7	/* Invoke superblock reconfiguration */
+#endif
+
+/* fsmount() flags */
+#ifndef FSMOUNT_CLOEXEC
+#define FSMOUNT_CLOEXEC 0x00000001
+#endif
+
+/* mount attributes */
+#ifndef MOUNT_ATTR_RDONLY
+#define MOUNT_ATTR_RDONLY 0x00000001 /* Mount read-only */
+#endif
+
+#ifndef MOUNT_ATTR_NOSUID
+#define MOUNT_ATTR_NOSUID 0x00000002 /* Ignore suid and sgid bits */
+#endif
+
+#ifndef MOUNT_ATTR_NODEV
+#define MOUNT_ATTR_NODEV 0x00000004 /* Disallow access to device special files */
+#endif
+
+#ifndef MOUNT_ATTR_NOEXEC
+#define MOUNT_ATTR_NOEXEC 0x00000008 /* Disallow program execution */
+#endif
+
+#ifndef MOUNT_ATTR__ATIME
+#define MOUNT_ATTR__ATIME 0x00000070 /* Setting on how atime should be updated */
+#endif
+
+#ifndef MOUNT_ATTR_RELATIME
+#define MOUNT_ATTR_RELATIME 0x00000000 /* - Update atime relative to mtime/ctime. */
+#endif
+
+#ifndef MOUNT_ATTR_NOATIME
+#define MOUNT_ATTR_NOATIME 0x00000010 /* - Do not update access times. */
+#endif
+
+#ifndef MOUNT_ATTR_STRICTATIME
+#define MOUNT_ATTR_STRICTATIME 0x00000020 /* - Always perform atime updates */
+#endif
+
+#ifndef MOUNT_ATTR_NODIRATIME
+#define MOUNT_ATTR_NODIRATIME 0x00000080 /* Do not update directory access times */
+#endif
+
+__hidden extern int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags);
+
+__hidden extern int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags);
+
+#endif /* __LXC_MOUNT_UTILS_H */