diff options
| author | Chirantan Ekbote <chirantan@chromium.org> | 2018-11-16 16:37:45 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2019-01-07 19:40:15 -0800 |
| commit | d41d726c2f977789fdd3f6cd701f0c7616b778ac (patch) | |
| tree | 0fb2fb98ea397ad1abbe729ee1e3e7e8e20b667e /src/main.rs | |
| parent | c1a40a74145b511240bb3f4b894e1955a44b5ed2 (diff) | |
| download | crosvm-d41d726c2f977789fdd3f6cd701f0c7616b778ac.tar crosvm-d41d726c2f977789fdd3f6cd701f0c7616b778ac.tar.gz crosvm-d41d726c2f977789fdd3f6cd701f0c7616b778ac.tar.bz2 crosvm-d41d726c2f977789fdd3f6cd701f0c7616b778ac.tar.lz crosvm-d41d726c2f977789fdd3f6cd701f0c7616b778ac.tar.xz crosvm-d41d726c2f977789fdd3f6cd701f0c7616b778ac.tar.zst crosvm-d41d726c2f977789fdd3f6cd701f0c7616b778ac.zip | |
Add support for plugin mounts
The plugin process may need access to writable directories where it can store its state. Add a plugin-mount option to specify paths that should be mounted into the plugin's jail. BUG=b:80150167 TEST=run plugin_adder and plugin_net_config Change-Id: I2c87d19ab67edaaf99a2cfea6872d3531101d260 Signed-off-by: Chirantan Ekbote <chirantan@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1341106
Diffstat (limited to 'src/main.rs')
| -rw-r--r-- | src/main.rs | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/src/main.rs b/src/main.rs index 8e1e452..e977620 100644 --- a/src/main.rs +++ b/src/main.rs @@ -63,6 +63,12 @@ struct DiskOption { read_only: bool, } +struct BindMount { + src: PathBuf, + dst: PathBuf, + writable: bool, +} + pub struct Config { vcpu_count: Option<u32>, memory: Option<usize>, @@ -71,6 +77,7 @@ pub struct Config { socket_path: Option<PathBuf>, plugin: Option<PathBuf>, plugin_root: Option<PathBuf>, + plugin_mounts: Vec<BindMount>, disks: Vec<DiskOption>, host_ip: Option<net::Ipv4Addr>, netmask: Option<net::Ipv4Addr>, @@ -96,6 +103,7 @@ impl Default for Config { socket_path: None, plugin: None, plugin_root: None, + plugin_mounts: Vec::new(), disks: Vec::new(), host_ip: None, netmask: None, @@ -388,6 +396,48 @@ fn set_argument(cfg: &mut Config, name: &str, value: Option<&str>) -> argument:: "plugin-root" => { cfg.plugin_root = Some(PathBuf::from(value.unwrap().to_owned())); } + "plugin-mount" => { + let components: Vec<&str> = value.unwrap().split(":").collect(); + if components.len() != 3 { + return Err(argument::Error::InvalidValue { + value: value.unwrap().to_owned(), + expected: + "`plugin-mount` must have exactly 3 components: <src>:<dst>:<writable>", + }); + } + + let src = PathBuf::from(components[0]); + if src.is_relative() { + return Err(argument::Error::InvalidValue { + value: components[0].to_owned(), + expected: "the source path for `plugin-mount` must be absolute", + }); + } + if !src.exists() { + return Err(argument::Error::InvalidValue { + value: components[0].to_owned(), + expected: "the source path for `plugin-mount` does not exist", + }); + } + + let dst = PathBuf::from(components[1]); + if dst.is_relative() { + return Err(argument::Error::InvalidValue { + value: components[1].to_owned(), + expected: "the destination path for `plugin-mount` must be absolute", + }); + } + + let writable: bool = + components[2] + .parse() + .map_err(|_| argument::Error::InvalidValue { + value: components[2].to_owned(), + expected: "the <writable> component for `plugin-mount` is not valid bool", + })?; + + cfg.plugin_mounts.push(BindMount { src, dst, writable }); + } "vhost-net" => cfg.vhost_net = true, "tap-fd" => { if cfg.tap_fd.is_some() { @@ -456,6 +506,7 @@ fn run_vm(args: std::env::Args) -> std::result::Result<(), ()> { #[cfg(feature = "plugin")] Argument::value("plugin", "PATH", "Absolute path to plugin process to run under crosvm."), Argument::value("plugin-root", "PATH", "Absolute path to a directory that will become root filesystem for the plugin process."), + Argument::value("plugin-mount", "PATH:PATH:BOOL", "Path to be mounted into the plugin's root filesystem. Can be given more than once."), Argument::flag("vhost-net", "Use vhost for networking."), Argument::value("tap-fd", "fd", |