Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mount: add enhanced mount functionality to support run container in userns with host network #3613

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

mount: add enhanced mount functionality to support run container in userns with host network #3613

wants to merge 5 commits into from
+403 −68

Commits on Sep 27, 2022

  1. extend bootstrap message to pass mount fds 

    Extend bootstrap message to pass mount fds for open_tree()/move_mount().

Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
    @jiangliu
    jiangliu authored and Tingting Yang committed Sep 27, 2022
    Configuration menu
    Copy the full SHA
    08c266d View commit details
    Browse the repository at this point in the history

  2. rootfs_linux: enable support of MoveMount() 

    Enhance mountToRootfs() to support MoveMount(), so it could be used
to support cross user namespace mounting.

Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
    @jiangliu
    jiangliu authored and Tingting Yang committed Sep 27, 2022
    Configuration menu
    Copy the full SHA
    56d878e View commit details
    Browse the repository at this point in the history

  3. nsexec: split join_namespaces() into stages 

    Introduce struct namespace_info_t to split join_namespaces() in stages,
so it could be reused later.

Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
    @jiangliu
    jiangliu authored and Tingting Yang committed Sep 27, 2022
    Configuration menu
    Copy the full SHA
    844b804 View commit details
    Browse the repository at this point in the history

  4. nsexec: prepare mount fds for cross user namespace mounting 

    Prepare source mount fds for move_mount() to support cross user
namespace mounting.

Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
    @jiangliu
    jiangliu authored and Tingting Yang committed Sep 27, 2022
    Configuration menu
    Copy the full SHA
    2d5bdfb View commit details
    Browse the repository at this point in the history

  5. Enable cross user namespace mounting 

    When a user namespace is enabled for a pod/container, it may fail to
mount /proc, /sys and /dev/mqueue under certain conditions. This may
be solved by enabling cross user namespace mounting.

Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
Signed-off-by: shidao.ytt <shidao.ytt.kernel@linux.alibaba.com>
    Tingting Yang committed Sep 27, 2022
    Configuration menu
    Copy the full SHA
    6dfc4ff View commit details
    Browse the repository at this point in the history