conf: verify that rootfs is stable after setting up mounts

Apparently some users changed their rootfs via their lxc.mount.entry
entries. Let's not allow that as that can cause confusion during
container setup. So lets verify that the rootfs is stable after setup.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index ce98c6163083ad2c13829ef1ba72ea4ef2f1461e..8e068b8ac85ddcbeb44074ed101d5446e78470f0 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1431,6 +1431,23 @@ static int lxc_mount_rootfs(struct lxc_rootfs *rootfs)
        return log_trace(0, "Container uses separate rootfs. Opened container's rootfs");
 }
 
+static bool lxc_rootfs_overmounted(struct lxc_rootfs *rootfs)
+{
+       __do_close int fd_rootfs = -EBADF;
+
+       if (!rootfs->path)
+               fd_rootfs = open_at(-EBADF, "/", PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_ABSOLUTE, 0);
+       else
+               fd_rootfs = open_at(-EBADF, rootfs->mount, PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_ABSOLUTE_XDEV, 0);
+       if (fd_rootfs < 0)
+               return true;
+
+       if (!same_file_lax(rootfs->dfd_mnt, fd_rootfs))
+               return syswarn_ret(true, "Rootfs seems to have changed after setting up mounts");
+
+       return false;
+}
+
 static int lxc_chroot(const struct lxc_rootfs *rootfs)
 {
        __do_free char *nroot = NULL;
@@ -4363,6 +4380,9 @@ int lxc_setup(struct lxc_handler *handler)
        if (ret < 0)
                return log_error(-1, "Failed to run mount hooks");
 
+       if (lxc_rootfs_overmounted(&lxc_conf->rootfs))
+               return log_error(-1, "Rootfs overmounted");
+
        if (lxc_conf->autodev > 0) {
                ret = run_lxc_hooks(name, "autodev", lxc_conf, NULL);
                if (ret < 0)