From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Thu, 26 Aug 2021 09:06:52 +0000 (+0200)
Subject: conf: support recursive propagation options properly
X-Git-Tag: lxc-5.0.0~102^2~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6b48a57529f4c5ee100898e4ef08220c56e90634;p=thirdparty%2Flxc.git

conf: support recursive propagation options properly

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 0a01916c3..8d0cd5f40 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2270,9 +2270,14 @@ static int parse_vfs_attr(struct lxc_mount_options *opts, char *opt, size_t size
 		if (!strnequal(opt, mo->name, strlen(mo->name)))
 			continue;
 
-		/* TODO: Handle recursive propagation requests. */
+		if (strequal(mo->name, "rslave") ||
+		    strequal(mo->name, "rshared") ||
+		    strequal(mo->name, "runbindable") ||
+		    strequal(mo->name, "rprivate"))
+			opts->propagate_recursively = 1;
+
 		opts->attr.propagation = mo->flag;
-		opts->mnt_flags |= mo->legacy_flag;
+		opts->prop_flags |= mo->legacy_flag;
 		return 0;
 	}
 
@@ -2892,6 +2897,7 @@ static int __lxc_idmapped_mounts_child(struct lxc_handler *handler, FILE *f)
 		struct lxc_mount_options opts = {};
 		int dfd_from;
 		const char *source_relative, *target_relative;
+		struct lxc_mount_attr attr = {};
 
 		ret = parse_lxc_mount_attrs(&opts, mntent.mnt_opts);
 		if (ret < 0)
@@ -2989,21 +2995,51 @@ static int __lxc_idmapped_mounts_child(struct lxc_handler *handler, FILE *f)
 					mnt_seq, cur_mnt_seq);
 		mnt_seq++;
 
-		/* Set remaining mount options. */
-		ret = mount_setattr(fd_from, "", AT_EMPTY_PATH |
+		/* Set regular mount options. */
+		attr = opts.attr;
+		attr.propagation = 0;
+		ret = mount_setattr(fd_from,
+				    "",
+				    AT_EMPTY_PATH |
 				    (opts.bind_recursively ? AT_RECURSIVE : 0),
-				    &opts.attr, sizeof(opts.attr));
+				    &attr,
+				    sizeof(attr));
 		if (ret < 0) {
 			if (opts.optional) {
 				TRACE("Skipping optional idmapped mount");
 				continue;
 			}
 
-			return syserror("Failed to receive notification that parent idmapped detached %smount %d/%s to user namespace %d",
+			return syserror("Failed to set %smount options on detached %d/%s",
 					opts.bind_recursively ? "recursive " : "",
-					dfd_from, source_relative, fd_userns);
+					dfd_from, source_relative);
 		}
 
+		/* Set propagation mount options. */
+		if (opts.attr.propagation) {
+			attr = (struct lxc_mount_attr) {
+				attr.propagation = opts.attr.propagation,
+			};
+
+			ret = mount_setattr(fd_from,
+					"",
+					AT_EMPTY_PATH |
+					(opts.propagate_recursively ? AT_RECURSIVE : 0),
+					&attr,
+					sizeof(attr));
+			if (ret < 0) {
+				if (opts.optional) {
+					TRACE("Skipping optional idmapped mount");
+					continue;
+				}
+
+				return syserror("Failed to set %spropagation mount options on detached %d/%s",
+						opts.bind_recursively ? "recursive " : "",
+						dfd_from, source_relative);
+			}
+		}
+
+
 		/*
 		 * In contrast to the legacy mount codepath we will simplify
 		 * our lifes and just always treat the target mountpoint to be