hypervisor: support user space mounts

This commit introduces the ability to mount custom files and folders from the host operating system onto a partition. The hypervisor configuration is adjusted as follows at partition layer: ```yaml mounts: - [ "/dev/urandom", "/dev/urandom"] - [ "/dev/urandom", "/dev/random"] - [ "/a/file/on/the/host", "/guest" ] ``` Future features could additionally include the ability to mount things read-only, etc. Fixes #42
DLR-FT · Feb 21, 2023 · bd5b70b · bd5b70b
1 parent db684ec
commit bd5b70b
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/hypervisor/src/hypervisor/config.rs b/hypervisor/src/hypervisor/config.rs
@@ -38,6 +38,8 @@ pub struct Partition {
     pub devices: Vec<Device>,
     #[serde(default)]
     pub hm_table: PartitionHMTable,
+    #[serde(default)]
+    pub mounts: Vec<(PathBuf, PathBuf)>,
 }
 
 #[derive(Debug, Serialize, Deserialize, Clone)]

diff --git a/hypervisor/src/hypervisor/partition.rs b/hypervisor/src/hypervisor/partition.rs
@@ -174,7 +174,7 @@ impl Run {
                 Partition::release_fds(&keep).unwrap();
 
                 // Mount the required mounts
-                let mounts = [
+                let mut mounts = vec![
                     // Mount working directory as tmpfs
                     FileMounter {
                         source: None,
@@ -222,6 +222,34 @@ impl Run {
                     },
                 ];
 
+                for m in &base.mounts {
+                    let source = m.0.clone();
+                    let mut target = m.1.clone();
+
+                    if !source.exists() {
+                        panic!("File/Directory {} not existent", m.0.display());
+                    }
+
+                    if target.is_absolute() {
+                        // Convert absolute paths into relative ones.
+                        // Otherwise we will receive a permission error.
+                        // TODO: Make this a function?
+                        target = target.strip_prefix("/").unwrap().into();
+                        assert!(target.is_relative());
+                    }
+
+                    mounts.push(FileMounter {
+                        source: Some(source),
+                        target: target,
+                        fstype: None,
+                        flags: MsFlags::MS_BIND,
+                        data: None,
+                        is_dir: m.0.is_dir(),
+                    });
+                }
+
+                // TODO: Check for duplicate mounts
+
                 for m in mounts {
                     debug!("mounting {:?}", &m);
                     m.mount(base.working_dir.path()).unwrap();
@@ -449,6 +477,7 @@ pub(crate) struct Base {
     hm: PartitionHMTable,
     id: i64,
     bin: PathBuf,
+    mounts: Vec<(PathBuf, PathBuf)>,
     cgroup: CGroup,
     sampling_channel: HashMap<String, SamplingConstant>,
     duration: Duration,
@@ -517,6 +546,7 @@ impl Partition {
             id: config.id,
             cgroup,
             bin: config.image,
+            mounts: config.mounts,
             duration: config.duration,
             period: config.period,
             working_dir,