github.com/SagerNet/gvisor@v0.0.0-20210707092255-7731c139d75c/pkg/sentry/fs/proc/fs.go

github.com/SagerNet/gvisor@v0.0.0-20210707092255-7731c139d75c/pkg/sentry/fs/proc/fs.go (about)

     1  // Copyright 2018 The gVisor Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package proc
    16  
    17  import (
    18  	"fmt"
    19  
    20  	"github.com/SagerNet/gvisor/pkg/context"
    21  	"github.com/SagerNet/gvisor/pkg/sentry/fs"
    22  )
    23  
    24  // LINT.IfChange
    25  
    26  // filesystem is a procfs.
    27  //
    28  // +stateify savable
    29  type filesystem struct{}
    30  
    31  func init() {
    32  	fs.RegisterFilesystem(&filesystem{})
    33  }
    34  
    35  // FilesystemName is the name under which the filesystem is registered.
    36  // Name matches fs/proc/root.c:proc_fs_type.name.
    37  const FilesystemName = "proc"
    38  
    39  // Name is the name of the file system.
    40  func (*filesystem) Name() string {
    41  	return FilesystemName
    42  }
    43  
    44  // AllowUserMount allows users to mount(2) this file system.
    45  func (*filesystem) AllowUserMount() bool {
    46  	return true
    47  }
    48  
    49  // AllowUserList allows this filesystem to be listed in /proc/filesystems.
    50  func (*filesystem) AllowUserList() bool {
    51  	return true
    52  }
    53  
    54  // Flags returns that there is nothing special about this file system.
    55  //
    56  // In Linux, proc returns FS_USERNS_VISIBLE | FS_USERNS_MOUNT, see fs/proc/root.c.
    57  func (*filesystem) Flags() fs.FilesystemFlags {
    58  	return 0
    59  }
    60  
    61  // Mount returns the root of a procfs that can be positioned in the vfs.
    62  func (f *filesystem) Mount(ctx context.Context, device string, flags fs.MountSourceFlags, data string, cgroupsInt interface{}) (*fs.Inode, error) {
    63  	// device is always ignored.
    64  
    65  	// Parse generic comma-separated key=value options, this file system expects them.
    66  	options := fs.GenericMountSourceOptions(data)
    67  
    68  	// Proc options parsing checks for either a gid= or hidepid= and barfs on
    69  	// anything else, see fs/proc/root.c:proc_parse_options. Since we don't know
    70  	// what to do with gid= or hidepid=, we blow up if we get any options.
    71  	if len(options) > 0 {
    72  		return nil, fmt.Errorf("unsupported mount options: %v", options)
    73  	}
    74  
    75  	var cgroups map[string]string
    76  	if cgroupsInt != nil {
    77  		cgroups = cgroupsInt.(map[string]string)
    78  	}
    79  
    80  	// Construct the procfs root. Since procfs files are all virtual, we
    81  	// never want them cached.
    82  	return New(ctx, fs.NewNonCachingMountSource(ctx, f, flags), cgroups)
    83  }
    84  
    85  // LINT.ThenChange(../../fsimpl/proc/filesystem.go)