newContainer: Not attach device if it is a CDROM

Got "docker: Error response from daemon: OCI runtime create failed: QMP command failed: unknown." when "docker run --privileged" with kata. In qemu part, it got: "Could not open '/dev/sr0': Read-only file system" or "No medium found" The cause is qemu need open block device to get its status. But /dev/sr0 is a CDROM that cannot be opened. This patch let newContainer doesn't attach device if it is a CDROM to handle the issue. Fixes #829 Signed-off-by: Hui Zhu <teawater@hyper.sh>
2025-07-04 02:56:18 +00:00 · 2018-10-30 14:57:13 +08:00 · 2018-10-30 14:57:13 +08:00 · 193b324242
commit 193b324242
parent 58ce1b88c4
1 changed files with 35 additions and 1 deletions
--- a/virtcontainers/container.go
+++ b/virtcontainers/container.go
@ -28,6 +28,25 @@ import (
 	"github.com/kata-containers/runtime/virtcontainers/utils"
 )

+// https://github.com/torvalds/linux/blob/master/include/uapi/linux/major.h
+// This file has definitions for major device numbers.
+var cdromMajors = map[int64]string{
+	11: "SCSI_CDROM_MAJOR",
+	15: "CDU31A_CDROM_MAJOR",
+	16: "GOLDSTAR_CDROM_MAJOR",
+	17: "OPTICS_CDROM_MAJOR",
+	18: "SANYO_CDROM_MAJOR",
+	20: "MITSUMI_X_CDROM_MAJOR",
+	23: "MITSUMI_CDROM_MAJOR",
+	24: "CDU535_CDROM_MAJOR",
+	25: "MATSUSHITA_CDROM_MAJOR",
+	26: "MATSUSHITA_CDROM2_MAJOR",
+	27: "MATSUSHITA_CDROM3_MAJOR",
+	28: "MATSUSHITA_CDROM4_MAJOR",
+	29: "AZTECH_CDROM_MAJOR",
+	32: "CM206_CDROM_MAJOR",
+}
+
 // Process gathers data related to a container process.
 type Process struct {
 	// Token is the process execution context ID. It must be
@ -522,6 +541,20 @@ func (c *Container) unmountHostMounts() error {
 	return nil
 }

+func filterDevices(sandbox *Sandbox, c *Container, devices []ContainerDevice) (ret []ContainerDevice) {
+	for _, dev := range devices {
+		major, _ := sandbox.devManager.GetDeviceByID(dev.ID).GetMajorMinor()
+		if _, ok := cdromMajors[major]; ok {
+			c.Logger().WithFields(logrus.Fields{
+				"device": dev.ContainerPath,
+			}).Info("Not attach device because it is a CDROM")
+			continue
+		}
+		ret = append(ret, dev)
+	}
+	return
+}
+
 // newContainer creates a Container structure from a sandbox and a container configuration.
 func newContainer(sandbox *Sandbox, contConfig ContainerConfig) (*Container, error) {
 	span, _ := sandbox.trace("newContainer")
@ -609,11 +642,12 @@ func newContainer(sandbox *Sandbox, contConfig ContainerConfig) (*Container, err
 				return &Container{}, err
 			}

-			c.devices = append(c.devices, ContainerDevice{
+			storedDevices = append(storedDevices, ContainerDevice{
 				ID:            dev.DeviceID(),
 				ContainerPath: info.ContainerPath,
 			})
 		}
+		c.devices = filterDevices(sandbox, c, storedDevices)
 	}

 	return c, nil