config: Whitelist hypervisor annotations by name

Add a field "enable_annotations" to the runtime configuration that can
be used to whitelist annotations using a list of regular expressions,
which are used to match any part of the base annotation name, i.e. the
part after "io.katacontainers.config.hypervisor."

For example, the following configuraiton will match "virtio_fs_daemon",
"initrd" and "jailer_path", but not "path" nor "firmware":

  enable_annotations = [ "virtio.*", "initrd", "_path" ]

The default is an empty list of enabled annotations, which disables
annotations entirely.

If an anontation is rejected, the message is something like:

  annotation io.katacontainers.config.hypervisor.virtio_fs_daemon is not enabled

Fixes: #901

Suggested-by: Peng Tao <tao.peng@linux.alibaba.com>
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>

src/runtime/virtcontainers/hypervisor.go

@@ -437,6 +437,9 @@ type HypervisorConfig struct {
 	// SGXEPCSize specifies the size in bytes for the EPC Section.
 	// Enable SGX. Hardware-based isolation and memory encryption.
 	SGXEPCSize int64
+
+	// Enable annotations by name
+	EnableAnnotations []string
 }
 
 // vcpu mapping from vcpu number to thread number

src/runtime/virtcontainers/persist.go

@@ -254,6 +254,7 @@ func (s *Sandbox) dumpConfig(ss *persistapi.SandboxState) {
 		RxRateLimiterMaxRate:    sconfig.HypervisorConfig.RxRateLimiterMaxRate,
 		TxRateLimiterMaxRate:    sconfig.HypervisorConfig.TxRateLimiterMaxRate,
 		SGXEPCSize:              sconfig.HypervisorConfig.SGXEPCSize,
+		EnableAnnotations:       sconfig.HypervisorConfig.EnableAnnotations,
 	}
 
 	ss.Config.KataAgentConfig = &persistapi.KataAgentConfig{
@@ -522,6 +523,7 @@ func loadSandboxConfig(id string) (*SandboxConfig, error) {
 		RxRateLimiterMaxRate:    hconf.RxRateLimiterMaxRate,
 		TxRateLimiterMaxRate:    hconf.TxRateLimiterMaxRate,
 		SGXEPCSize:              hconf.SGXEPCSize,
+		EnableAnnotations:       hconf.EnableAnnotations,
 	}
 
 	sconfig.AgentConfig = KataAgentConfig{

src/runtime/virtcontainers/persist/api/config.go

@@ -208,6 +208,9 @@ type HypervisorConfig struct {
 	// SGXEPCSize specifies the size in bytes for the EPC Section.
 	// Enable SGX. Hardware-based isolation and memory encryption.
 	SGXEPCSize int64
+
+	// Enable annotations by name
+	EnableAnnotations []string
 }
 
 // KataAgentConfig is a structure storing information needed

src/runtime/virtcontainers/pkg/annotations/annotations.go

@@ -28,6 +28,7 @@ const (
 	//
 	// Assets
 	//
+	KataAnnotationHypervisorPrefix = kataAnnotHypervisorPrefix
 
 	// KernelPath is a sandbox annotation for passing a per container path pointing at the kernel needed to boot the container VM.
 	KernelPath = kataAnnotHypervisorPrefix + "kernel"

src/runtime/virtcontainers/pkg/oci/utils.go

@@ -213,6 +213,14 @@ func checkPathIsInGlobList(list []string, path string) bool {
 	return false
 }
 
+// Check if an annotation name either belongs to another prefix, matches regexp list
+func checkAnnotationNameIsValid(list []string, name string, prefix string) bool {
+	if strings.HasPrefix(name, prefix) {
+		return regexpContains(list, strings.TrimPrefix(name, prefix))
+	}
+	return true
+}
+
 func newLinuxDeviceInfo(d specs.LinuxDevice) (*config.DeviceInfo, error) {
 	allowedDeviceTypes := []string{"c", "b", "u", "p"}
 
@@ -346,6 +354,11 @@ func SandboxID(spec specs.Spec) (string, error) {
 }
 
 func addAnnotations(ocispec specs.Spec, config *vc.SandboxConfig, runtime RuntimeConfig) error {
+	for key := range ocispec.Annotations {
+		if !checkAnnotationNameIsValid(runtime.HypervisorConfig.EnableAnnotations, key, vcAnnotations.KataAnnotationHypervisorPrefix) {
+			return fmt.Errorf("annotation %v is not enabled", key)
+		}
+	}
 	addAssetAnnotations(ocispec, config)
 	if err := addHypervisorConfigOverrides(ocispec, config, runtime); err != nil {
 		return err