genpolicy: validate create sandbox storages

Reject any unexpected values from the CreateSandboxRequest storages field. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
2025-07-15 16:13:20 +00:00 · 2024-01-04 22:28:24 +00:00 · 2024-01-04 22:28:24 +00:00 · 7fe44d3a3d
commit 7fe44d3a3d
parent dfd0ca9bfe
5 changed files with 56 additions and 1 deletions
--- a/src/tools/genpolicy/genpolicy-settings.json
+++ b/src/tools/genpolicy/genpolicy-settings.json
@ -213,6 +213,25 @@
        "/var/run/secrets/kubernetes.io/serviceaccount",
        "/var/run/secrets/azure/tokens"
    ],
+    "sandbox": {
+        "storages": [
+            {
+                "driver": "ephemeral",
+                "driver_options": [],
+                "source": "shm",
+                "fstype": "tmpfs",
+                "options": [
+                    "noexec",
+                    "nosuid",
+                    "nodev",
+                    "mode=1777",
+                    "size=67108864"
+                ],
+                "mount_point": "/run/kata-containers/sandbox/shm",
+                "fs_group": null
+            }
+        ]
+    },
    "common": {
        "cpath": "/run/kata-containers/shared/containers",
        "mount_source_cpath": "/run/kata-containers/shared/containers",
--- a/src/tools/genpolicy/rules.rego
+++ b/src/tools/genpolicy/rules.rego
@ -823,7 +823,7 @@ mount_source_allows(p_mount, i_mount, bundle_id, sandbox_id) {
 }

 ######################################################################
-# Storages
+# Create container Storages

 allow_storages(p_storages, i_storages, bundle_id, sandbox_id) {
    p_count := count(p_storages)
@ -1096,6 +1096,27 @@ check_directory_traversal(i_path) {
    not regex.match("(^|/)..($|/)", i_path)
 }

+allow_sandbox_storages(i_storages) {
+    print("allow_sandbox_storages: i_storages =", i_storages)
+
+    p_storages := policy_data.sandbox.storages
+    every i_storage in i_storages {
+        allow_sandbox_storage(p_storages, i_storage)
+    }
+
+    print("allow_sandbox_storages: true")
+}
+
+allow_sandbox_storage(p_storages, i_storage) {
+    print("allow_sandbox_storage: i_storage =", i_storage)
+
+    some p_storage in p_storages
+    print("allow_sandbox_storage: p_storage =", p_storage)
+    i_storage == p_storage
+
+    print("allow_sandbox_storage: true")
+}
+
 CopyFileRequest {
    print("CopyFileRequest: input.path =", input.path)

@ -1122,6 +1143,7 @@ CreateSandboxRequest {
    i_pidns := input.sandbox_pidns
    print("CreateSandboxRequest: i_pidns =", i_pidns)
    i_pidns == false
+    allow_sandbox_storages(input.storages)
 }

 ExecProcessRequest {
--- a/src/tools/genpolicy/src/policy.rs
+++ b/src/tools/genpolicy/src/policy.rs
@ -58,6 +58,9 @@ pub struct PolicyData {
    /// Settings read from genpolicy-settings.json.
    pub common: CommonData,

+    /// Sandbox settings read from genpolicy-settings.json.
+    pub sandbox: SandboxData,
+
    /// Settings read from genpolicy-settings.json, related directly to each
    /// kata agent endpoint, that get added to the output policy.
    pub request_defaults: RequestDefaults,
@ -391,6 +394,13 @@ pub struct ClusterConfig {
    pub pause_container_image: String,
 }

+/// Struct used to read data from the settings file and copy that data into the policy.
+#[derive(Clone, Debug, Serialize, Deserialize)]
+pub struct SandboxData {
+    /// Expected value of the CreateSandboxRequest storages field.
+    pub storages: Vec<agent::Storage>,
+}
+
 impl AgentPolicy {
    pub async fn from_files(config: &utils::Config) -> Result<AgentPolicy> {
        let mut config_maps = Vec::new();
@ -498,6 +508,7 @@ impl AgentPolicy {
            containers: policy_containers,
            request_defaults: self.config.settings.request_defaults.clone(),
            common: self.config.settings.common.clone(),
+            sandbox: self.config.settings.sandbox.clone(),
        };

        let json_data = serde_json::to_string_pretty(&policy_data).unwrap();
--- a/src/tools/genpolicy/src/settings.rs
+++ b/src/tools/genpolicy/src/settings.rs
@ -24,6 +24,7 @@ pub struct Settings {
    pub request_defaults: policy::RequestDefaults,
    pub common: policy::CommonData,
    pub mount_destinations: Vec<String>,
+    pub sandbox: policy::SandboxData,
 }

 /// Volume settings loaded from genpolicy-settings.json.
--- a/tests/integration/kubernetes/tests_common.sh
+++ b/tests/integration/kubernetes/tests_common.sh
@ -103,6 +103,8 @@ adapt_common_policy_settings_for_cbl_mariner() {
 	info "Adapting common policy settings for CBL-Mariner"
 	jq '.request_defaults.UpdateEphemeralMountsRequest = true' "${settings_dir}/genpolicy-settings.json" > temp.json && sudo mv temp.json "${settings_dir}/genpolicy-settings.json"
 	jq '.kata_config.oci_version = "1.1.0-rc.1"' "${settings_dir}/genpolicy-settings.json" > temp.json && sudo mv temp.json "${settings_dir}/genpolicy-settings.json"
+	jq '.sandbox.storages += [{"driver":"virtio-fs","driver_options":[],"fs_group":null,"fstype":"virtiofs","mount_point":"/run/kata-containers/shared/containers/","options":[],"source":"kataShared"}]' \
+	"${settings_dir}/genpolicy-settings.json" > temp.json && sudo mv temp.json "${settings_dir}/genpolicy-settings.json"
 }

 # adapt common policy settings for various platforms