kata_agent: use virtio-fs shared dir in CreateSandbox

Use virtio-fs instead of virtio-9p when virtio-fs is enabled. Fixes: #1542 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2025-06-29 16:57:18 +00:00 · 2018-07-06 10:44:23 +01:00 · 2018-07-06 10:44:23 +01:00 · 82d1a9d6f4
commit 82d1a9d6f4
parent 9480978364
1 changed files with 38 additions and 23 deletions
--- a/virtcontainers/kata_agent.go
+++ b/virtcontainers/kata_agent.go
@ -65,22 +65,25 @@ var (
 	mountGuest9pTag       = "kataShared"
 	kataGuestSandboxDir   = "/run/kata-containers/sandbox/"
 	type9pFs              = "9p"
 	typeVirtioFS          = "virtio_fs"
 	vsockSocketScheme     = "vsock"
 	// port numbers below 1024 are called privileged ports. Only a process with
 	// CAP_NET_BIND_SERVICE capability may bind to these port numbers.
-	vSockPort            = 1024
+	vSockPort                = 1024
-	kata9pDevType        = "9p"
+	kata9pDevType            = "9p"
-	kataMmioBlkDevType   = "mmioblk"
+	kataMmioBlkDevType       = "mmioblk"
-	kataBlkDevType       = "blk"
+	kataBlkDevType           = "blk"
-	kataSCSIDevType      = "scsi"
+	kataSCSIDevType          = "scsi"
-	kataNvdimmDevType    = "nvdimm"
+	kataNvdimmDevType        = "nvdimm"
-	sharedDir9pOptions   = []string{"trans=virtio,version=9p2000.L,cache=mmap", "nodev"}
+	kataVirtioFSDevType      = "virtio-fs"
-	shmDir               = "shm"
+	sharedDir9pOptions       = []string{"trans=virtio,version=9p2000.L,cache=mmap", "nodev"}
-	kataEphemeralDevType = "ephemeral"
+	sharedDirVirtioFSOptions = []string{"default_permissions,allow_other,rootmode=040000,user_id=0,group_id=0,dax,tag=" + mountGuest9pTag, "nodev"}
-	ephemeralPath        = filepath.Join(kataGuestSandboxDir, kataEphemeralDevType)
+	shmDir                   = "shm"
-	grpcMaxDataSize      = int64(1024 * 1024)
+	kataEphemeralDevType     = "ephemeral"
-	localDirOptions      = []string{"mode=0777"}
+	ephemeralPath            = filepath.Join(kataGuestSandboxDir, kataEphemeralDevType)
-	maxHostnameLen       = 64
+	grpcMaxDataSize          = int64(1024 * 1024)
 	localDirOptions          = []string{"mode=0777"}
 	maxHostnameLen           = 64
 )
 const (
@ -738,22 +741,34 @@ func (k *kataAgent) startSandbox(sandbox *Sandbox) error {
 	// append 9p shared volume to storages only if filesystem sharing is supported
 	if caps.IsFsSharingSupported() {
 		sharedDir9pOptions = append(sharedDir9pOptions, fmt.Sprintf("msize=%d", sandbox.config.HypervisorConfig.Msize9p))
 		// We mount the shared directory in a predefined location
 		// in the guest.
 		// This is where at least some of the host config files
 		// (resolv.conf, etc...) and potentially all container
 		// rootfs will reside.
-		sharedVolume := &grpc.Storage{
+		if sandbox.config.HypervisorConfig.SharedFS == config.VirtioFS {
-			Driver:     kata9pDevType,
+			sharedVolume := &grpc.Storage{
-			Source:     mountGuest9pTag,
+				Driver:     kataVirtioFSDevType,
-			MountPoint: kataGuestSharedDir,
+				Source:     "none",
-			Fstype:     type9pFs,
+				MountPoint: kataGuestSharedDir,
-			Options:    sharedDir9pOptions,
+				Fstype:     typeVirtioFS,
-		}
+				Options:    sharedDirVirtioFSOptions,
 			}
-		storages = append(storages, sharedVolume)
+			storages = append(storages, sharedVolume)
 		} else {
 			sharedDir9pOptions = append(sharedDir9pOptions, fmt.Sprintf("msize=%d", sandbox.config.HypervisorConfig.Msize9p))
 			sharedVolume := &grpc.Storage{
 				Driver:     kata9pDevType,
 				Source:     mountGuest9pTag,
 				MountPoint: kataGuestSharedDir,
 				Fstype:     type9pFs,
 				Options:    sharedDir9pOptions,
 			}
 			storages = append(storages, sharedVolume)
 		}
 	}
 	if sandbox.shmSize > 0 {