genpolicy: fix mount source check in rules.rego

This commit fixes the mount source check in rules.rego. Signed-off-by: Archana Choudhary <archana1@microsoft.com>
2025-08-27 20:18:57 +00:00 · 2025-06-16 11:52:58 +00:00 · 2025-06-16 11:52:58 +00:00 · 9dd365fdb5
commit 9dd365fdb5
parent 1cbea890f1
1 changed files with 1 additions and 1 deletions
--- a/src/tools/genpolicy/rules.rego
+++ b/src/tools/genpolicy/rules.rego
@ -1252,7 +1252,7 @@ allow_mount_point(p_storage, i_storage, bundle_id, sandbox_id, layer_ids) if {
    mount1 := p_storage.mount_point
    print("allow_mount_point 3: mount1 =", mount1)

-    mount2 := replace(mount1, "$(cpath)", policy_data.common.cpath)
+    mount2 := replace(mount1, "$(cpath)", policy_data.common.mount_source_cpath)
    print("allow_mount_point 3: mount2 =", mount2)

    mount3 := replace(mount2, "$(sandbox-id)", sandbox_id)