github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-20 16:27:52 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #828 from teawater/dev

Browse Source 
newContainer: Not attach device if it is a CDROM
This commit is contained in:
Graham Whaley
2018-11-08 16:58:35 +00:00
committed by GitHub
parent d895cd0f2d 193b324242
commit a935f8a1f4
1 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
virtcontainers/container.go
View File

@@ -28,6 +28,25 @@ import (
"github.com/kata-containers/runtime/virtcontainers/utils" "github.com/kata-containers/runtime/virtcontainers/utils"
) )
// https://github.com/torvalds/linux/blob/master/include/uapi/linux/major.h
// This file has definitions for major device numbers.
var cdromMajors = map[int64]string{
11: "SCSI_CDROM_MAJOR",
15: "CDU31A_CDROM_MAJOR",
16: "GOLDSTAR_CDROM_MAJOR",
17: "OPTICS_CDROM_MAJOR",
18: "SANYO_CDROM_MAJOR",
20: "MITSUMI_X_CDROM_MAJOR",
23: "MITSUMI_CDROM_MAJOR",
24: "CDU535_CDROM_MAJOR",
25: "MATSUSHITA_CDROM_MAJOR",
26: "MATSUSHITA_CDROM2_MAJOR",
27: "MATSUSHITA_CDROM3_MAJOR",
28: "MATSUSHITA_CDROM4_MAJOR",
29: "AZTECH_CDROM_MAJOR",
32: "CM206_CDROM_MAJOR",
}
// Process gathers data related to a container process. // Process gathers data related to a container process.
type Process struct { type Process struct {
// Token is the process execution context ID. It must be // Token is the process execution context ID. It must be
@@ -522,6 +541,20 @@ func (c *Container) unmountHostMounts() error {
return nil return nil
} }
func filterDevices(sandbox *Sandbox, c *Container, devices []ContainerDevice) (ret []ContainerDevice) {
for _, dev := range devices {
major, _ := sandbox.devManager.GetDeviceByID(dev.ID).GetMajorMinor()
if _, ok := cdromMajors[major]; ok {
c.Logger().WithFields(logrus.Fields{
"device": dev.ContainerPath,
}).Info("Not attach device because it is a CDROM")
continue
}
ret = append(ret, dev)
}
return
}
// newContainer creates a Container structure from a sandbox and a container configuration. // newContainer creates a Container structure from a sandbox and a container configuration.
func newContainer(sandbox *Sandbox, contConfig ContainerConfig) (*Container, error) { func newContainer(sandbox *Sandbox, contConfig ContainerConfig) (*Container, error) {
span, _ := sandbox.trace("newContainer") span, _ := sandbox.trace("newContainer")
@@ -609,11 +642,12 @@ func newContainer(sandbox *Sandbox, contConfig ContainerConfig) (*Container, err
return &Container{}, err return &Container{}, err
} }
c.devices = append(c.devices, ContainerDevice{ storedDevices = append(storedDevices, ContainerDevice{
ID: dev.DeviceID(), ID: dev.DeviceID(),
ContainerPath: info.ContainerPath, ContainerPath: info.ContainerPath,
}) })
} }
c.devices = filterDevices(sandbox, c, storedDevices)
} }
return c, nil return c, nil