From ba632ba82567069f23e24bc2dd24f0d1fca32c78 Mon Sep 17 00:00:00 2001
From: "alex.lyn" <alex.lyn@antgroup.com>
Date: Wed, 15 Nov 2023 10:37:01 +0800
Subject: [PATCH] runitme-rs: kata with multi-containers sharing one direct
 volume

When multiple containers in a kata pod share one direct volume,
it's important to make sure that the corresponding block device
is only mounted once in the guest. This means that there should
be only one mount entry for the device in the mount information.

Fixes: #8328

Signed-off-by: alex.lyn <alex.lyn@antgroup.com>
---
 .../resource/src/volume/block_volume.rs       | 24 +++++++++----------
 .../crates/resource/src/volume/mod.rs         |  2 +-
 2 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/src/runtime-rs/crates/resource/src/volume/block_volume.rs b/src/runtime-rs/crates/resource/src/volume/block_volume.rs
index d0e361b243..fc79183d1e 100644
--- a/src/runtime-rs/crates/resource/src/volume/block_volume.rs
+++ b/src/runtime-rs/crates/resource/src/volume/block_volume.rs
@@ -35,7 +35,6 @@ impl BlockVolume {
         d: &RwLock<DeviceManager>,
         m: &oci::Mount,
         read_only: bool,
-        cid: &str,
         sid: &str,
     ) -> Result<Self> {
         let mnt_src: &str = &m.source;
@@ -97,23 +96,16 @@ impl BlockVolume {
             .await
             .context("do handle device failed.")?;
 
-        // generate host guest shared path
-        let guest_path = generate_shared_path(m.destination.clone(), read_only, cid, sid)
-            .await
-            .context("generate host-guest shared path failed")?;
-
         // storage
         let mut storage = agent::Storage {
-            mount_point: guest_path.clone(),
+            options: if read_only {
+                vec!["ro".to_string()]
+            } else {
+                Vec::new()
+            },
             ..Default::default()
         };
 
-        storage.options = if read_only {
-            vec!["ro".to_string()]
-        } else {
-            Vec::new()
-        };
-
         // As the true Block Device wrapped in DeviceType, we need to
         // get it out from the wrapper, and the device_id will be for
         // BlockVolume.
@@ -127,6 +119,12 @@ impl BlockVolume {
             device_id = device.device_id;
         }
 
+        // generate host guest shared path
+        let guest_path = generate_shared_path(m.destination.clone(), read_only, &device_id, sid)
+            .await
+            .context("generate host-guest shared path failed")?;
+        storage.mount_point = guest_path.clone();
+
         // In some case, dest is device /dev/xxx
         if m.destination.clone().starts_with("/dev") {
             storage.fs_type = "bind".to_string();
diff --git a/src/runtime-rs/crates/resource/src/volume/mod.rs b/src/runtime-rs/crates/resource/src/volume/mod.rs
index 17cf42a1ec..490181a1df 100644
--- a/src/runtime-rs/crates/resource/src/volume/mod.rs
+++ b/src/runtime-rs/crates/resource/src/volume/mod.rs
@@ -77,7 +77,7 @@ impl VolumeResource {
             } else if is_block_volume(m).context("block volume type")? {
                 // handle block volume
                 Arc::new(
-                    block_volume::BlockVolume::new(d, m, read_only, cid, sid)
+                    block_volume::BlockVolume::new(d, m, read_only, sid)
                         .await
                         .with_context(|| format!("new share fs volume {:?}", m))?,
                 )