From ef65c5767fd73b8ae70b8bbe3cb64e68a8628e43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Rop=C3=A9?= Date: Tue, 22 Aug 2023 11:30:18 +0200 Subject: [PATCH] kata-agent: use default filemode for block device when it is set to 0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When the FileMode field for the device is unset (0), use a default value instead to allow the use of the device from the container. This behaviour is seen from cri-o typically. Note: this is what runc is doing, which is why regular containers don't have an issue. This change makes sure kata behaves the same as runc. Fixes: #7717 Signed-off-by: Julien Ropé (cherry picked from commit 40914b25d4dcabad82080020b075769b10d0cf28) Signed-off-by: Greg Kurz --- src/agent/rustjail/src/lib.rs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/agent/rustjail/src/lib.rs b/src/agent/rustjail/src/lib.rs index de91f81bb1..d3647f42eb 100644 --- a/src/agent/rustjail/src/lib.rs +++ b/src/agent/rustjail/src/lib.rs @@ -423,12 +423,18 @@ fn linux_grpc_to_oci(l: &grpc::Linux) -> oci::Linux { let mut r = Vec::new(); for d in l.Devices.iter() { + // if the filemode for the device is 0 (unset), use a default value as runc does + let filemode = if d.FileMode != 0 { + Some(d.FileMode) + } else { + Some(0o666) + }; r.push(oci::LinuxDevice { path: d.Path.clone(), r#type: d.Type.clone(), major: d.Major, minor: d.Minor, - file_mode: Some(d.FileMode), + file_mode: filemode, uid: Some(d.UID), gid: Some(d.GID), });