From a1b8a6ffd1f5d494bd570c0171fbb799bc0b11d2 Mon Sep 17 00:00:00 2001
From: Connor Catlett <conncatl@amazon.com>
Date: Wed, 5 Oct 2022 14:46:56 +0000
Subject: [PATCH] Add ability to pass format options in mount-utils

Signed-off-by: Connor Catlett <conncatl@amazon.com>
---
 staging/src/k8s.io/mount-utils/mount.go            | 10 +++++++++-
 staging/src/k8s.io/mount-utils/mount_linux.go      |  3 ++-
 .../src/k8s.io/mount-utils/mount_unsupported.go    |  2 +-
 staging/src/k8s.io/mount-utils/mount_windows.go    |  8 ++++++--
 .../mount-utils/safe_format_and_mount_test.go      | 14 +++++++++++++-
 5 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/staging/src/k8s.io/mount-utils/mount.go b/staging/src/k8s.io/mount-utils/mount.go
index c42836f06c4..57abb69196e 100644
--- a/staging/src/k8s.io/mount-utils/mount.go
+++ b/staging/src/k8s.io/mount-utils/mount.go
@@ -165,7 +165,15 @@ func (mounter *SafeFormatAndMount) FormatAndMount(source string, target string,
 // be used by callers that pass sensitive material (like passwords) as mount
 // options.
 func (mounter *SafeFormatAndMount) FormatAndMountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string) error {
-	return mounter.formatAndMountSensitive(source, target, fstype, options, sensitiveOptions)
+	return mounter.FormatAndMountSensitiveWithFormatOptions(source, target, fstype, options, sensitiveOptions, nil /* formatOptions */)
+}
+
+// FormatAndMountSensitiveWithFormatOptions behaves exactly the same as
+// FormatAndMountSensitive, but allows for options to be passed when the disk
+// is formatted. These options are NOT validated in any way and should never
+// come directly from untrusted user input as that would be an injection risk.
+func (mounter *SafeFormatAndMount) FormatAndMountSensitiveWithFormatOptions(source string, target string, fstype string, options []string, sensitiveOptions []string, formatOptions []string) error {
+	return mounter.formatAndMountSensitive(source, target, fstype, options, sensitiveOptions, formatOptions)
 }
 
 // getMountRefsByDev finds all references to the device provided
diff --git a/staging/src/k8s.io/mount-utils/mount_linux.go b/staging/src/k8s.io/mount-utils/mount_linux.go
index 86323b71234..5adc6953836 100644
--- a/staging/src/k8s.io/mount-utils/mount_linux.go
+++ b/staging/src/k8s.io/mount-utils/mount_linux.go
@@ -469,7 +469,7 @@ func (mounter *SafeFormatAndMount) checkAndRepairFilesystem(source string) error
 }
 
 // formatAndMount uses unix utils to format and mount the given disk
-func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string) error {
+func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string, formatOptions []string) error {
 	readOnly := false
 	for _, option := range options {
 		if option == "ro" {
@@ -521,6 +521,7 @@ func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target
 				source,
 			}
 		}
+		args = append(formatOptions, args...)
 
 		klog.Infof("Disk %q appears to be unformatted, attempting to format as type: %q with options: %v", source, fstype, args)
 		output, err := mounter.Exec.Command("mkfs."+fstype, args...).CombinedOutput()
diff --git a/staging/src/k8s.io/mount-utils/mount_unsupported.go b/staging/src/k8s.io/mount-utils/mount_unsupported.go
index 026505282ce..8e03d643b70 100644
--- a/staging/src/k8s.io/mount-utils/mount_unsupported.go
+++ b/staging/src/k8s.io/mount-utils/mount_unsupported.go
@@ -90,7 +90,7 @@ func (mounter *Mounter) GetMountRefs(pathname string) ([]string, error) {
 	return nil, errUnsupported
 }
 
-func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string) error {
+func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string, formatOptions []string) error {
 	return mounter.Interface.Mount(source, target, fstype, options)
 }
 
diff --git a/staging/src/k8s.io/mount-utils/mount_windows.go b/staging/src/k8s.io/mount-utils/mount_windows.go
index 3800f75d4ac..7c7b396e5fa 100644
--- a/staging/src/k8s.io/mount-utils/mount_windows.go
+++ b/staging/src/k8s.io/mount-utils/mount_windows.go
@@ -273,7 +273,7 @@ func (mounter *Mounter) GetMountRefs(pathname string) ([]string, error) {
 	return []string{pathname}, nil
 }
 
-func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string) error {
+func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target string, fstype string, options []string, sensitiveOptions []string, formatOptions []string) error {
 	// Try to mount the disk
 	klog.V(4).Infof("Attempting to formatAndMount disk: %s %s %s", fstype, source, target)
 
@@ -288,8 +288,12 @@ func (mounter *SafeFormatAndMount) formatAndMountSensitive(source string, target
 	}
 
 	// format disk if it is unformatted(raw)
+	formatOptionsUnwrapped := ""
+	if len(formatOptions) > 0 {
+		formatOptionsUnwrapped = " " + strings.Join(formatOptions, " ")
+	}
 	cmd := fmt.Sprintf("Get-Disk -Number %s | Where partitionstyle -eq 'raw' | Initialize-Disk -PartitionStyle GPT -PassThru"+
-		" | New-Partition -UseMaximumSize | Format-Volume -FileSystem %s -Confirm:$false", source, fstype)
+		" | New-Partition -UseMaximumSize | Format-Volume -FileSystem %s -Confirm:$false%s", source, fstype, formatOptionsUnwrapped)
 	if output, err := mounter.Exec.Command("powershell", "/c", cmd).CombinedOutput(); err != nil {
 		return fmt.Errorf("diskMount: format disk failed, error: %v, output: %q", err, string(output))
 	}
diff --git a/staging/src/k8s.io/mount-utils/safe_format_and_mount_test.go b/staging/src/k8s.io/mount-utils/safe_format_and_mount_test.go
index 4ea39c13845..7d70eb0a98a 100644
--- a/staging/src/k8s.io/mount-utils/safe_format_and_mount_test.go
+++ b/staging/src/k8s.io/mount-utils/safe_format_and_mount_test.go
@@ -68,6 +68,7 @@ func TestSafeFormatAndMount(t *testing.T) {
 		fstype                string
 		mountOptions          []string
 		sensitiveMountOptions []string
+		formatOptions         []string
 		execScripts           []ExecArgs
 		mountErrs             []error
 		expErrorType          MountErrorType
@@ -213,6 +214,15 @@ func TestSafeFormatAndMount(t *testing.T) {
 			},
 			expErrorType: FormatFailed,
 		},
+		{
+			description:   "Test that 'blkid' is called and confirms unformatted disk, format passes, mount passes (with format options)",
+			fstype:        "ext4",
+			formatOptions: []string{"-b", "1024"},
+			execScripts: []ExecArgs{
+				{"blkid", []string{"-p", "-s", "TYPE", "-s", "PTTYPE", "-o", "export", "/dev/foo"}, "", &testingexec.FakeExitError{Status: 2}},
+				{"mkfs.ext4", []string{"-b", "1024", "-F", "-m0", "/dev/foo"}, "", nil},
+			},
+		},
 	}
 
 	for _, test := range tests {
@@ -233,7 +243,9 @@ func TestSafeFormatAndMount(t *testing.T) {
 		device := "/dev/foo"
 		dest := mntDir
 		var err error
-		if len(test.sensitiveMountOptions) == 0 {
+		if len(test.formatOptions) > 0 {
+			err = mounter.FormatAndMountSensitiveWithFormatOptions(device, dest, test.fstype, test.mountOptions, test.sensitiveMountOptions, test.formatOptions)
+		} else if len(test.sensitiveMountOptions) == 0 {
 			err = mounter.FormatAndMount(device, dest, test.fstype, test.mountOptions)
 		} else {
 			err = mounter.FormatAndMountSensitive(device, dest, test.fstype, test.mountOptions, test.sensitiveMountOptions)