[PATCH] procd: Adding support to detect Pantavisor Container Platform

Paul Spooren mail at aparcar.org
Sat Mar 20 20:19:46 GMT 2021 


On Sat, Mar 20, 2021 at 20:16, Gaurav Pathak 
<gaurav.pathak at pantacor.com> wrote:
> Added a new file pv_platform.h having function is_pantavisor() to 
> detect
> the pantavisor container platform, as it runs a custom modified 
> version
> of LXC, so detecting LXC using is_container() is not returning 
> expected
> result.
> pv_platform.h is derived from container.h to check if procd is running
> in a pantavisor container environment.
> 
> Signed-off-by: Gaurav Pathak <gaurav.pathak at pantacor.com>
> ---

Can't you merge the detection of `/pantavisor` into the 
`is_container()` function? I'd guess that no container ever needs /dev 
mounted as tmpfs, so you could replace is_pantavisor with is_container?

>  initd/early.c   |  5 ++++-
>  initd/zram.c    |  3 ++-
>  plug/coldplug.c |  3 ++-
>  pv_platform.h   | 37 +++++++++++++++++++++++++++++++++++++
>  state.c         |  3 ++-
>  5 files changed, 47 insertions(+), 4 deletions(-)
>  create mode 100644 pv_platform.h
> 
> diff --git a/initd/early.c b/initd/early.c
> index 7b281b2..a564861 100644
> --- a/initd/early.c
> +++ b/initd/early.c
> @@ -26,6 +26,7 @@
>  #include "init.h"
>  #include "../libc-compat.h"
>  #include "../container.h"
> +#include "../pv_platform.h"
> 
>  static void
>  early_dev(void)
> @@ -61,7 +62,9 @@ early_mounts(void)
>  		mount("proc", "/proc", "proc", MS_NOATIME | MS_NODEV | MS_NOEXEC | 
> MS_NOSUID, 0);
>  		mount("sysfs", "/sys", "sysfs", MS_NOATIME | MS_NODEV | MS_NOEXEC 
> | MS_NOSUID, 0);
>  		mount("cgroup", "/sys/fs/cgroup", "cgroup",  MS_NODEV | MS_NOEXEC 
> | MS_NOSUID, 0);
> -		mount("tmpfs", "/dev", "tmpfs", MS_NOATIME | MS_NOSUID, 
> "mode=0755,size=512K");
> +		if (!is_pantavisor()) {
> +			mount("tmpfs", "/dev", "tmpfs", MS_NOATIME | MS_NOSUID, 
> "mode=0755,size=512K");
> +		}
>  		ignore(symlink("/tmp/shm", "/dev/shm"));
>  		mkdir("/dev/pts", 0755);
>  		mount("devpts", "/dev/pts", "devpts", MS_NOATIME | MS_NOEXEC | 
> MS_NOSUID, "mode=600");
> diff --git a/initd/zram.c b/initd/zram.c
> index 380fe0e..21bb3a5 100644
> --- a/initd/zram.c
> +++ b/initd/zram.c
> @@ -13,6 +13,7 @@
> 
>  #include "../log.h"
>  #include "../container.h"
> +#include "../pv_platform.h"
> 
>  #include "init.h"
> 
> @@ -117,7 +118,7 @@ mount_zram_on_tmp(void)
>  		waitpid(pid, NULL, 0);
>  	}
> 
> -	if (!is_container()) {
> +	if (!is_container() && !is_pantavisor()) {
>  		ret = mount("/dev/zram0", "/tmp", "ext4", MS_NOSUID | MS_NODEV | 
> MS_NOATIME, "errors=continue,noquota");
>  		if (ret < 0) {
>  			ERROR("Can't mount /dev/zram0 on /tmp: %m\n");
> diff --git a/plug/coldplug.c b/plug/coldplug.c
> index b185083..37edba4 100644
> --- a/plug/coldplug.c
> +++ b/plug/coldplug.c
> @@ -24,6 +24,7 @@
> 
>  #include "hotplug.h"
>  #include "../container.h"
> +#include "../pv_platform.h"
> 
>  static struct uloop_process udevtrigger;
> 
> @@ -45,7 +46,7 @@ void procd_coldplug(void)
>  	char *argv[] = { "udevtrigger", NULL };
>  	unsigned int oldumask = umask(0);
> 
> -	if (!is_container()) {
> +	if (!is_container() && !is_pantavisor()) {
>  		umount2("/dev/pts", MNT_DETACH);
>  		umount2("/dev/", MNT_DETACH);
>  		mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755,size=512K");
> diff --git a/pv_platform.h b/pv_platform.h
> new file mode 100644
> index 0000000..4045875
> --- /dev/null
> +++ b/pv_platform.h
> @@ -0,0 +1,37 @@
> +/*
> +* Copyright (c) 2017 Pantacor Ltd.
> +*
> +* Permission is hereby granted, free of charge, to any person 
> obtaining a copy
> +* of this software and associated documentation files (the 
> "Software"), to deal
> +* in the Software without restriction, including without limitation 
> the rights
> +* to use, copy, modify, merge, publish, distribute, sublicense, 
> and/or sell
> +* copies of the Software, and to permit persons to whom the Software 
> is
> +* furnished to do so, subject to the following conditions:
> +*
> +* The above copyright notice and this permission notice shall be 
> included in all
> +* copies or substantial portions of the Software.
> +*
> +* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
> EXPRESS OR
> +* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
> MERCHANTABILITY,
> +* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT 
> SHALL THE
> +* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR 
> OTHER
> +* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 
> ARISING FROM,
> +* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 
> DEALINGS IN THE
> +* SOFTWARE.
> +*/
> +
> +#ifndef __PV_PLATFORM_H
> +#define __PV_PLATFORM_H
> +
> +#include <stdlib.h>
> +#include <stdbool.h>
> +#include <sys/stat.h>
> +
> +static inline bool is_pantavisor() {
> +	struct stat s;
> +	int pv_r = stat("/pantavisor", &s);
> +	return pv_r == 0;
> +}
> +
> +#endif
> +
> diff --git a/state.c b/state.c
> index e117ea3..d72a971 100644
> --- a/state.c
> +++ b/state.c
> @@ -21,6 +21,7 @@
>  #include <signal.h>
> 
>  #include "container.h"
> +#include "pv_platform.h"
>  #include "procd.h"
>  #include "syslog.h"
>  #include "plug/hotplug.h"
> @@ -104,7 +105,7 @@ static void perform_halt()
>  	/* Allow time for last message to reach serial console, etc */
>  	sleep(1);
> 
> -	if (is_container()) {
> +	if (is_container() || is_pantavisor()) {
>  		reboot(reboot_event);
>  		exit(EXIT_SUCCESS);
>  		return;
> --
> 2.25.1
> 
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel

More information about the openwrt-devel mailing list