[exp] move Path to device.Rule

FIXME doc this Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
opencontainers · Sep 21, 2022 · b66b2f2 · b66b2f2
1 parent 91c0a7a
commit b66b2f2
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 11 deletions.
diff --git a/libcontainer/devices/device.go b/libcontainer/devices/device.go
@@ -13,9 +13,6 @@ const (
 type Device struct {
 	Rule
 
-	// Path to the device.
-	Path string `json:"path"`
-
 	// FileMode permission bits for the device.
 	FileMode os.FileMode `json:"file_mode"`
 
@@ -147,6 +144,9 @@ type Rule struct {
 	// Minor is the device's minor number.
 	Minor int64 `json:"minor"`
 
+	// Path is an optional absolute path to device file.
+	Path string
+
 	// Permissions is the set of permissions that this rule applies to (in the
 	// cgroupv1 format -- any combination of "rwm").
 	Permissions Permissions `json:"permissions"`

diff --git a/libcontainer/devices/device_unix.go b/libcontainer/devices/device_unix.go
@@ -59,9 +59,9 @@ func DeviceFromPath(path, permissions string) (*Device, error) {
 			Type:        devType,
 			Major:       int64(major),
 			Minor:       int64(minor),
+			Path:        path,
 			Permissions: Permissions(permissions),
 		},
-		Path:     path,
 		FileMode: os.FileMode(mode &^ unix.S_IFMT),
 		Uid:      stat.Uid,
 		Gid:      stat.Gid,

diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
@@ -207,11 +207,11 @@ var AllowedDevices = []*devices.Device{
 		},
 	},
 	{
-		Path:     "/dev/null",
 		FileMode: 0o666,
 		Uid:      0,
 		Gid:      0,
 		Rule: devices.Rule{
+			Path:        "/dev/null",
 			Type:        devices.CharDevice,
 			Major:       1,
 			Minor:       3,
@@ -220,11 +220,11 @@ var AllowedDevices = []*devices.Device{
 		},
 	},
 	{
-		Path:     "/dev/random",
 		FileMode: 0o666,
 		Uid:      0,
 		Gid:      0,
 		Rule: devices.Rule{
+			Path:        "/dev/random",
 			Type:        devices.CharDevice,
 			Major:       1,
 			Minor:       8,
@@ -233,11 +233,11 @@ var AllowedDevices = []*devices.Device{
 		},
 	},
 	{
-		Path:     "/dev/full",
 		FileMode: 0o666,
 		Uid:      0,
 		Gid:      0,
 		Rule: devices.Rule{
+			Path:        "/dev/full",
 			Type:        devices.CharDevice,
 			Major:       1,
 			Minor:       7,
@@ -246,11 +246,11 @@ var AllowedDevices = []*devices.Device{
 		},
 	},
 	{
-		Path:     "/dev/tty",
 		FileMode: 0o666,
 		Uid:      0,
 		Gid:      0,
 		Rule: devices.Rule{
+			Path:        "/dev/tty",
 			Type:        devices.CharDevice,
 			Major:       5,
 			Minor:       0,
@@ -259,11 +259,11 @@ var AllowedDevices = []*devices.Device{
 		},
 	},
 	{
-		Path:     "/dev/zero",
 		FileMode: 0o666,
 		Uid:      0,
 		Gid:      0,
 		Rule: devices.Rule{
+			Path:        "/dev/zero",
 			Type:        devices.CharDevice,
 			Major:       1,
 			Minor:       5,
@@ -272,11 +272,11 @@ var AllowedDevices = []*devices.Device{
 		},
 	},
 	{
-		Path:     "/dev/urandom",
 		FileMode: 0o666,
 		Uid:      0,
 		Gid:      0,
 		Rule: devices.Rule{
+			Path:        "/dev/urandom",
 			Type:        devices.CharDevice,
 			Major:       1,
 			Minor:       9,
@@ -296,6 +296,7 @@ var AllowedDevices = []*devices.Device{
 	},
 	{
 		Rule: devices.Rule{
+			Path:        "/dev/ptmx",
 			Type:        devices.CharDevice,
 			Major:       5,
 			Minor:       2,
@@ -700,6 +701,7 @@ func CreateCgroupConfig(opts *CreateOpts, defaultDevs []*devices.Device) (*confi
 					Type:        dt,
 					Major:       major,
 					Minor:       minor,
+					Path:        d.Path,
 					Permissions: devices.Permissions(d.Access),
 					Allow:       d.Allow,
 				})
@@ -911,8 +913,8 @@ next:
 					Type:  dt,
 					Major: d.Major,
 					Minor: d.Minor,
+					Path:  d.Path,
 				},
-				Path:     d.Path,
 				FileMode: filemode,
 				Uid:      uid,
 				Gid:      gid,

diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go