cleaned up/simplified the mount tunnel implementation

Signed-off-by: Gurdal Oruklu <[email protected]>

CMakeLists.txt

@@ -168,6 +168,7 @@ find_package( breakpad QUIET )
 find_path(LINUXMOUNT NAMES "linux/mount.h")
 if(NOT LINUXMOUNT)
   message( "Couldn't find linux/mount.h. You may need to upgrade your kernel to 5.2 or later" )
+  add_definitions( -DUSE_MOUNT_TUNNEL )
 else()
   message("Found linux/mount.h")
   add_definitions( -DHAVE_LINUX_MOUNT_H )

bundle/runtime-schemas/defs-plugins.json

@@ -385,30 +385,6 @@
                                 }
                             }
                         },
-                        "mounttunnel": {
-                            "type": "array",
-                            "items": {
-                                "type": "object",
-                                "required": [
-                                    "destination",
-                                    "source"
-                                ],
-                                "properties": {
-                                    "destination": {
-                                        "type": "string"
-                                    },
-                                    "flags": {
-                                        "$ref": "defs.json#/definitions/int32"
-                                    },
-                                    "options": {
-                                        "$ref": "defs.json#/definitions/ArrayOfStrings"
-                                    },
-                                    "source": {
-                                        "type": "string"
-                                    }
-                                }
-                            }
-                        },
                         "mountOwner": {
                             "type": "array",
                             "items": {

daemon/lib/source/DobbyManager.cpp

@@ -1924,33 +1924,17 @@ bool DobbyManager::addMount(int32_t cd, const std::string &source, const std::st
     AI_LOG_FN_EXIT();
     return true;
 #else
-    // get the mount tunnel configuration from storage plugin
-    if(it->second->rdkPluginManager == nullptr ||  
-       it->second->rdkPluginManager->getContainerConfig()->rdk_plugins->storage == nullptr || 
-       it->second->rdkPluginManager->getContainerConfig()->rdk_plugins->storage->data->mounttunnel_len == 0)
-    {
-        AI_LOG_ERROR("mount tunnel is not configured in %s", id.c_str());
-        AI_LOG_FN_EXIT();
-        return false;
-    }
-
-    auto mounttunnel = it->second->rdkPluginManager->getContainerConfig()->rdk_plugins->storage->data->mounttunnel[0];
-    if(mounttunnel->source == nullptr || mounttunnel->destination == nullptr)
-    {
-        AI_LOG_ERROR("mount tunnel source or destination not found for %s", id.c_str());
-        AI_LOG_FN_EXIT();
-        return false;
-    }
-
     std::string mountPointInsideContainer = destination;
-    std::string tempMountPointInsideContainer = std::string(mounttunnel->destination) + "/tmpdir";
-    std::string tempMountPointOutsideContainer = std::string(mounttunnel->source) + "/tmpdir";
-
-    AI_LOG_INFO("temp mount point outside container: %s", tempMountPointOutsideContainer.c_str());
-    AI_LOG_INFO("temp mount point inside container: %s", tempMountPointInsideContainer.c_str());
+    std::string tempMountPointInsideContainer = std::string(MOUNT_TUNNEL_CONTAINER_PATH) + "/tmpdir";
+    std::string tempMountPointOutsideContainer = std::string(MOUNT_TUNNEL_HOST_PATH) + "/tmpdir";
 
     // create the temporary mount point outside the container
-    mUtilities->mkdirRecursive(tempMountPointOutsideContainer.c_str(), 0755);
+     if (!mUtilities->mkdirRecursive(tempMountPointOutsideContainer.c_str(), 0755))
+     {
+            AI_LOG_ERROR("failed to create temporary mount point %s", tempMountPointOutsideContainer.c_str());
+            AI_LOG_FN_EXIT();
+            return false;
+     }
 
     // mount the source dir on the temporary mount point outside the container
     // this is needed to move the mount inside the container namespace later
@@ -1962,8 +1946,6 @@ bool DobbyManager::addMount(int32_t cd, const std::string &source, const std::st
         return false;
     }
 
-    AI_LOG_INFO("%s is mounted on %s inside %s", source.c_str(), tempMountPointOutsideContainer.c_str(), id.c_str());
-
     auto doMoveMountLambda = [containerUID, containerGID, tempMountPointInsideContainer, mountPointInsideContainer, mountOptions, mountData]()
     {
         // switch to uid / gid of the host since we are still in the host user namespace

pluginLauncher/lib/include/DobbyRdkPluginUtils.h

@@ -47,6 +47,9 @@
 // but we don't programatically know the workspace dir in this code.
 #define ADDRESS_FILE_DIR          "/tmp/dobby/plugin/networking/"
 
+#define MOUNT_TUNNEL_CONTAINER_PATH  "/mnt/.containermnttunnel"
+#define MOUNT_TUNNEL_HOST_PATH       "/tmp/.hostmnttunnel"
+
 typedef struct ContainerNetworkInfo
 {
     std::string vethName;

rdkPlugins/Storage/CMakeLists.txt

@@ -30,7 +30,6 @@ add_library( ${PROJECT_NAME}
         source/LoopMountDetails.cpp
         source/DynamicMountDetails.cpp
         source/MountOwnerDetails.cpp
-        source/MountTunnelDetails.cpp
         )
 
 target_include_directories(${PROJECT_NAME}

rdkPlugins/Storage/README.md

@@ -54,9 +54,8 @@ It will mount "source" into container "destination" only if the source exists on
     }
 }
 ```
-### Mount tunnels
-Add the following section to your OCI runtime configuration `config.json` file to create a mount tunnel.
-
+### Mount tunnel
+Storage plugin will create a mount tunnel on devices running older linux kernels.
 This will enable dynamic mounting of host devices/directories inside the container on devices running older linux kernels.
 
 You need to have `rootfsPropagation` set to `slave` in the OCI runtime configuration for the tunneling to work.
@@ -65,27 +64,8 @@ Some references :
 - https://brauner.io/2023/02/28/mounting-into-mount-namespaces.html
 - https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt
 
-Please note that devices with kernel 5.4 or higher don't need the mount tunnel for dynamic mounts.
+Please note that devices with kernel 5.4 or higher don't need the mount tunnel for dynamic mounts and this code will be disabled at build time.
 
-In the config example below, `/mnt/hostmnttunnel` dir will be created on the host, `/mnt/containermnttunnel` dir will be created inside the container's rootfs before the container is launched.
-With propagation set to slave mode, any devices or dirs mounted under `/mnt/hostmnttunnel` directory will be visible under `/mnt/containertunnel` inside the container mount namespace allowing dynamic mount() unmount() operations.
-```json
-{
-    "rdkPlugins": {
-        "storage": {
-            "required": true,
-            "data": {
-                "mounttunnel": [
-                    {
-                        "destination": "/mnt/containermnttunnel",
-                        "source": "/mnt/hostmnttunnel"
-                    }
-                ]
-            }
-        }
-    }
-}
-```
 
 ### Mount Owners
 Add the following section to your OCI runtime configuration `config.json` file to configure mount ownership.

rdkPlugins/Storage/source/MountProperties.h

@@ -68,16 +68,4 @@ typedef struct _MountOwnerProperties
 
 } MountOwnerProperties;
 
-/**
-*  @brief MountTunnelProperties struct used for Storage plugin
-*/
-typedef struct _MountTunnelProperties
-{
-    std::string source;
-    std::string destination;
-    std::list<std::string> mountOptions;
-    unsigned long mountFlags;
-
-} MountTunnelProperties;
-
 #endif // !defined(MOUNTPROPERTIES_H)