lxd/forksyscall: Fix idmapped mount code path

Signed-off-by: Stéphane Graber <[email protected]> Signed-off-by: Alexander Mikhalitsyn <[email protected]>
canonical · Oct 30, 2023 · 0e54f20 · 0e54f20
1 parent 67b8a1a
commit 0e54f20
Showing 1 changed file with 23 additions and 1 deletion.
diff --git a/lxd/main_forksyscall.go b/lxd/main_forksyscall.go
@@ -441,9 +441,31 @@ static void mount_emulate(void)
 			_exit(EXIT_FAILURE);
 	} else if (strcmp(shiftfs, "idmapped") == 0) {
 		int fd_tree;
+		int fs_fd = -EBADF;
 
-		fd_tree = mount_detach_idmap(source, fd_userns);
+		struct lxc_mount_attr attr = {
+		    .attr_set		= MOUNT_ATTR_IDMAP,
+		};
+
+		fs_fd = lxd_fsopen(fstype, FSOPEN_CLOEXEC);
+		if (fs_fd < 0)
+			die("error: failed to create detached idmapped mount: fsopen");
+
+		ret = lxd_fsconfig(fs_fd, FSCONFIG_SET_STRING, "source", source, 0);
+		if (ret < 0)
+			die("error: failed to create detached idmapped mount: fsconfig");
+
+		ret = lxd_fsconfig(fs_fd, FSCONFIG_CMD_CREATE, NULL, NULL, 0);
+		if (ret < 0)
+			die("error: failed to create detached idmapped mount: fsconfig");
+
+		fd_tree = lxd_fsmount(fs_fd, FSMOUNT_CLOEXEC, flags);
 		if (fd_tree < 0)
+			die("error: failed to create detached idmapped mount: fsmount");
+
+		attr.userns_fd = fd_userns;
+		ret = lxd_mount_setattr(fd_tree, "", AT_EMPTY_PATH, &attr, sizeof(attr));
+		if (ret < 0)
 			die("error: failed to create detached idmapped mount");
 
 		ret = setns(fd_mntns, CLONE_NEWNS);