[pve-devel] applied-series: [PATCH v4 ct 00/12] mount hotplugging & new mount api

Thomas Lamprecht t.lamprecht at proxmox.com
Wed Nov 20 19:00:54 CET 2019 

On 11/20/19 8:30 AM, Wolfgang Bumiller wrote:
> Changes to v3:
> * Change mount point staging directory from /run/pve/mountpoints to
>   /var/lib/lxc/.pve-staged-mounts due to allowed mount paths being
>   restricted by the lxc-start apparmor profile.
>   (Only affects path 8, the remaining patches are unchanged)
> 
> Changes to v2:
> * Factor `walk_tree_nofollow` to be usable with fds as starting point.
> * Create destination directory entries (this was completely missing in
>   the staged code path api).
> * Test for new kernel api with `move_mount` instead of `fsopen` since
>   we don't actually use `fsopen` currently.
> * Factor out `mountpoint_insert_staged()` to be used from the pre-start
>   hook & hotplug code (this is where the directory tree creation was
>   added)
> * Rename vmconfig_apply_pending_mountpoint to just apply_pending_mountpoint.
> * Switch into the `/usr/bin/lxc-start` apparmor profile for mount point
>   hotplugging. (Otherwise hotplugging can potentially allow more options
>   than we can use later at a normal container startup.)
> 
> Previous changes from v1 to v2:
> * Add a helper to LXC::PVE::Tools to check for availability of the new
>   mount api (new patch 1), and use that in the prestart hook and mount
>   functions.
> * Add a check to the mount hotplug code to not attempt to perform
>   hotplugging on older kernels.
> 
> Wolfgang Bumiller (12):
>   tools: add can_use_new_mount_api helper
>   split walk_tree_nofollow to allow a start fd
>   implement "staged mountpoints"
>   add mountpoint_insert_staged helper
>   add open_pid_fd, open_lxc_pid, open_ppid helpers
>   split open_namespace out of enter_namespace
>   add get_container_namespace helper
>   add mount stage directory helpers
>   prestart-hook: use staged mountpoints on newer kernels
>   config: apply_pending_mountpoint helper
>   implement mountpoint hotplugging
>   use lxc-start apparmor profile for mount hotplugging
> 
>  src/PVE/LXC.pm            | 233 +++++++++++++++++++++++++++++++++++---
>  src/PVE/LXC/Config.pm     |  94 ++++++++++-----
>  src/PVE/LXC/Tools.pm      |  18 +++
>  src/lxc-pve-prestart-hook |  78 +++++++++++--
>  4 files changed, 372 insertions(+), 51 deletions(-)
> 

applied, much thanks!

Also much thanks to you, Oguz, for testing this so thoroughly and making
some issues surface! Sadly I pushed before I remembered to add your
Tested-b tags, sorry about that.

More information about the pve-devel mailing list