conf: improve rootfs setup

src/lxc/conf.h

@@ -398,8 +398,8 @@ extern int lxc_clear_environment(struct lxc_conf *c);
 extern int lxc_clear_limits(struct lxc_conf *c, const char *key);
 extern int lxc_delete_autodev(struct lxc_handler *handler);
 extern void lxc_clear_includes(struct lxc_conf *conf);
-extern int do_rootfs_setup(struct lxc_conf *conf, const char *name,
-			   const char *lxcpath);
+extern int lxc_setup_rootfs_prepare_root(struct lxc_conf *conf,
+					 const char *name, const char *lxcpath);
 extern int lxc_setup(struct lxc_handler *handler);
 extern int lxc_setup_parent(struct lxc_handler *handler);
 extern int setup_resource_limits(struct lxc_list *limits, pid_t pid);
@@ -413,6 +413,7 @@ extern int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *),
 			    void *data, const char *fn_name);
 extern int parse_mntopts(const char *mntopts, unsigned long *mntflags,
 			 char **mntdata);
+extern int parse_propagationopts(const char *mntopts, unsigned long *pflags);
 extern void tmp_proc_unmount(struct lxc_conf *lxc_conf);
 extern void remount_all_slave(void);
 extern void suggest_default_idmap(void);

src/lxc/criu.c

@@ -1015,7 +1015,8 @@ static void do_restore(struct lxc_container *c, int status_pipe, struct migrate_
 		rootfs = &c->lxc_conf->rootfs;
 
 		if (rootfs_is_blockdev(c->lxc_conf)) {
-			if (do_rootfs_setup(c->lxc_conf, c->name, c->config_path) < 0)
+			if (lxc_setup_rootfs_prepare_root(c->lxc_conf, c->name,
+							  c->config_path) < 0)
 				goto out_fini_handler;
 		} else {
 			if (mkdir(rootfs->mount, 0755) < 0 && errno != EEXIST)

src/lxc/start.c

@@ -1886,7 +1886,7 @@ int __lxc_start(const char *name, struct lxc_handler *handler,
 			INFO("Unshared CLONE_NEWNS");
 
 			remount_all_slave();
-			ret = do_rootfs_setup(conf, name, lxcpath);
+			ret = lxc_setup_rootfs_prepare_root(conf, name, lxcpath);
 			if (ret < 0) {
 				ERROR("Error setting up rootfs mount as root before spawn");
 				goto out_fini_nonet;

src/lxc/storage/dir.c

@@ -157,7 +157,7 @@ bool dir_detect(const char *path)
 int dir_mount(struct lxc_storage *bdev)
 {
 	int ret;
-	unsigned long mflags, mntflags;
+	unsigned long mflags = 0, mntflags = 0, pflags = 0;
 	char *mntdata;
 	const char *src;
 
@@ -171,17 +171,23 @@ int dir_mount(struct lxc_storage *bdev)
 	if (ret < 0) {
 		ERROR("Failed to parse mount options \"%s\"", bdev->mntopts);
 		free(mntdata);
-		return -22;
+		return -EINVAL;
+	}
+
+	ret = parse_propagationopts(bdev->mntopts, &pflags);
+	if (ret < 0) {
+		ERROR("Failed to parse propagation options \"%s\"", bdev->mntopts);
+		free(mntdata);
+		return -EINVAL;
 	}
 
 	src = lxc_storage_get_path(bdev->src, bdev->type);
 
-	ret = mount(src, bdev->dest, "bind", MS_BIND | MS_REC | mntflags,
-		    mntdata);
+	ret = mount(src, bdev->dest, "bind", MS_BIND | MS_REC | mntflags | pflags, mntdata);
 	if ((0 == ret) && (mntflags & MS_RDONLY)) {
 		DEBUG("Remounting \"%s\" on \"%s\" readonly",
 		      src ? src : "(none)", bdev->dest ? bdev->dest : "(none)");
-		mflags = add_required_remount_flags(src, bdev->dest, MS_BIND | MS_REC | mntflags | MS_REMOUNT);
+		mflags = add_required_remount_flags(src, bdev->dest, MS_BIND | MS_REC | mntflags | pflags | MS_REMOUNT);
 		ret = mount(src, bdev->dest, "bind", mflags, mntdata);
 	}
 

src/lxc/utils.c

@@ -1323,6 +1323,7 @@ bool detect_ramfs_rootfs(void)
 			if (p && strncmp(p, "- rootfs rootfs ", 16) == 0) {
 				free(line);
 				fclose(f);
+				INFO("Rootfs is located on ramfs");
 				return true;
 			}
 		}