1 /* 2 Copyright 2019 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package subpath 18 19 import "os" 20 21 // Interface defines the set of methods all subpathers must implement 22 type Interface interface { 23 // CleanSubPaths removes any bind-mounts created by PrepareSafeSubpath in given 24 // pod volume directory. 25 CleanSubPaths(poodDir string, volumeName string) error 26 27 // PrepareSafeSubpath does everything that's necessary to prepare a subPath 28 // that's 1) inside given volumePath and 2) immutable after this call. 29 // 30 // newHostPath - location of prepared subPath. It should be used instead of 31 // hostName when running the container. 32 // cleanupAction - action to run when the container is running or it failed to start. 33 // 34 // CleanupAction must be called immediately after the container with given 35 // subpath starts. On the other hand, Interface.CleanSubPaths must be called 36 // when the pod finishes. 37 PrepareSafeSubpath(subPath Subpath) (newHostPath string, cleanupAction func(), err error) 38 39 // SafeMakeDir creates subdir within given base. It makes sure that the 40 // created directory does not escape given base directory mis-using 41 // symlinks. Note that the function makes sure that it creates the directory 42 // somewhere under the base, nothing else. E.g. if the directory already 43 // exists, it may exist outside of the base due to symlinks. 44 // This method should be used if the directory to create is inside volume 45 // that's under user control. User must not be able to use symlinks to 46 // escape the volume to create directories somewhere else. 47 SafeMakeDir(subdir string, base string, perm os.FileMode) error 48 } 49 50 // Subpath defines the attributes of a subpath 51 type Subpath struct { 52 // index of the VolumeMount for this container 53 VolumeMountIndex int 54 55 // Full path to the subpath directory on the host 56 Path string 57 58 // name of the volume that is a valid directory name. 59 VolumeName string 60 61 // Full path to the volume path 62 VolumePath string 63 64 // Path to the pod's directory, including pod UID 65 PodDir string 66 67 // Name of the container 68 ContainerName string 69 } 70 71 // Compile time-check for all implementers of subpath interface 72 var _ Interface = &subpath{} 73 var _ Interface = &FakeSubpath{} 74 75 // FakeSubpath is a subpather implementation for testing 76 type FakeSubpath struct{} 77 78 // PrepareSafeSubpath is a fake implementation of PrepareSafeSubpath. Always returns 79 // newHostPath == subPath.Path 80 func (fs *FakeSubpath) PrepareSafeSubpath(subPath Subpath) (newHostPath string, cleanupAction func(), err error) { 81 return subPath.Path, nil, nil 82 } 83 84 // CleanSubPaths is a fake implementation of CleanSubPaths. It is a noop 85 func (fs *FakeSubpath) CleanSubPaths(podDir string, volumeName string) error { 86 return nil 87 } 88 89 // SafeMakeDir is a fake implementation of SafeMakeDir. It is a noop 90 func (fs *FakeSubpath) SafeMakeDir(pathname string, base string, perm os.FileMode) error { 91 return nil 92 } 93