libcontainer: relax validation for absolute paths

Commits 1f1e91b and 2192670 added validation for mountpoints to be an absolute path, to match the OCI specs. Unfortunately, the old behavior (accepting the path to be a relative path) has been around for a long time, and although "not according to the spec", various higher level runtimes rely on this behavior. While higher level runtime have been updated to address this requirement, there will be a transition period before all runtimes are updated to carry these fixes. This patch relaxes the validation, to generate a WARNING instead of failing, allowing runtimes to update (but allowing them to update runc to the current version, which includes security fixes). We can remove this exception in a future patch release. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
opencontainers · Jun 7, 2021 · 21aaece · 21aaece
1 parent 3c5c816
commit 21aaece
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/libcontainer/configs/validate/validator.go b/libcontainer/configs/validate/validator.go
@@ -12,6 +12,7 @@ import (
 	"github.com/opencontainers/runc/libcontainer/configs"
 	"github.com/opencontainers/runc/libcontainer/intelrdt"
 	selinux "github.com/opencontainers/selinux/go-selinux"
+	"github.com/sirupsen/logrus"
 	"golang.org/x/sys/unix"
 )
 
@@ -46,6 +47,15 @@ func (v *ConfigValidator) Validate(config *configs.Config) error {
 			return err
 		}
 	}
+	// Relaxed validation rules for backward compatibility
+	warns := []check{
+		v.mounts,
+	}
+	for _, c := range warns {
+		if err := c(config); err != nil {
+			logrus.WithError(err).Warnf("invalid configuration")
+		}
+	}
 	return nil
 }
 

diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
@@ -333,7 +333,10 @@ func CreateLibcontainerConfig(opts *CreateOpts) (*configs.Config, error) {
 
 func createLibcontainerMount(cwd string, m specs.Mount) (*configs.Mount, error) {
 	if !filepath.IsAbs(m.Destination) {
-		return nil, fmt.Errorf("mount destination %s not absolute", m.Destination)
+		// Relax validation for backward compatibility
+		// TODO (runc 1.2.0): replace a warning below with
+		// return nil, fmt.Errorf("mount destination %s not absolute", m.Destination)
+		logrus.Warnf("mount destination %s not absolute (this won't be supported past runc 1.2.0)", m.Destination)
 	}
 	flags, pgflags, data, ext := parseMountOptions(m.Options)
 	source := m.Source