Problem
mount.c unconditionally calls mkdir() on the target path before issuing
MS_BIND. When the bind-mount source is a regular file (e.g.
/etc/resolv.conf, /etc/hostname), mkdir() creates a directory at the
target instead of a regular file. The subsequent mount(..., MS_BIND) then
fails because the source and target types do not match, producing a confusing
EINVAL or ENOTDIR with no indication of the actual cause.
This affects mount profiles that might reasonably include file bind mounts
(e.g. injecting a custom /etc/resolv.conf into the guest).
Proposed Changes
Two options (pick one based on complexity/benefit):
Option A: Support file bind mounts
- Before creating the target,
stat() the source to determine its type.
- If the source is a regular file, create the target with
open(path, O_CREAT | O_WRONLY, 0644); close(fd) instead of mkdir().
- If the source is a directory, use
mkdir() as today.
Option B: Reject file bind mounts early
- Before
mkdir(), stat() the source.
- If the source is a regular file, return a clear error:
"file bind mounts not supported: %s" and skip the mount.
- Document this limitation in the mount profile documentation.
Option A is preferred if file bind mounts are a realistic use case (resolv.conf
injection, custom config files). Option B is acceptable if the scope should stay
minimal.
Considerations
- The
stat() call targets the host filesystem (or LKL depending on mount
phase). Ensure the correct stat path is used for the mount profile being
processed.
- Symlink sources need careful handling:
stat() follows symlinks, which is
correct for bind mounts (mount the target of the symlink).
- Existing mount profiles (raw, recommended, standard) should be audited for
any file-type sources that silently fail today.
References
src/mount.c: mkdir() before MS_BIND, mount profile processinginclude/kbox/mount.h: enum kbox_mount_profile definitions
Problem
mount.cunconditionally callsmkdir()on the target path before issuingMS_BIND. When the bind-mount source is a regular file (e.g./etc/resolv.conf,/etc/hostname),mkdir()creates a directory at thetarget instead of a regular file. The subsequent
mount(..., MS_BIND)thenfails because the source and target types do not match, producing a confusing
EINVALorENOTDIRwith no indication of the actual cause.This affects mount profiles that might reasonably include file bind mounts
(e.g. injecting a custom
/etc/resolv.confinto the guest).Proposed Changes
Two options (pick one based on complexity/benefit):
Option A: Support file bind mounts
stat()the source to determine its type.open(path, O_CREAT | O_WRONLY, 0644); close(fd)instead ofmkdir().mkdir()as today.Option B: Reject file bind mounts early
mkdir(),stat()the source."file bind mounts not supported: %s"and skip the mount.Option A is preferred if file bind mounts are a realistic use case (resolv.conf
injection, custom config files). Option B is acceptable if the scope should stay
minimal.
Considerations
stat()call targets the host filesystem (or LKL depending on mountphase). Ensure the correct stat path is used for the mount profile being
processed.
stat()follows symlinks, which iscorrect for bind mounts (mount the target of the symlink).
any file-type sources that silently fail today.
References
src/mount.c:mkdir()beforeMS_BIND, mount profile processinginclude/kbox/mount.h:enum kbox_mount_profiledefinitions