Use simple fd field for mountEntry.

We cannot have both srcFD and idMapFD set at the same time.
So, we can simplify this struct to only have one field which is used a srcFD
most of the time and as idMapFD when we do an id map mount.

Signed-off-by: Francis Laniel <[email protected]>

Author: eiffel-fl

libcontainer/rootfs_linux.go

@@ -40,13 +40,12 @@ type mountConfig struct {
 // mountEntry contains mount data specific to a mount point.
 type mountEntry struct {
 	*configs.Mount
-	srcFD   *int
-	idmapFD int
+	fd *int
 }
 
 func (m *mountEntry) src() string {
-	if m.srcFD != nil {
-		return "/proc/self/fd/" + strconv.Itoa(*m.srcFD)
+	if m.fd != nil {
+		return "/proc/self/fd/" + strconv.Itoa(*m.fd)
 	}
 	return m.Source
 }
@@ -86,20 +85,19 @@ func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig, mountFds mountFds) (
 		cgroupns:        config.Namespaces.Contains(configs.NEWCGROUP),
 	}
 	for i, m := range config.Mounts {
-		entry := mountEntry{Mount: m, idmapFD: -1}
+		entry := mountEntry{Mount: m}
 		// Just before the loop we checked that if not empty, len(mountFds) == len(config.Mounts).
 		// Therefore, we can access mountFds[i] without any concerns.
 		if mountFds.sourceFds != nil && mountFds.sourceFds[i] != -1 {
-			entry.srcFD = &mountFds.sourceFds[i]
+			entry.fd = &mountFds.sourceFds[i]
 		}
 
 		// We validated before we can access idmapFds[i].
 		if mountFds.idmapFds != nil && mountFds.idmapFds[i] != -1 {
-			entry.idmapFD = mountFds.idmapFds[i]
-		}
-
-		if entry.idmapFD != -1 && entry.srcFD != nil {
-			return fmt.Errorf("malformed mountFds and idmapFds slice, entry: %v has fds in both slices", i)
+			if entry.fd != nil {
+				return fmt.Errorf("malformed mountFds and idmapFds slice, entry: %v has fds in both slices", i)
+			}
+			entry.fd = &mountFds.idmapFds[i]
 		}
 
 		if err := mountToRootfs(mountConfig, entry); err != nil {
@@ -482,10 +480,10 @@ func mountToRootfs(c *mountConfig, m mountEntry) error {
 		}
 
 		if m.IsBind() && m.IsIDMapped() {
-			if m.idmapFD == -1 {
+			if m.fd == nil {
 				return fmt.Errorf("error creating mount %+v: idmapFD is invalid, should point to a valid fd", m)
 			}
-			if err := unix.MoveMount(m.idmapFD, "", -1, dest, unix.MOVE_MOUNT_F_EMPTY_PATH); err != nil {
+			if err := unix.MoveMount(*m.fd, "", -1, dest, unix.MOVE_MOUNT_F_EMPTY_PATH); err != nil {
 				return fmt.Errorf("error on unix.MoveMount %+v: %w", m, err)
 			}
 
@@ -1106,7 +1104,7 @@ func writeSystemProperty(key, value string) error {
 func remount(m mountEntry, rootfs string) error {
 	return utils.WithProcfd(rootfs, m.Destination, func(dstFD string) error {
 		flags := uintptr(m.Flags | unix.MS_REMOUNT)
-		err := mountViaFDs(m.Source, m.srcFD, m.Destination, dstFD, m.Device, flags, "")
+		err := mountViaFDs(m.Source, m.fd, m.Destination, dstFD, m.Device, flags, "")
 		if err == nil {
 			return nil
 		}
@@ -1121,7 +1119,7 @@ func remount(m mountEntry, rootfs string) error {
 		}
 		// ... and retry the mount with ro flag set.
 		flags |= unix.MS_RDONLY
-		return mountViaFDs(m.Source, m.srcFD, m.Destination, dstFD, m.Device, flags, "")
+		return mountViaFDs(m.Source, m.fd, m.Destination, dstFD, m.Device, flags, "")
 	})
 }
 
@@ -1145,7 +1143,7 @@ func mountPropagate(m mountEntry, rootfs string, mountLabel string) error {
 	// inside the container with WithProcfd() -- mounting through a procfd
 	// mounts on the target.
 	if err := utils.WithProcfd(rootfs, m.Destination, func(dstFD string) error {
-		return mountViaFDs(m.Source, m.srcFD, m.Destination, dstFD, m.Device, uintptr(flags), data)
+		return mountViaFDs(m.Source, m.fd, m.Destination, dstFD, m.Device, uintptr(flags), data)
 	}); err != nil {
 		return err
 	}