tpm: Extend device config to support different device name inside container

stefanberger · stefanberger · commit df3d1e6ddfd3 · 2017-09-09T01:56:09.000+02:00
Extend the device config to support a different device name for a
device inside the container than on the host. Use this to for
example create /dev/tpm0 inside the container for a /dev/tpm10 on
the host.

Signed-off-by: Stefan Berger &lt;stefanb@linux.vnet.ibm.com&gt;
diff --git a/libcontainer/configs/device.go b/libcontainer/configs/device.go
@@ -18,6 +18,9 @@ type Device struct {
 	// Path to the device.
 	Path string `json:"path"`
 
+	// the name of the device inside the container (optional)
+	Devpath string `json:"devpath"`
+
 	// Major is the device's major number.
 	Major int64 `json:"major"`
 
diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go
@@ -488,7 +488,12 @@ func bindMountDeviceNode(dest string, node *configs.Device) error {
 
 // Creates the device node in the rootfs of the container.
 func createDeviceNode(rootfs string, node *configs.Device, bind bool) error {
-	dest := filepath.Join(rootfs, node.Path)
+	var dest string
+	if node.Devpath != "" {
+		dest = filepath.Join(rootfs, node.Devpath)
+	} else {
+		dest = filepath.Join(rootfs, node.Path)
+	}
 	if err := os.MkdirAll(filepath.Dir(dest), 0755); err != nil {
 		return err
 	}
diff --git a/libcontainer/vtpm/vtpm-helper/vtpm_helper.go b/libcontainer/vtpm/vtpm-helper/vtpm_helper.go
@@ -14,10 +14,11 @@ import (
 	"github.com/opencontainers/runtime-spec/specs-go"
 )
 
-func addVTPMDevice(spec *specs.Spec, config *configs.Config, hostpath string, major, minor uint32) {
+func addVTPMDevice(spec *specs.Spec, config *configs.Config, hostpath, devpath string, major, minor uint32) {
 	device := &configs.Device{
 		Type:        'c',
 		Path:        hostpath,
+		Devpath:     devpath,
 		Major:       int64(major),
 		Minor:       int64(minor),
 		Permissions: "rwm",
@@ -62,7 +63,8 @@ func CreateVTPM(spec *specs.Spec, config *configs.Config, vtpmdev *specs.VTPM, d
 	hostdev := vtpm.GetTPMDevname()
 	major, minor := vtpm.GetMajorMinor()
 
-	addVTPMDevice(spec, config, hostdev, major, minor)
+	devpath := fmt.Sprintf("/dev/tpm%d", devnum)
+	addVTPMDevice(spec, config, hostdev, devpath, major, minor)
 
 	config.VTPMs = append(config.VTPMs, vtpm)
 
@@ -79,7 +81,9 @@ func CreateVTPM(spec *specs.Spec, config *configs.Config, vtpmdev *specs.VTPM, d
 	if fileInfo, err := os.Lstat(host_tpmrm); err == nil {
 		if stat_t, ok := fileInfo.Sys().(*syscall.Stat_t); ok {
 			devNumber := int(stat_t.Rdev)
-			addVTPMDevice(spec, config, host_tpmrm, uint32(devices.Major(devNumber)), uint32(devices.Minor(devNumber)))
+
+			devpath = fmt.Sprintf("/dev/tpmrm%d", devnum)
+			addVTPMDevice(spec, config, host_tpmrm, devpath, uint32(devices.Major(devNumber)), uint32(devices.Minor(devNumber)))
 		}
 		if uid != 0 {
 			// adapt ownership of the device since only root can access it
