Privileged containers should inherit host devices

When running a privileged container, it should inherit the same
devices the host has.

Signed-off-by: baude <bbaude@redhat.com>

Closes: #330
Approved by: mheon

3 files changed, 13 insertions, 36 deletions

diff --git a/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go
index 461dc097c..361925890 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go
@@ -28,6 +28,15 @@ func DeviceFromPath(path, permissions string) (*configs.Device, error) {
 	if err != nil {
 		return nil, err
 	}
+
+	var (
+		devNumber = stat.Rdev
+		major     = unix.Major(devNumber)
+	)
+	if major == 0 {
+		return nil, ErrNotADevice
+	}
+
 	var (
 		devType rune
 		mode    = stat.Mode
@@ -37,21 +46,16 @@ func DeviceFromPath(path, permissions string) (*configs.Device, error) {
 		devType = 'b'
 	case mode&unix.S_IFCHR == unix.S_IFCHR:
 		devType = 'c'
-	default:
-		return nil, ErrNotADevice
 	}
-	devNumber := int(stat.Rdev)
-	uid := stat.Uid
-	gid := stat.Gid
 	return &configs.Device{
 		Type:        devType,
 		Path:        path,
-		Major:       Major(devNumber),
-		Minor:       Minor(devNumber),
+		Major:       int64(major),
+		Minor:       int64(unix.Minor(devNumber)),
 		Permissions: permissions,
 		FileMode:    os.FileMode(mode),
-		Uid:         uid,
-		Gid:         gid,
+		Uid:         stat.Uid,
+		Gid:         stat.Gid,
 	}, nil
 }
 
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_unsupported.go b/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_unsupported.go
deleted file mode 100644
index 6649b9f2d..000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/devices/devices_unsupported.go
+++ /dev/null
@@ -1,3 +0,0 @@
-// +build !linux
-
-package devices
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/devices/number.go b/vendor/github.com/opencontainers/runc/libcontainer/devices/number.go
deleted file mode 100644
index 885b6e5dd..000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/devices/number.go
+++ /dev/null
@@ -1,24 +0,0 @@
-// +build linux freebsd
-
-package devices
-
-/*
-
-This code provides support for manipulating linux device numbers.  It should be replaced by normal syscall functions once http://code.google.com/p/go/issues/detail?id=8106 is solved.
-
-You can read what they are here:
-
- - http://www.makelinux.net/ldd3/chp-3-sect-2
- - http://www.linux-tutorial.info/modules.php?name=MContent&pageid=94
-
-Note! These are NOT the same as the MAJOR(dev_t device);, MINOR(dev_t device); and MKDEV(int major, int minor); functions as defined in <linux/kdev_t.h> as the representation of device numbers used by go is different than the one used internally to the kernel! - https://github.com/torvalds/linux/blob/master/include/linux/kdev_t.h#L9
-
-*/
-
-func Major(devNumber int) int64 {
-	return int64((devNumber >> 8) & 0xfff)
-}
-
-func Minor(devNumber int) int64 {
-	return int64((devNumber & 0xff) | ((devNumber >> 12) & 0xfff00))
-}