Skip to content

The rootfs of a microVM should be read-only #283

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 15, 2019
Merged

The rootfs of a microVM should be read-only #283

merged 3 commits into from
Oct 15, 2019

Conversation

kzys
Copy link
Contributor

@kzys kzys commented Oct 10, 2019

Issue #, if available:

NA

Description of changes:

While customers won't be able to access the rootfs, making it read-only
will reduce its attack surface.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

xibz
xibz suggested changes Oct 11, 2019
View reviewed changes
samuelkarp
samuelkarp reviewed Oct 11, 2019
View reviewed changes
sipsma
sipsma reviewed Oct 11, 2019
View reviewed changes
sipsma
sipsma approved these changes Oct 11, 2019
View reviewed changes
Copy link
Contributor

@sipsma sipsma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sipsma sipsma marked this pull request as ready for review October 11, 2019 19:55
samuelkarp
samuelkarp reviewed Oct 11, 2019
View reviewed changes
kzys added a commit to kzys/firecracker-go-sdk that referenced this pull request Oct 11, 2019
@kzys
Define functional options for DrivesBuilder
adc4a41 
The would make
firecracker-microvm/firecracker-containerd#283
cleaner.

Signed-off-by: Kazuyoshi Kato <[email protected]>
@kzys kzys mentioned this pull request Oct 11, 2019
Merged
kzys added a commit to kzys/firecracker-go-sdk that referenced this pull request Oct 11, 2019
@kzys
Define functional options for DrivesBuilder
6c3672b 
This would make
firecracker-microvm/firecracker-containerd#283
cleaner.

Signed-off-by: Kazuyoshi Kato <[email protected]>
@kzys
By default, the rootfs of a microVM is read-only
777157f 
While customers can make it writable by sending a request,
the rootfs should be read-only to reduce our attack surface.

Signed-off-by: Kazuyoshi Kato <[email protected]>
@kzys kzys force-pushed the read-only branch 3 times, most recently from 6de89ed to f31fd30 Compare October 15, 2019 01:11
xibz
xibz suggested changes Oct 15, 2019
View reviewed changes
xibz
xibz reviewed Oct 15, 2019
View reviewed changes
xibz
xibz reviewed Oct 15, 2019
View reviewed changes
@kzys kzys force-pushed the read-only branch 2 times, most recently from 56734d8 to df38500 Compare October 15, 2019 18:46
kzys added 2 commits October 15, 2019 12:15
@kzys
IsReadOnly -> IsWritable
6690f80 
In proto3, all omitted boolean values are considered as false!

This change allows makes the default mode of a drive read-only,
even if the flag is omitted.

Signed-off-by: Kazuyoshi Kato <[email protected]>
@kzys
Use functional option helpers
96c7417 
Signed-off-by: Kazuyoshi Kato <[email protected]>
xibz
xibz approved these changes Oct 15, 2019
View reviewed changes
Copy link
Contributor

@xibz xibz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢

@kzys kzys merged commit 7649f00 into firecracker-microvm:master Oct 15, 2019
@kzys kzys deleted the read-only branch October 15, 2019 20:53
samuelkarp
samuelkarp reviewed Oct 15, 2019
View reviewed changes
Copy link
Contributor

@samuelkarp samuelkarp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

xibz pushed a commit to xibz/firecracker-go-sdk that referenced this pull request Nov 5, 2019
@kzys @xibz
Define functional options for DrivesBuilder
6f88da5 
This would make
firecracker-microvm/firecracker-containerd#283
cleaner.

Signed-off-by: Kazuyoshi Kato <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samuelkarp samuelkarp samuelkarp left review comments

@xibz xibz xibz approved these changes

@sipsma sipsma sipsma approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kzys @samuelkarp @xibz @sipsma