Skip to content

feat: support read-only filesystem mounts#85

Merged
danbugs merged 2 commits into
mainfrom
feat/readonly-mounts
May 26, 2026
Merged

feat: support read-only filesystem mounts#85
danbugs merged 2 commits into
mainfrom
feat/readonly-mounts

Conversation

@danbugs
Copy link
Copy Markdown
Contributor

@danbugs danbugs commented May 26, 2026

Summary

  • Add read_only: bool field to Preopen with a builder-style .read_only() method
  • FsRouter carries the flag per-mount and exposes require_writable() which gates all write operations
  • fs_write, fs_write_bytes, fs_truncate, fs_mkdir, and fs_unlink return "read-only mount: write to <path> denied" when targeting a read-only preopen
  • Read operations (fs_read, fs_read_bytes, fs_list, fs_stat) work normally on read-only mounts

Test plan

  • readonly_mount_allows_reads — reads succeed on RO mount
  • readonly_mount_blocks_fs_write — text write denied
  • readonly_mount_blocks_fs_write_bytes — binary write denied
  • readonly_mount_blocks_fs_truncate — truncate denied
  • readonly_mount_blocks_fs_mkdir — mkdir denied
  • readonly_mount_blocks_fs_unlink — unlink denied, file preserved
  • mixed_rw_and_ro_mounts — RW and RO mounts coexist correctly
  • All existing tests pass

Copilot AI review requested due to automatic review settings May 26, 2026 18:49
Copilot AI reviewed May 26, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds support for marking preopened host filesystem mounts as read-only, and enforces that policy in the host-side fs_* tool handlers so guest write-like operations are denied while reads continue to work.

Changes:

  • Extend Preopen with a read_only: bool flag and a builder-style .read_only() helper.
  • Track the read-only flag per mount in FsRouter and gate write operations via require_writable().
  • Add unit tests covering read-only behavior across the affected fs_* operations; bump host crate version to 0.7.0.

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 2 comments.

File Description
host/src/lib.rs Adds Preopen::read_only, propagates mount RO state into FsRouter, gates write operations, and adds RO mount tests.
host/Cargo.toml Bumps crate version to 0.7.0.
host/Cargo.lock Updates lockfile to reflect version bump.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread host/src/lib.rs Outdated
Comment on lines +200 to +204
/// Return a copy of this preopen with `read_only` set to `true`.
pub fn read_only(mut self) -> Self {
self.read_only = true;
self
}
Comment thread host/src/lib.rs
Comment on lines +1720 to +1725
fn require_writable<'a>(&'a self, path: &'a str) -> Result<(&'a FsSandbox, &'a str)> {
let (fs, rel, ro) = self.route(path)?;
if ro {
return Err(anyhow!("read-only mount: write to {:?} denied", path));
}
Ok((fs, rel))
danbugs added 2 commits May 26, 2026 18:57
@danbugs
feat: support read-only filesystem mounts
fdaaa15 
Signed-off-by: danbugs <danilochiarlone@gmail.com>
@danbugs
fix: address fmt and copilot review feedback
399c361 
Signed-off-by: danbugs <danilochiarlone@gmail.com>
@danbugs danbugs force-pushed the feat/readonly-mounts branch from e3c59a2 to 399c361 Compare May 26, 2026 18:57
github-actions[bot]
github-actions Bot reviewed May 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Linux Benchmarks

Details
Benchmark suite Current: 399c361 Previous: 05c4d64 Ratio
hello_world (median) 20 ms 20 ms 1
pandas (median) 110 ms 110 ms 1
density (per VM) 11 MB 11 MB 1
snapshot (disk) 656 MiB 656 MiB 1

This comment was automatically generated by workflow using github-action-benchmark.

github-actions[bot]
github-actions Bot reviewed May 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Windows Benchmarks

Details
Benchmark suite Current: 399c361 Previous: 05c4d64 Ratio
hello_world (median) 379 ms 320 ms 1.18
pandas (median) 1090 ms 855 ms 1.27
density (per VM) 11 MB 11 MB 1
snapshot (disk) 663 MiB 663 MiB 1

This comment was automatically generated by workflow using github-action-benchmark.

@danbugs danbugs merged commit 19a2575 into main May 26, 2026
79 checks passed
@danbugs danbugs deleted the feat/readonly-mounts branch May 26, 2026 19:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@danbugs