Add support for guest bind mounts with LXC

Currently you can configure LXC to bind a host directory to
a guest directory, but not to bind a guest directory to a
guest directory. While the guest container init could do
this itself, allowing it in the libvirt XML means a stricter
SELinux policy can be written

docs/formatdomain.html.in

@@ -1639,6 +1639,11 @@
           which gives the memory usage limit in kibibytes. Only used
           by LXC driver.
           <span class="since"> (since 0.9.13)</span></dd>
+        <dt><code>type='bind'></code></dt>
+        <dd>
+          A directory inside the guest will be bound to another
+          directory inside the guest. Only used by LXC driver
+          <span class="since"> (since 0.9.13)</span></dd>
         </dl>
 
       The filesystem block has an optional attribute <code>accessmode</code>

docs/schemas/domaincommon.rng

@@ -1277,6 +1277,21 @@
             </optional>
           </interleave>
         </group>
+        <group>
+          <optional>
+            <attribute name="type">
+              <value>bind</value>
+            </attribute>
+          </optional>
+          <interleave>
+            <element name="source">
+              <attribute name="dir">
+                <ref name="absFilePath"/>
+              </attribute>
+              <empty/>
+            </element>
+          </interleave>
+        </group>
         <group>
           <attribute name="type">
             <value>template</value>

src/conf/domain_conf.c

@@ -265,7 +265,8 @@ VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST,
               "block",
               "file",
               "template",
-              "ram")
+              "ram",
+              "bind")
 
 VIR_ENUM_IMPL(virDomainFSDriverType, VIR_DOMAIN_FS_DRIVER_TYPE_LAST,
               "default",
@@ -4264,7 +4265,8 @@ virDomainFSDefParseXML(xmlNodePtr node,
             if (!source &&
                 xmlStrEqual(cur->name, BAD_CAST "source")) {
 
-                if (def->type == VIR_DOMAIN_FS_TYPE_MOUNT)
+                if (def->type == VIR_DOMAIN_FS_TYPE_MOUNT ||
+                    def->type == VIR_DOMAIN_FS_TYPE_BIND)
                     source = virXMLPropString(cur, "dir");
                 else if (def->type == VIR_DOMAIN_FS_TYPE_FILE)
                     source = virXMLPropString(cur, "file");
@@ -11353,6 +11355,7 @@ virDomainFSDefFormat(virBufferPtr buf,
 
     switch (def->type) {
     case VIR_DOMAIN_FS_TYPE_MOUNT:
+    case VIR_DOMAIN_FS_TYPE_BIND:
         virBufferEscapeString(buf, "      <source dir='%s'/>\n",
                               def->src);
         break;

src/conf/domain_conf.h

@@ -657,11 +657,12 @@ struct _virDomainControllerDef {
 
 /* Two types of disk backends */
 enum virDomainFSType {
-    VIR_DOMAIN_FS_TYPE_MOUNT,   /* Better named 'bind' */
-    VIR_DOMAIN_FS_TYPE_BLOCK,
-    VIR_DOMAIN_FS_TYPE_FILE,
-    VIR_DOMAIN_FS_TYPE_TEMPLATE,
-    VIR_DOMAIN_FS_TYPE_RAM,
+    VIR_DOMAIN_FS_TYPE_MOUNT, /* Mounts (binds) a host dir on a guest dir */
+    VIR_DOMAIN_FS_TYPE_BLOCK, /* Mounts a host block dev on a guest dir */
+    VIR_DOMAIN_FS_TYPE_FILE,  /* Loopback mounts a host file on a guest dir */
+    VIR_DOMAIN_FS_TYPE_TEMPLATE, /* Expands a OS template to a guest dir */
+    VIR_DOMAIN_FS_TYPE_RAM,   /* Mount a RAM filesystem on a guest dir */
+    VIR_DOMAIN_FS_TYPE_BIND,  /* Binds a guest dir to another guest dir */
 
     VIR_DOMAIN_FS_TYPE_LAST
 };

src/lxc/lxc_container.c

@@ -1025,7 +1025,14 @@ static int lxcContainerMountFS(virDomainFSDefPtr fs,
         if (lxcContainerMountFSTmpfs(fs) < 0)
             return -1;
         break;
+    case VIR_DOMAIN_FS_TYPE_BIND:
+        if (lxcContainerMountFSBind(fs, "") < 0)
+            return -1;
+        break;
     case VIR_DOMAIN_FS_TYPE_FILE:
+        /* We do actually support this, but the lxc controller
+         * should have associated the file with a loopback
+         * device and changed this to TYPE_BLOCK for us */
         lxcError(VIR_ERR_INTERNAL_ERROR,
                  _("Unexpected filesystem type %s"),
                  virDomainFSTypeToString(fs->type));