Fix mount layers on host

Unless we're extracting an image to a layer, we should never return it
directly. We must always interact with it via a mount point, as Windows
layers hold a number of metadata files which should never be mutated
directly. When reading/manipulating the contents of a layer we should
always pass through a mount.

Allow the containerd mount.Mount() to properly mount the layer before we
interact with it.

Signed-off-by: Gabriel Adrian Samfira <[email protected]>

snapshot/localmounter_windows.go

@@ -1,6 +1,8 @@
 package snapshot
 
 import (
+	"os"
+
 	"github.com/containerd/containerd/errdefs"
 	"github.com/containerd/containerd/mount"
 	"github.com/pkg/errors"
@@ -26,26 +28,13 @@ func (lm *localMounter) Mount() (string, error) {
 	}
 
 	m := lm.mounts[0]
-
-	if m.Type == "bind" || m.Type == "rbind" {
-		ro := false
-		for _, opt := range m.Options {
-			if opt == "ro" {
-				ro = true
-				break
-			}
-		}
-		if !ro {
-			return m.Source, nil
-		}
+	dir, err := os.MkdirTemp("", "buildkit-mount")
+	if err != nil {
+		return "", errors.Wrap(err, "failed to create temp dir")
 	}
 
-	// Windows mounts always activate in-place, so the target of the mount must be the source directory.
-	// See https://github.com/containerd/containerd/pull/2366
-	dir := m.Source
-
 	if err := m.Mount(dir); err != nil {
-		return "", errors.Wrapf(err, "failed to mount in-place: %v", m)
+		return "", errors.Wrapf(err, "failed to mount %v: %+v", m, err)
 	}
 	lm.target = dir
 	return lm.target, nil
@@ -59,6 +48,7 @@ func (lm *localMounter) Unmount() error {
 		if err := mount.Unmount(lm.target, 0); err != nil {
 			return err
 		}
+		os.RemoveAll(lm.target)
 		lm.target = ""
 	}