diff options
author | Jamie Liu <jamieliu@google.com> | 2020-08-31 13:55:18 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-08-31 13:57:19 -0700 |
commit | 6cdfa4fee06dfe4d37b79a8426906c99fe294964 (patch) | |
tree | 6536a5cd6925ee3661d6a218579fb4a5e311cde6 | |
parent | 9d0d82088a5bd385ceb63cb2f864e054638c69e1 (diff) |
Don't use read-only host FD for writable gofer dentries in VFS2.
As documented for gofer.dentry.hostFD.
PiperOrigin-RevId: 329372319
-rw-r--r-- | pkg/sentry/fsimpl/gofer/gofer.go | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/gofer/gofer.go b/pkg/sentry/fsimpl/gofer/gofer.go index 81d34cfe3..57bff1789 100644 --- a/pkg/sentry/fsimpl/gofer/gofer.go +++ b/pkg/sentry/fsimpl/gofer/gofer.go @@ -1472,8 +1472,9 @@ func (d *dentry) ensureSharedHandle(ctx context.Context, read, write, trunc bool return err } - if d.hostFD < 0 && openReadable && h.fd >= 0 { - // We have no existing FD; use the new FD for at least reading. + if d.hostFD < 0 && h.fd >= 0 && openReadable && (d.writeFile.isNil() || openWritable) { + // We have no existing FD, and the new FD meets the requirements + // for d.hostFD, so start using it. d.hostFD = h.fd } else if d.hostFD >= 0 && d.writeFile.isNil() && openWritable { // We have an existing read-only FD, but the file has just been |