summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJamie Liu <jamieliu@google.com>2020-08-31 13:55:18 -0700
committergVisor bot <gvisor-bot@google.com>2020-08-31 13:57:19 -0700
commit6cdfa4fee06dfe4d37b79a8426906c99fe294964 (patch)
tree6536a5cd6925ee3661d6a218579fb4a5e311cde6
parent9d0d82088a5bd385ceb63cb2f864e054638c69e1 (diff)
Don't use read-only host FD for writable gofer dentries in VFS2.
As documented for gofer.dentry.hostFD. PiperOrigin-RevId: 329372319
-rw-r--r--pkg/sentry/fsimpl/gofer/gofer.go5
1 files changed, 3 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/gofer/gofer.go b/pkg/sentry/fsimpl/gofer/gofer.go
index 81d34cfe3..57bff1789 100644
--- a/pkg/sentry/fsimpl/gofer/gofer.go
+++ b/pkg/sentry/fsimpl/gofer/gofer.go
@@ -1472,8 +1472,9 @@ func (d *dentry) ensureSharedHandle(ctx context.Context, read, write, trunc bool
return err
}
- if d.hostFD < 0 && openReadable && h.fd >= 0 {
- // We have no existing FD; use the new FD for at least reading.
+ if d.hostFD < 0 && h.fd >= 0 && openReadable && (d.writeFile.isNil() || openWritable) {
+ // We have no existing FD, and the new FD meets the requirements
+ // for d.hostFD, so start using it.
d.hostFD = h.fd
} else if d.hostFD >= 0 && d.writeFile.isNil() && openWritable {
// We have an existing read-only FD, but the file has just been