diff options
author | Chong Cai <chongc@google.com> | 2020-12-10 20:50:45 -0800 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-12-10 20:53:00 -0800 |
commit | e7279936e8128c1ade57a26eb76726cabcb762a9 (patch) | |
tree | f9466c593d7c20f809b77e925663e1ab809734b5 | |
parent | bcb97a3bb7560fab49ac35d8c184a510cb81f801 (diff) |
Change merkle root file name to avoid collision
PiperOrigin-RevId: 346923826
-rw-r--r-- | pkg/sentry/fsimpl/verity/verity.go | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/pkg/sentry/fsimpl/verity/verity.go b/pkg/sentry/fsimpl/verity/verity.go index 5788c661f..9571ce9f1 100644 --- a/pkg/sentry/fsimpl/verity/verity.go +++ b/pkg/sentry/fsimpl/verity/verity.go @@ -64,6 +64,10 @@ const ( // tree file for "/foo" is "/.merkle.verity.foo". merklePrefix = ".merkle.verity." + // merkleRootPrefix is the prefix of the Merkle tree root file. This + // needs to be different from merklePrefix to avoid name collision. + merkleRootPrefix = ".merkleroot.verity." + // merkleOffsetInParentXattr is the extended attribute name specifying the // offset of the child hash in its parent's Merkle tree. merkleOffsetInParentXattr = "user.merkle.offset" @@ -255,7 +259,7 @@ func (fstype FilesystemType) GetFilesystem(ctx context.Context, vfsObj *vfs.Virt lowerVD.IncRef() d.lowerVD = lowerVD - rootMerkleName := merklePrefix + iopts.RootMerkleFileName + rootMerkleName := merkleRootPrefix + iopts.RootMerkleFileName lowerMerkleVD, err := vfsObj.GetDentryAt(ctx, fs.creds, &vfs.PathOperation{ Root: lowerVD, |