diff options
author | Zhaozhong Ni <nzz@google.com> | 2018-10-11 11:40:34 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-10-11 11:41:44 -0700 |
commit | 0bfa03d61c7791aad03da5ac021bc60e4578858e (patch) | |
tree | 3ae56b6f73af4414b5341fe93d7e96d5cb8d0ed9 | |
parent | 463e73d46d76042c39050d02cf3b0f875e55eb01 (diff) |
sentry: allow saving of unlinked files with open fds on virtual fs.
PiperOrigin-RevId: 216733414
Change-Id: I33cd3eb818f0c39717d6656fcdfff6050b37ebb0
-rw-r--r-- | pkg/sentry/fs/dirent_state.go | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/pkg/sentry/fs/dirent_state.go b/pkg/sentry/fs/dirent_state.go index 58dd01202..04ab197b9 100644 --- a/pkg/sentry/fs/dirent_state.go +++ b/pkg/sentry/fs/dirent_state.go @@ -23,16 +23,20 @@ import ( // beforeSave is invoked by stateify. func (d *Dirent) beforeSave() { - // Refuse to save if the file has already been deleted (but still has - // open fds, which is why the Dirent is still accessible). We know the - // the restore opening of the file will always fail. This condition will - // last until all the open fds and this Dirent are closed and released. + // Refuse to save if the file is on a non-virtual file system and has + // already been deleted (but still has open fds, which is why the Dirent + // is still accessible). We know the the restore re-opening of the file + // will always fail. This condition will last until all the open fds and + // this Dirent are closed and released. + // + // Such "dangling" open files on virtual file systems (e.g., tmpfs) is + // OK to save as their restore does not require re-opening the files. // // Note that this is rejection rather than failure---it would be // perfectly OK to save---we are simply disallowing it here to prevent // generating non-restorable state dumps. As the program continues its // execution, it may become allowed to save again. - if atomic.LoadInt32(&d.deleted) != 0 { + if !d.Inode.IsVirtual() && atomic.LoadInt32(&d.deleted) != 0 { n, _ := d.FullName(nil /* root */) panic(ErrSaveRejection{fmt.Errorf("deleted file %q still has open fds", n)}) } |