Make gVisor hard link check match Linux's.

Linux permits hard-linking if the target is owned by the user OR the target has Read+Write permission. PiperOrigin-RevId: 213024613 Change-Id: If642066317b568b99084edd33ee4e8822ec9cbb3
author: Nicolas Lacasse <nlacasse@google.com> 2018-09-14 12:28:43 -0700
committer: Shentubot <shentubot@google.com> 2018-09-14 12:29:46 -0700
commit: b84bfa570d76e6979d5cfc40c235ffe74de9f9ca (patch)
tree: b4d293d11723538830a00fc333d12e724c23a932 /pkg/sentry/fs/dirent.go
parent: 0380bcb3a4125723dc5248f70174ff64fb1942a2 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/pkg/sentry/fs/dirent.go b/pkg/sentry/fs/dirent.go
index f81f7d627..dd2b4e589 100644
--- a/pkg/sentry/fs/dirent.go
+++ b/pkg/sentry/fs/dirent.go
@@ -773,6 +773,11 @@ func (d *Dirent) CreateHardLink(ctx context.Context, root *Dirent, target *Diren
 		return syscall.EXDEV
 	}
 
+	// Directories are never linkable. See fs/namei.c:vfs_link.
+	if IsDir(target.Inode.StableAttr) {
+		return syscall.EPERM
+	}
+
 	return d.genericCreate(ctx, root, name, func() error {
 		if err := d.Inode.CreateHardLink(ctx, d, target, name); err != nil {
 			return err
author	Nicolas Lacasse <nlacasse@google.com>	2018-09-14 12:28:43 -0700
committer	Shentubot <shentubot@google.com>	2018-09-14 12:29:46 -0700
commit	b84bfa570d76e6979d5cfc40c235ffe74de9f9ca (patch)
tree	b4d293d11723538830a00fc333d12e724c23a932 /pkg/sentry/fs/dirent.go
parent	0380bcb3a4125723dc5248f70174ff64fb1942a2 (diff)