diff options
| author | Jamie Liu <jamieliu@google.com> | 2019-03-28 11:42:38 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2019-03-28 11:43:51 -0700 |
| commit | f005350c93cb9e2a247b0d8a061e52f3160d36d4 (patch) | |
| tree | ff60d4ebf0d329fba52198ff284787b35e0365ac /pkg/sentry/fs/fsutil | |
| parent | 1d7e2bc3776f90e1b2b31346e1bec47da6e568ff (diff) | |
Clean up gofer handle caching.
- Document fsutil.CachedFileObject.FD() requirements on access
permissions, and change gofer.inodeFileState.FD() to honor them.
Fixes #147.
- Combine gofer.inodeFileState.readonly and
gofer.inodeFileState.readthrough, and simplify handle caching logic.
- Inline gofer.cachePolicy.cacheHandles into
gofer.inodeFileState.setSharedHandles, because users with access to
gofer.inodeFileState don't necessarily have access to the fs.Inode
(predictably, this is a save/restore problem).
Before this CL:
$ docker run --runtime=runsc-d -v $(pwd)/gvisor/repro:/root/repro -it ubuntu bash
root@34d51017ed67:/# /root/repro/runsc-b147
mmap: 0x7f3c01e45000
Segmentation fault
After this CL:
$ docker run --runtime=runsc-d -v $(pwd)/gvisor/repro:/root/repro -it ubuntu bash
root@d3c3cb56bbf9:/# /root/repro/runsc-b147
mmap: 0x7f78987ec000
o
PiperOrigin-RevId: 240818413
Change-Id: I49e1d4a81a0cb9177832b0a9f31a10da722a896b
Diffstat (limited to 'pkg/sentry/fs/fsutil')
| -rw-r--r-- | pkg/sentry/fs/fsutil/inode_cached.go | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/pkg/sentry/fs/fsutil/inode_cached.go b/pkg/sentry/fs/fsutil/inode_cached.go index 6ca51ab0d..b690cfe93 100644 --- a/pkg/sentry/fs/fsutil/inode_cached.go +++ b/pkg/sentry/fs/fsutil/inode_cached.go @@ -138,8 +138,15 @@ type CachedFileObject interface { // Sync instructs the remote filesystem to sync the file to stable storage. Sync(ctx context.Context) error - // FD returns a host file descriptor. Return value must be -1 or not -1 - // for the lifetime of the CachedFileObject. + // FD returns a host file descriptor. If it is possible for + // CachingInodeOperations.AddMapping to have ever been called with writable + // = true, the FD must have been opened O_RDWR; otherwise, it may have been + // opened O_RDONLY or O_RDWR. (mmap unconditionally requires that mapped + // files are readable.) If no host file descriptor is available, FD returns + // a negative number. + // + // For any given CachedFileObject, if FD() ever succeeds (returns a + // non-negative number), it must always succeed. // // FD is called iff the file has been memory mapped. This implies that // the file was opened (see fs.InodeOperations.GetFile). |