diff options
author | Jamie Liu <jamieliu@google.com> | 2019-03-28 11:42:38 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2019-03-28 11:43:51 -0700 |
commit | f005350c93cb9e2a247b0d8a061e52f3160d36d4 (patch) | |
tree | ff60d4ebf0d329fba52198ff284787b35e0365ac /pkg/sentry/fs/gofer/session_state.go | |
parent | 1d7e2bc3776f90e1b2b31346e1bec47da6e568ff (diff) |
Clean up gofer handle caching.
- Document fsutil.CachedFileObject.FD() requirements on access
permissions, and change gofer.inodeFileState.FD() to honor them.
Fixes #147.
- Combine gofer.inodeFileState.readonly and
gofer.inodeFileState.readthrough, and simplify handle caching logic.
- Inline gofer.cachePolicy.cacheHandles into
gofer.inodeFileState.setSharedHandles, because users with access to
gofer.inodeFileState don't necessarily have access to the fs.Inode
(predictably, this is a save/restore problem).
Before this CL:
$ docker run --runtime=runsc-d -v $(pwd)/gvisor/repro:/root/repro -it ubuntu bash
root@34d51017ed67:/# /root/repro/runsc-b147
mmap: 0x7f3c01e45000
Segmentation fault
After this CL:
$ docker run --runtime=runsc-d -v $(pwd)/gvisor/repro:/root/repro -it ubuntu bash
root@d3c3cb56bbf9:/# /root/repro/runsc-b147
mmap: 0x7f78987ec000
o
PiperOrigin-RevId: 240818413
Change-Id: I49e1d4a81a0cb9177832b0a9f31a10da722a896b
Diffstat (limited to 'pkg/sentry/fs/gofer/session_state.go')
0 files changed, 0 insertions, 0 deletions