diff options
author | Fabricio Voznika <fvoznika@google.com> | 2019-06-06 16:44:40 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2019-06-06 16:45:51 -0700 |
commit | 02ab1f187cd24c67b754b004229421d189cee264 (patch) | |
tree | 180c3149674b8a7899d477a735466b5bf04013b4 /pkg/sentry/fs/inode.go | |
parent | b3f104507d7a04c0ca058cbcacc5ff78d853f4ba (diff) |
Copy up parent when binding UDS on overlayfs
Overlayfs was expecting the parent to exist when bind(2)
was called, which may not be the case. The fix is to copy
the parent directory to the upper layer before binding
the UDS.
There is not good place to add tests for it. Syscall tests
would be ideal, but it's hard to guarantee that the
directory where the socket is created hasn't been touched
before (and thus copied the parent to the upper layer).
Added it to runsc integration tests for now. If it turns
out we have lots of these kind of tests, we can consider
moving them somewhere more appropriate.
PiperOrigin-RevId: 251954156
Diffstat (limited to 'pkg/sentry/fs/inode.go')
-rw-r--r-- | pkg/sentry/fs/inode.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkg/sentry/fs/inode.go b/pkg/sentry/fs/inode.go index aef1a1cb9..0b54c2e77 100644 --- a/pkg/sentry/fs/inode.go +++ b/pkg/sentry/fs/inode.go @@ -220,9 +220,9 @@ func (i *Inode) Rename(ctx context.Context, oldParent *Dirent, renamed *Dirent, } // Bind calls i.InodeOperations.Bind with i as the directory. -func (i *Inode) Bind(ctx context.Context, name string, data transport.BoundEndpoint, perm FilePermissions) (*Dirent, error) { +func (i *Inode) Bind(ctx context.Context, parent *Dirent, name string, data transport.BoundEndpoint, perm FilePermissions) (*Dirent, error) { if i.overlay != nil { - return overlayBind(ctx, i.overlay, name, data, perm) + return overlayBind(ctx, i.overlay, parent, name, data, perm) } return i.InodeOperations.Bind(ctx, i, name, data, perm) } |