diff options
author | gVisor bot <gvisor-bot@google.com> | 2020-01-17 02:27:32 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-01-17 02:27:32 +0000 |
commit | f0af1d1e1d32a73b2bbeee61b78049abbe0ac8d5 (patch) | |
tree | 1fe3f42a6dcede0be02f64294fad743db5a419f4 /pkg/sentry/fs/inode_overlay.go | |
parent | b6542333a2598ed39d96c9169302d02a809b40df (diff) | |
parent | 7a45ae7e67438697296fc12345202e3c76304096 (diff) |
Merge release-20200115.0-16-g7a45ae7 (automated)
Diffstat (limited to 'pkg/sentry/fs/inode_overlay.go')
-rw-r--r-- | pkg/sentry/fs/inode_overlay.go | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/pkg/sentry/fs/inode_overlay.go b/pkg/sentry/fs/inode_overlay.go index b90da20d0..c477de837 100644 --- a/pkg/sentry/fs/inode_overlay.go +++ b/pkg/sentry/fs/inode_overlay.go @@ -552,9 +552,16 @@ func overlayGetXattr(ctx context.Context, o *overlayEntry, name string, size uin return s, err } -// TODO(b/146028302): Support setxattr for overlayfs. -func overlaySetxattr(ctx context.Context, o *overlayEntry, name, value string, flags uint32) error { - return syserror.EOPNOTSUPP +func overlaySetxattr(ctx context.Context, o *overlayEntry, d *Dirent, name, value string, flags uint32) error { + // Don't allow changes to overlay xattrs through a setxattr syscall. + if strings.HasPrefix(XattrOverlayPrefix, name) { + return syserror.EPERM + } + + if err := copyUp(ctx, d); err != nil { + return err + } + return o.upper.SetXattr(ctx, d, name, value, flags) } func overlayListXattr(ctx context.Context, o *overlayEntry) (map[string]struct{}, error) { |