summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/fs
diff options
context:
space:
mode:
authorRahat Mahmood <rahat@google.com>2018-12-12 13:09:10 -0800
committerShentubot <shentubot@google.com>2018-12-12 13:09:59 -0800
commit75e39eaa74c65b6f7cfb95addb6ac0cbcc7d951a (patch)
tree1a6b64491851e002727a08546f1168c89b9c32aa /pkg/sentry/fs
parenta2c868a098fcb51dcdf629045c5f5c0f68c2766f (diff)
Pass information about map writableness to filesystems.
This is necessary to implement file seals for memfds. PiperOrigin-RevId: 225239394 Change-Id: Ib3f1ab31385afc4b24e96cd81a05ef1bebbcbb70
Diffstat (limited to 'pkg/sentry/fs')
-rw-r--r--pkg/sentry/fs/binder/binder.go6
-rw-r--r--pkg/sentry/fs/copy_up.go8
-rw-r--r--pkg/sentry/fs/fsutil/inode_cached.go12
-rw-r--r--pkg/sentry/fs/fsutil/inode_cached_test.go8
-rw-r--r--pkg/sentry/fs/overlay.go18
-rw-r--r--pkg/sentry/fs/tmpfs/inode_file.go12
6 files changed, 32 insertions, 32 deletions
diff --git a/pkg/sentry/fs/binder/binder.go b/pkg/sentry/fs/binder/binder.go
index 42b9e8b26..e642c7f22 100644
--- a/pkg/sentry/fs/binder/binder.go
+++ b/pkg/sentry/fs/binder/binder.go
@@ -302,7 +302,7 @@ func (bp *Proc) Ioctl(ctx context.Context, io usermem.IO, args arch.SyscallArgum
}
// AddMapping implements memmap.Mappable.AddMapping.
-func (bp *Proc) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) error {
+func (bp *Proc) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64, _ bool) error {
bp.mu.Lock()
defer bp.mu.Unlock()
if bp.mapped.Length() != 0 {
@@ -320,12 +320,12 @@ func (bp *Proc) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar userm
}
// RemoveMapping implements memmap.Mappable.RemoveMapping.
-func (bp *Proc) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) {
+func (*Proc) RemoveMapping(context.Context, memmap.MappingSpace, usermem.AddrRange, uint64, bool) {
// Nothing to do. Notably, we don't free bp.mapped to allow another mmap.
}
// CopyMapping implements memmap.Mappable.CopyMapping.
-func (bp *Proc) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64) error {
+func (bp *Proc) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64, _ bool) error {
// Nothing to do. Notably, this is one case where CopyMapping isn't
// equivalent to AddMapping, as AddMapping would return EBUSY.
return nil
diff --git a/pkg/sentry/fs/copy_up.go b/pkg/sentry/fs/copy_up.go
index d65dc74bf..6d4ebaaa4 100644
--- a/pkg/sentry/fs/copy_up.go
+++ b/pkg/sentry/fs/copy_up.go
@@ -270,13 +270,13 @@ func copyUpLocked(ctx context.Context, parent *Dirent, next *Dirent) error {
for seg := next.Inode.overlay.mappings.FirstSegment(); seg.Ok(); seg = seg.NextSegment() {
added := make(memmap.MappingsOfRange)
for m := range seg.Value() {
- if err := upperMappable.AddMapping(ctx, m.MappingSpace, m.AddrRange, seg.Start()); err != nil {
+ if err := upperMappable.AddMapping(ctx, m.MappingSpace, m.AddrRange, seg.Start(), m.Writable); err != nil {
for m := range added {
- upperMappable.RemoveMapping(ctx, m.MappingSpace, m.AddrRange, seg.Start())
+ upperMappable.RemoveMapping(ctx, m.MappingSpace, m.AddrRange, seg.Start(), m.Writable)
}
for mr, mappings := range allAdded {
for m := range mappings {
- upperMappable.RemoveMapping(ctx, m.MappingSpace, m.AddrRange, mr.Start)
+ upperMappable.RemoveMapping(ctx, m.MappingSpace, m.AddrRange, mr.Start, m.Writable)
}
}
return err
@@ -301,7 +301,7 @@ func copyUpLocked(ctx context.Context, parent *Dirent, next *Dirent) error {
if lowerMappable != nil {
for seg := next.Inode.overlay.mappings.FirstSegment(); seg.Ok(); seg = seg.NextSegment() {
for m := range seg.Value() {
- lowerMappable.RemoveMapping(ctx, m.MappingSpace, m.AddrRange, seg.Start())
+ lowerMappable.RemoveMapping(ctx, m.MappingSpace, m.AddrRange, seg.Start(), m.Writable)
}
}
}
diff --git a/pkg/sentry/fs/fsutil/inode_cached.go b/pkg/sentry/fs/fsutil/inode_cached.go
index b0af44ddd..707ca76d2 100644
--- a/pkg/sentry/fs/fsutil/inode_cached.go
+++ b/pkg/sentry/fs/fsutil/inode_cached.go
@@ -686,10 +686,10 @@ func (rw *inodeReadWriter) WriteFromBlocks(srcs safemem.BlockSeq) (uint64, error
}
// AddMapping implements memmap.Mappable.AddMapping.
-func (c *CachingInodeOperations) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) error {
+func (c *CachingInodeOperations) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64, writable bool) error {
// Hot path. Avoid defers.
c.mapsMu.Lock()
- mapped := c.mappings.AddMapping(ms, ar, offset)
+ mapped := c.mappings.AddMapping(ms, ar, offset, writable)
// Do this unconditionally since whether we have c.backingFile.FD() >= 0
// can change across save/restore.
for _, r := range mapped {
@@ -705,10 +705,10 @@ func (c *CachingInodeOperations) AddMapping(ctx context.Context, ms memmap.Mappi
}
// RemoveMapping implements memmap.Mappable.RemoveMapping.
-func (c *CachingInodeOperations) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) {
+func (c *CachingInodeOperations) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64, writable bool) {
// Hot path. Avoid defers.
c.mapsMu.Lock()
- unmapped := c.mappings.RemoveMapping(ms, ar, offset)
+ unmapped := c.mappings.RemoveMapping(ms, ar, offset, writable)
for _, r := range unmapped {
c.hostFileMapper.DecRefOn(r)
}
@@ -739,8 +739,8 @@ func (c *CachingInodeOperations) RemoveMapping(ctx context.Context, ms memmap.Ma
}
// CopyMapping implements memmap.Mappable.CopyMapping.
-func (c *CachingInodeOperations) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64) error {
- return c.AddMapping(ctx, ms, dstAR, offset)
+func (c *CachingInodeOperations) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64, writable bool) error {
+ return c.AddMapping(ctx, ms, dstAR, offset, writable)
}
// Translate implements memmap.Mappable.Translate.
diff --git a/pkg/sentry/fs/fsutil/inode_cached_test.go b/pkg/sentry/fs/fsutil/inode_cached_test.go
index e388ec3d7..ce5201a40 100644
--- a/pkg/sentry/fs/fsutil/inode_cached_test.go
+++ b/pkg/sentry/fs/fsutil/inode_cached_test.go
@@ -305,7 +305,7 @@ func TestRead(t *testing.T) {
// be cached.
var ms noopMappingSpace
ar := usermem.AddrRange{usermem.PageSize, 2 * usermem.PageSize}
- if err := iops.AddMapping(ctx, ms, ar, usermem.PageSize); err != nil {
+ if err := iops.AddMapping(ctx, ms, ar, usermem.PageSize, true); err != nil {
t.Fatalf("AddMapping got %v, want nil", err)
}
mr := memmap.MappableRange{usermem.PageSize, 2 * usermem.PageSize}
@@ -334,7 +334,7 @@ func TestRead(t *testing.T) {
// Delete the memory mapping and expect it to cause the cached page to be
// uncached.
- iops.RemoveMapping(ctx, ms, ar, usermem.PageSize)
+ iops.RemoveMapping(ctx, ms, ar, usermem.PageSize, true)
if cached := iops.cache.Span(); cached != 0 {
t.Fatalf("Span got %d, want 0", cached)
}
@@ -363,10 +363,10 @@ func TestWrite(t *testing.T) {
// Translate to force them to be cached.
var ms noopMappingSpace
ar := usermem.AddrRange{usermem.PageSize, 3 * usermem.PageSize}
- if err := iops.AddMapping(ctx, ms, ar, usermem.PageSize); err != nil {
+ if err := iops.AddMapping(ctx, ms, ar, usermem.PageSize, true); err != nil {
t.Fatalf("AddMapping got %v, want nil", err)
}
- defer iops.RemoveMapping(ctx, ms, ar, usermem.PageSize)
+ defer iops.RemoveMapping(ctx, ms, ar, usermem.PageSize, true)
mr := memmap.MappableRange{usermem.PageSize, 3 * usermem.PageSize}
if _, err := iops.Translate(ctx, mr, mr, usermem.Read); err != nil {
t.Fatalf("Translate got %v, want nil", err)
diff --git a/pkg/sentry/fs/overlay.go b/pkg/sentry/fs/overlay.go
index 8ace4ee64..f3e2d5cbe 100644
--- a/pkg/sentry/fs/overlay.go
+++ b/pkg/sentry/fs/overlay.go
@@ -259,32 +259,32 @@ func (o *overlayEntry) isMappableLocked() bool {
}
// AddMapping implements memmap.Mappable.AddMapping.
-func (o *overlayEntry) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) error {
+func (o *overlayEntry) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64, writable bool) error {
o.mapsMu.Lock()
defer o.mapsMu.Unlock()
- if err := o.inodeLocked().Mappable().AddMapping(ctx, ms, ar, offset); err != nil {
+ if err := o.inodeLocked().Mappable().AddMapping(ctx, ms, ar, offset, writable); err != nil {
return err
}
- o.mappings.AddMapping(ms, ar, offset)
+ o.mappings.AddMapping(ms, ar, offset, writable)
return nil
}
// RemoveMapping implements memmap.Mappable.RemoveMapping.
-func (o *overlayEntry) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) {
+func (o *overlayEntry) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64, writable bool) {
o.mapsMu.Lock()
defer o.mapsMu.Unlock()
- o.inodeLocked().Mappable().RemoveMapping(ctx, ms, ar, offset)
- o.mappings.RemoveMapping(ms, ar, offset)
+ o.inodeLocked().Mappable().RemoveMapping(ctx, ms, ar, offset, writable)
+ o.mappings.RemoveMapping(ms, ar, offset, writable)
}
// CopyMapping implements memmap.Mappable.CopyMapping.
-func (o *overlayEntry) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64) error {
+func (o *overlayEntry) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64, writable bool) error {
o.mapsMu.Lock()
defer o.mapsMu.Unlock()
- if err := o.inodeLocked().Mappable().CopyMapping(ctx, ms, srcAR, dstAR, offset); err != nil {
+ if err := o.inodeLocked().Mappable().CopyMapping(ctx, ms, srcAR, dstAR, offset, writable); err != nil {
return err
}
- o.mappings.AddMapping(ms, dstAR, offset)
+ o.mappings.AddMapping(ms, dstAR, offset, writable)
return nil
}
diff --git a/pkg/sentry/fs/tmpfs/inode_file.go b/pkg/sentry/fs/tmpfs/inode_file.go
index 42a7d7b9c..e0181c52c 100644
--- a/pkg/sentry/fs/tmpfs/inode_file.go
+++ b/pkg/sentry/fs/tmpfs/inode_file.go
@@ -426,23 +426,23 @@ func (rw *fileReadWriter) WriteFromBlocks(srcs safemem.BlockSeq) (uint64, error)
}
// AddMapping implements memmap.Mappable.AddMapping.
-func (f *fileInodeOperations) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) error {
+func (f *fileInodeOperations) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64, writable bool) error {
f.mapsMu.Lock()
defer f.mapsMu.Unlock()
- f.mappings.AddMapping(ms, ar, offset)
+ f.mappings.AddMapping(ms, ar, offset, writable)
return nil
}
// RemoveMapping implements memmap.Mappable.RemoveMapping.
-func (f *fileInodeOperations) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) {
+func (f *fileInodeOperations) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64, writable bool) {
f.mapsMu.Lock()
defer f.mapsMu.Unlock()
- f.mappings.RemoveMapping(ms, ar, offset)
+ f.mappings.RemoveMapping(ms, ar, offset, writable)
}
// CopyMapping implements memmap.Mappable.CopyMapping.
-func (f *fileInodeOperations) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64) error {
- return f.AddMapping(ctx, ms, dstAR, offset)
+func (f *fileInodeOperations) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64, writable bool) error {
+ return f.AddMapping(ctx, ms, dstAR, offset, writable)
}
// Translate implements memmap.Mappable.Translate.