diff options
author | Kevin Krakauer <krakauer@google.com> | 2019-11-04 10:56:13 -0800 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2019-11-04 10:58:29 -0800 |
commit | 4fdd69d681bb3abb68a043377a2fb0ec8a031d54 (patch) | |
tree | a9f8e172d4c0692e364a240e8ce6d9de7b0a3ec8 /pkg/sentry/fs | |
parent | b23b36e701c40827065217f4652a51eebc5f9913 (diff) |
Check that a file is a regular file with open(O_TRUNC).
It was possible to panic the sentry by opening a cache revalidating folder with
O_TRUNC|O_CREAT.
PiperOrigin-RevId: 278417533
Diffstat (limited to 'pkg/sentry/fs')
-rw-r--r-- | pkg/sentry/fs/inode_operations.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/pkg/sentry/fs/inode_operations.go b/pkg/sentry/fs/inode_operations.go index 5cde9d215..d6c35c2dc 100644 --- a/pkg/sentry/fs/inode_operations.go +++ b/pkg/sentry/fs/inode_operations.go @@ -221,6 +221,8 @@ type InodeOperations interface { // sys_ftruncate. // // Implementations need not check that length >= 0. + // + // Truncate must only be called on regular files. Truncate(ctx context.Context, inode *Inode, size int64) error // Allocate allows the caller to reserve disk space for the inode. |