summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/fsbridge
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2020-03-13 08:56:47 -0700
committergVisor bot <gvisor-bot@google.com>2020-03-13 08:58:04 -0700
commit8f8f16efafd48da3c5e4db329a90bb76620b2324 (patch)
tree4f181eb05c92f6cddaf7f6dc530f04aba9010136 /pkg/sentry/fsbridge
parentf693e1334b6fd0bea26fad770dfec3aa7e03c59a (diff)
Add support for mount flags
Plumbs MS_NOEXEC and MS_RDONLY. Others are TODO. Updates #1623 #1193 PiperOrigin-RevId: 300764669
Diffstat (limited to 'pkg/sentry/fsbridge')
-rw-r--r--pkg/sentry/fsbridge/vfs.go2
1 files changed, 0 insertions, 2 deletions
diff --git a/pkg/sentry/fsbridge/vfs.go b/pkg/sentry/fsbridge/vfs.go
index 6aa17bfc1..79b808359 100644
--- a/pkg/sentry/fsbridge/vfs.go
+++ b/pkg/sentry/fsbridge/vfs.go
@@ -115,8 +115,6 @@ func NewVFSLookup(mntns *vfs.MountNamespace, root, workingDir vfs.VirtualDentry)
//
// remainingTraversals is not configurable in VFS2, all callers are using the
// default anyways.
-//
-// TODO(gvisor.dev/issue/1623): Check mount has read and exec permission.
func (l *vfsLookup) OpenPath(ctx context.Context, pathname string, opts vfs.OpenOptions, _ *uint, resolveFinal bool) (File, error) {
vfsObj := l.mntns.Root().Mount().Filesystem().VirtualFilesystem()
creds := auth.CredentialsFromContext(ctx)