diff options
author | Fabricio Voznika <fvoznika@google.com> | 2020-03-13 08:56:47 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-03-13 08:58:04 -0700 |
commit | 8f8f16efafd48da3c5e4db329a90bb76620b2324 (patch) | |
tree | 4f181eb05c92f6cddaf7f6dc530f04aba9010136 /pkg/sentry/fsbridge | |
parent | f693e1334b6fd0bea26fad770dfec3aa7e03c59a (diff) |
Add support for mount flags
Plumbs MS_NOEXEC and MS_RDONLY. Others are TODO.
Updates #1623 #1193
PiperOrigin-RevId: 300764669
Diffstat (limited to 'pkg/sentry/fsbridge')
-rw-r--r-- | pkg/sentry/fsbridge/vfs.go | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/pkg/sentry/fsbridge/vfs.go b/pkg/sentry/fsbridge/vfs.go index 6aa17bfc1..79b808359 100644 --- a/pkg/sentry/fsbridge/vfs.go +++ b/pkg/sentry/fsbridge/vfs.go @@ -115,8 +115,6 @@ func NewVFSLookup(mntns *vfs.MountNamespace, root, workingDir vfs.VirtualDentry) // // remainingTraversals is not configurable in VFS2, all callers are using the // default anyways. -// -// TODO(gvisor.dev/issue/1623): Check mount has read and exec permission. func (l *vfsLookup) OpenPath(ctx context.Context, pathname string, opts vfs.OpenOptions, _ *uint, resolveFinal bool) (File, error) { vfsObj := l.mntns.Root().Mount().Filesystem().VirtualFilesystem() creds := auth.CredentialsFromContext(ctx) |