diff options
| author | Jamie Liu <jamieliu@google.com> | 2020-04-06 16:31:27 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-04-06 16:32:37 -0700 |
| commit | dd98fdd5beb7f02e7c7b3aeb4f07f5d00ffc41e7 (patch) | |
| tree | e6283145cf7bfba07af15b98681eec219948f6bf /pkg/sentry/fsimpl/proc | |
| parent | f332a864e8cc7799332838deffab37244ff8ffc7 (diff) | |
Correctly implement magic symlinks in VFS2 procfs.
Updates #1195
PiperOrigin-RevId: 305143567
Diffstat (limited to 'pkg/sentry/fsimpl/proc')
| -rw-r--r-- | pkg/sentry/fsimpl/proc/task_fds.go | 6 | ||||
| -rw-r--r-- | pkg/sentry/fsimpl/proc/task_files.go | 17 | ||||
| -rw-r--r-- | pkg/sentry/fsimpl/proc/tasks_files.go | 10 |
3 files changed, 33 insertions, 0 deletions
diff --git a/pkg/sentry/fsimpl/proc/task_fds.go b/pkg/sentry/fsimpl/proc/task_fds.go index 76bfc5307..9c8656b28 100644 --- a/pkg/sentry/fsimpl/proc/task_fds.go +++ b/pkg/sentry/fsimpl/proc/task_fds.go @@ -196,6 +196,12 @@ func (s *fdSymlink) Readlink(ctx context.Context) (string, error) { return vfsObj.PathnameWithDeleted(ctx, root, s.file.VirtualDentry()) } +func (s *fdSymlink) Getlink(ctx context.Context) (vfs.VirtualDentry, string, error) { + vd := s.file.VirtualDentry() + vd.IncRef() + return vd, "", nil +} + func (s *fdSymlink) DecRef() { s.AtomicRefCount.DecRefWithDestructor(func() { s.Destroy() diff --git a/pkg/sentry/fsimpl/proc/task_files.go b/pkg/sentry/fsimpl/proc/task_files.go index df0d1bcc5..88ea6a6d8 100644 --- a/pkg/sentry/fsimpl/proc/task_files.go +++ b/pkg/sentry/fsimpl/proc/task_files.go @@ -610,6 +610,23 @@ func (s *exeSymlink) Readlink(ctx context.Context) (string, error) { return exec.PathnameWithDeleted(ctx), nil } +// Getlink implements kernfs.Inode.Getlink. +func (s *exeSymlink) Getlink(ctx context.Context) (vfs.VirtualDentry, string, error) { + if !kernel.ContextCanTrace(ctx, s.task, false) { + return vfs.VirtualDentry{}, "", syserror.EACCES + } + + exec, err := s.executable() + if err != nil { + return vfs.VirtualDentry{}, "", err + } + defer exec.DecRef() + + vd := exec.(*fsbridge.VFSFile).FileDescription().VirtualDentry() + vd.IncRef() + return vd, "", nil +} + func (s *exeSymlink) executable() (file fsbridge.File, err error) { s.task.WithMuLocked(func(t *kernel.Task) { mm := t.MemoryManager() diff --git a/pkg/sentry/fsimpl/proc/tasks_files.go b/pkg/sentry/fsimpl/proc/tasks_files.go index 882c1981e..4621e2de0 100644 --- a/pkg/sentry/fsimpl/proc/tasks_files.go +++ b/pkg/sentry/fsimpl/proc/tasks_files.go @@ -63,6 +63,11 @@ func (s *selfSymlink) Readlink(ctx context.Context) (string, error) { return strconv.FormatUint(uint64(tgid), 10), nil } +func (s *selfSymlink) Getlink(ctx context.Context) (vfs.VirtualDentry, string, error) { + target, err := s.Readlink(ctx) + return vfs.VirtualDentry{}, target, err +} + // SetStat implements Inode.SetStat not allowing inode attributes to be changed. func (*selfSymlink) SetStat(context.Context, *vfs.Filesystem, *auth.Credentials, vfs.SetStatOptions) error { return syserror.EPERM @@ -101,6 +106,11 @@ func (s *threadSelfSymlink) Readlink(ctx context.Context) (string, error) { return fmt.Sprintf("%d/task/%d", tgid, tid), nil } +func (s *threadSelfSymlink) Getlink(ctx context.Context) (vfs.VirtualDentry, string, error) { + target, err := s.Readlink(ctx) + return vfs.VirtualDentry{}, target, err +} + // SetStat implements Inode.SetStat not allowing inode attributes to be changed. func (*threadSelfSymlink) SetStat(context.Context, *vfs.Filesystem, *auth.Credentials, vfs.SetStatOptions) error { return syserror.EPERM |