Merge release-20210518.0-49-g9fcc44f99 (automated)

author: gVisor bot <gvisor-bot@google.com> 2021-05-26 19:28:13 +0000
committer: gVisor bot <gvisor-bot@google.com> 2021-05-26 19:28:13 +0000
commit: 66e5e6cfec12612f3d6fd9baa72ab93752211883 (patch)
tree: ae47482de0bc6c5ec7ecc95170ff364d37d2d289 /pkg/sentry/fsimpl
parent: 425f4b5d29de7dae77ba32ca63896f69c31915d3 (diff)
parent: 9fcc44f991203343438b489389c2b861040086ac (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/verity/verity.go b/pkg/sentry/fsimpl/verity/verity.go
index fa7696ad6..969003613 100644
--- a/pkg/sentry/fsimpl/verity/verity.go
+++ b/pkg/sentry/fsimpl/verity/verity.go
@@ -868,6 +868,10 @@ func (fd *fileDescription) IterDirents(ctx context.Context, cb vfs.IterDirentsCa
 	fd.mu.Lock()
 	defer fd.mu.Unlock()
 
+	if _, err := fd.lowerFD.Seek(ctx, fd.off, linux.SEEK_SET); err != nil {
+		return err
+	}
+
 	var ds []vfs.Dirent
 	err := fd.lowerFD.IterDirents(ctx, vfs.IterDirentsCallbackFunc(func(dirent vfs.Dirent) error {
 		// Do not include the Merkle tree files.
@@ -890,8 +894,8 @@ func (fd *fileDescription) IterDirents(ctx context.Context, cb vfs.IterDirentsCa
 		return err
 	}
 
-	// The result should contain all children plus "." and "..".
-	if fd.d.verityEnabled() && len(ds) != len(fd.d.childrenNames)+2 {
+	// The result should be a part of all children plus "." and "..", counting from fd.off.
+	if fd.d.verityEnabled() && len(ds) != len(fd.d.childrenNames)+2-int(fd.off) {
 		return fd.d.fs.alertIntegrityViolation(fmt.Sprintf("Unexpected children number %d", len(ds)))
 	}
author	gVisor bot <gvisor-bot@google.com>	2021-05-26 19:28:13 +0000
committer	gVisor bot <gvisor-bot@google.com>	2021-05-26 19:28:13 +0000
commit	66e5e6cfec12612f3d6fd9baa72ab93752211883 (patch)
tree	ae47482de0bc6c5ec7ecc95170ff364d37d2d289 /pkg/sentry/fsimpl
parent	425f4b5d29de7dae77ba32ca63896f69c31915d3 (diff)
parent	9fcc44f991203343438b489389c2b861040086ac (diff)