Merge release-20210806.0-39-gb495ae599 (automated)

author: gVisor bot <gvisor-bot@google.com> 2021-08-18 00:49:19 +0000
committer: gVisor bot <gvisor-bot@google.com> 2021-08-18 00:49:19 +0000
commit: 38624dfb1cc22d2f8d18a613fa65b2400225b262 (patch)
tree: f445362dadfb34593f5798b79e281d78123abed4 /pkg/sentry/kernel/semaphore
parent: d96afdef75caa3cee4831642a10708a2e14d8a2b (diff)
parent: b495ae599aeff85511449ef17bd50d656d40bc28 (diff)
1 files changed, 4 insertions, 8 deletions
diff --git a/pkg/sentry/kernel/semaphore/semaphore.go b/pkg/sentry/kernel/semaphore/semaphore.go
index 8a5c81a68..28e466948 100644
--- a/pkg/sentry/kernel/semaphore/semaphore.go
+++ b/pkg/sentry/kernel/semaphore/semaphore.go
@@ -336,19 +336,15 @@ func (s *Set) Size() int {
 	return len(s.sems)
 }
 
-// Change changes some fields from the set atomically.
-func (s *Set) Change(ctx context.Context, creds *auth.Credentials, owner fs.FileOwner, perms fs.FilePermissions) error {
+// Set modifies attributes for a semaphore set. See semctl(IPC_SET).
+func (s *Set) Set(ctx context.Context, ds *linux.SemidDS) error {
 	s.mu.Lock()
 	defer s.mu.Unlock()
 
-	// "The effective UID of the calling process must match the owner or creator
-	// of the semaphore set, or the caller must be privileged."
-	if !s.obj.CheckOwnership(creds) {
-		return linuxerr.EACCES
+	if err := s.obj.Set(ctx, &ds.SemPerm); err != nil {
+		return err
 	}
 
-	s.obj.Owner = owner
-	s.obj.Perms = perms
 	s.changeTime = ktime.NowFromContext(ctx)
 	return nil
 }
author	gVisor bot <gvisor-bot@google.com>	2021-08-18 00:49:19 +0000
committer	gVisor bot <gvisor-bot@google.com>	2021-08-18 00:49:19 +0000
commit	38624dfb1cc22d2f8d18a613fa65b2400225b262 (patch)
tree	f445362dadfb34593f5798b79e281d78123abed4 /pkg/sentry/kernel/semaphore
parent	d96afdef75caa3cee4831642a10708a2e14d8a2b (diff)
parent	b495ae599aeff85511449ef17bd50d656d40bc28 (diff)