diff options
author | gVisor bot <gvisor-bot@google.com> | 2021-08-17 17:44:26 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-08-17 17:44:26 -0700 |
commit | b495ae599aeff85511449ef17bd50d656d40bc28 (patch) | |
tree | 898f459d96365eb637500ba1c17480258dd7062c /pkg/sentry/kernel/shm | |
parent | 8f6c54c8c023d551d6d09b5428ac59fb704c7067 (diff) | |
parent | 2f1c65e7fa49ddf6debb5d8ba4a5b08e17404e2a (diff) |
Merge pull request #6262 from sudo-sturbia:msgqueue/syscalls3
PiperOrigin-RevId: 391416650
Diffstat (limited to 'pkg/sentry/kernel/shm')
-rw-r--r-- | pkg/sentry/kernel/shm/shm.go | 19 |
1 files changed, 2 insertions, 17 deletions
diff --git a/pkg/sentry/kernel/shm/shm.go b/pkg/sentry/kernel/shm/shm.go index b8da0c76c..ab938fa3c 100644 --- a/pkg/sentry/kernel/shm/shm.go +++ b/pkg/sentry/kernel/shm/shm.go @@ -618,25 +618,10 @@ func (s *Shm) Set(ctx context.Context, ds *linux.ShmidDS) error { s.mu.Lock() defer s.mu.Unlock() - creds := auth.CredentialsFromContext(ctx) - if !s.obj.CheckOwnership(creds) { - return linuxerr.EPERM - } - - uid := creds.UserNamespace.MapToKUID(auth.UID(ds.ShmPerm.UID)) - gid := creds.UserNamespace.MapToKGID(auth.GID(ds.ShmPerm.GID)) - if !uid.Ok() || !gid.Ok() { - return linuxerr.EINVAL + if err := s.obj.Set(ctx, &ds.ShmPerm); err != nil { + return err } - // User may only modify the lower 9 bits of the mode. All the other bits are - // always 0 for the underlying inode. - mode := linux.FileMode(ds.ShmPerm.Mode & 0x1ff) - s.obj.Perms = fs.FilePermsFromMode(mode) - - s.obj.Owner.UID = uid - s.obj.Owner.GID = gid - s.changeTime = ktime.NowFromContext(ctx) return nil } |