[syserror] Update syserror to linuxerr for EACCES, EBADF, and EPERM.

Update all instances of the above errors to the faster linuxerr implementation. With the temporary linuxerr.Equals(), no logical changes are made. PiperOrigin-RevId: 382306655
author: Zach Koopmans <zkoopmans@google.com> 2021-06-30 08:15:44 -0700
committer: gVisor bot <gvisor-bot@google.com> 2021-06-30 08:18:59 -0700
commit: 6ef268409620c57197b9d573e23be8cb05dbf381 (patch)
tree: 6dddb49b605335939b7ef7b23c50a3eadee5e912 /pkg/sentry/kernel
parent: 66a79461a23e5e98c53a809eda442393cd6925b3 (diff)
15 files changed, 77 insertions, 79 deletions
diff --git a/pkg/sentry/kernel/auth/credentials.go b/pkg/sentry/kernel/auth/credentials.go
index 32c344399..fc245c54b 100644
--- a/pkg/sentry/kernel/auth/credentials.go
+++ b/pkg/sentry/kernel/auth/credentials.go
@@ -17,7 +17,6 @@ package auth
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/errors/linuxerr"
-	"gvisor.dev/gvisor/pkg/syserror"
 )
 
 // Credentials contains information required to authorize privileged operations
@@ -215,7 +214,7 @@ func (c *Credentials) UseUID(uid UID) (KUID, error) {
 	if kuid == c.RealKUID || kuid == c.EffectiveKUID || kuid == c.SavedKUID {
 		return kuid, nil
 	}
-	return NoID, syserror.EPERM
+	return NoID, linuxerr.EPERM
 }
 
 // UseGID checks that c can use gid in its user namespace, then translates it
@@ -231,7 +230,7 @@ func (c *Credentials) UseGID(gid GID) (KGID, error) {
 	if kgid == c.RealKGID || kgid == c.EffectiveKGID || kgid == c.SavedKGID {
 		return kgid, nil
 	}
-	return NoID, syserror.EPERM
+	return NoID, linuxerr.EPERM
 }
 
 // SetUID translates the provided uid to the root user namespace and updates c's
diff --git a/pkg/sentry/kernel/auth/id_map.go b/pkg/sentry/kernel/auth/id_map.go
index 955b6d40b..f06a374a0 100644
--- a/pkg/sentry/kernel/auth/id_map.go
+++ b/pkg/sentry/kernel/auth/id_map.go
@@ -18,7 +18,6 @@ import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
 	"gvisor.dev/gvisor/pkg/errors/linuxerr"
-	"gvisor.dev/gvisor/pkg/syserror"
 )
 
 // MapFromKUID translates kuid, a UID in the root namespace, to a UID in ns.
@@ -107,7 +106,7 @@ func (ns *UserNamespace) SetUIDMap(ctx context.Context, entries []IDMapEntry) er
 	// than once to a uid_map file in a user namespace fails with the error
 	// EPERM. Similar rules apply for gid_map files." - user_namespaces(7)
 	if !ns.uidMapFromParent.IsEmpty() {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	// "At least one line must be written to the file."
 	if len(entries) == 0 {
@@ -122,12 +121,12 @@ func (ns *UserNamespace) SetUIDMap(ctx context.Context, entries []IDMapEntry) er
 	// in the user namespace of the process pid.
 	// """
 	if !c.HasCapabilityIn(linux.CAP_SETUID, ns) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	// "2. The writing process must either be in the user namespace of the process
 	// pid or be in the parent user namespace of the process pid."
 	if c.UserNamespace != ns && c.UserNamespace != ns.parent {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	// """
 	// 3. (see trySetUIDMap)
@@ -146,14 +145,14 @@ func (ns *UserNamespace) SetUIDMap(ctx context.Context, entries []IDMapEntry) er
 		//   parent user namespace to a user ID (group ID) in the user namespace.
 		// """
 		if len(entries) != 1 || ns.parent.MapToKUID(UID(entries[0].FirstParentID)) != c.EffectiveKUID || entries[0].Length != 1 {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// """
 		//   + The writing process must have the same effective user ID as the
 		//   process that created the user namespace.
 		// """
 		if c.EffectiveKUID != ns.owner {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 	}
 	// trySetUIDMap leaves data in maps if it fails.
@@ -183,7 +182,7 @@ func (ns *UserNamespace) trySetUIDMap(entries []IDMapEntry) error {
 		// mappings when it's created, so SetUIDMap would have returned EPERM
 		// without reaching this point if ns is root.
 		if !ns.parent.allIDsMapped(&ns.parent.uidMapToParent, e.FirstParentID, lastParentID) {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// If either of these Adds fail, we have an overlapping range.
 		if !ns.uidMapFromParent.Add(idMapRange{e.FirstParentID, lastParentID}, e.FirstID) {
@@ -203,24 +202,24 @@ func (ns *UserNamespace) SetGIDMap(ctx context.Context, entries []IDMapEntry) er
 	ns.mu.Lock()
 	defer ns.mu.Unlock()
 	if !ns.gidMapFromParent.IsEmpty() {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	if len(entries) == 0 {
 		return linuxerr.EINVAL
 	}
 	if !c.HasCapabilityIn(linux.CAP_SETGID, ns) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	if c.UserNamespace != ns && c.UserNamespace != ns.parent {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	if !c.HasCapabilityIn(linux.CAP_SETGID, ns.parent) {
 		if len(entries) != 1 || ns.parent.MapToKGID(GID(entries[0].FirstParentID)) != c.EffectiveKGID || entries[0].Length != 1 {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// It's correct for this to still be UID.
 		if c.EffectiveKUID != ns.owner {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// "In the case of gid_map, use of the setgroups(2) system call must
 		// first be denied by writing "deny" to the /proc/[pid]/setgroups file
@@ -247,7 +246,7 @@ func (ns *UserNamespace) trySetGIDMap(entries []IDMapEntry) error {
 			return linuxerr.EINVAL
 		}
 		if !ns.parent.allIDsMapped(&ns.parent.gidMapToParent, e.FirstParentID, lastParentID) {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		if !ns.gidMapFromParent.Add(idMapRange{e.FirstParentID, lastParentID}, e.FirstID) {
 			return linuxerr.EINVAL
diff --git a/pkg/sentry/kernel/auth/user_namespace.go b/pkg/sentry/kernel/auth/user_namespace.go
index 9dd52c860..bec0c28cd 100644
--- a/pkg/sentry/kernel/auth/user_namespace.go
+++ b/pkg/sentry/kernel/auth/user_namespace.go
@@ -17,6 +17,7 @@ package auth
 import (
 	"math"
 
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sync"
 	"gvisor.dev/gvisor/pkg/syserror"
 )
@@ -114,10 +115,10 @@ func (c *Credentials) NewChildUserNamespace() (*UserNamespace, error) {
 	// process are mapped to user IDs and group IDs in the user namespace of
 	// the calling process at the time of the call." - unshare(2)
 	if !c.EffectiveKUID.In(c.UserNamespace).Ok() {
-		return nil, syserror.EPERM
+		return nil, linuxerr.EPERM
 	}
 	if !c.EffectiveKGID.In(c.UserNamespace).Ok() {
-		return nil, syserror.EPERM
+		return nil, linuxerr.EPERM
 	}
 	return &UserNamespace{
 		parent: c.UserNamespace,
diff --git a/pkg/sentry/kernel/futex/BUILD b/pkg/sentry/kernel/futex/BUILD
index 0606d32a8..cfdea5cf7 100644
--- a/pkg/sentry/kernel/futex/BUILD
+++ b/pkg/sentry/kernel/futex/BUILD
@@ -54,8 +54,8 @@ go_test(
     library = ":futex",
     deps = [
         "//pkg/context",
+        "//pkg/errors/linuxerr",
         "//pkg/hostarch",
         "//pkg/sync",
-        "@org_golang_x_sys//unix:go_default_library",
     ],
 )
diff --git a/pkg/sentry/kernel/futex/futex.go b/pkg/sentry/kernel/futex/futex.go
index 5c64ce11e..52fc6f2b7 100644
--- a/pkg/sentry/kernel/futex/futex.go
+++ b/pkg/sentry/kernel/futex/futex.go
@@ -746,7 +746,7 @@ func (m *Manager) unlockPILocked(t Target, addr hostarch.Addr, tid uint32, b *bu
 	}
 
 	if (cur & linux.FUTEX_TID_MASK) != tid {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 
 	var next *Waiter  // Who's the next owner?
diff --git a/pkg/sentry/kernel/futex/futex_test.go b/pkg/sentry/kernel/futex/futex_test.go
index deba44e5c..04c136f87 100644
--- a/pkg/sentry/kernel/futex/futex_test.go
+++ b/pkg/sentry/kernel/futex/futex_test.go
@@ -21,8 +21,8 @@ import (
 	"testing"
 	"unsafe"
 
-	"golang.org/x/sys/unix"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sync"
 )
@@ -488,7 +488,7 @@ func (t *testMutex) Lock() {
 		// Wait for it to be "not locked".
 		w := NewWaiter()
 		err := t.m.WaitPrepare(w, t.d, t.a, true, testMutexLocked, ^uint32(0))
-		if err == unix.EAGAIN {
+		if linuxerr.Equals(linuxerr.EAGAIN, err) {
 			continue
 		}
 		if err != nil {
diff --git a/pkg/sentry/kernel/pipe/pipe.go b/pkg/sentry/kernel/pipe/pipe.go
index 979ea10bf..4d68a6e4a 100644
--- a/pkg/sentry/kernel/pipe/pipe.go
+++ b/pkg/sentry/kernel/pipe/pipe.go
@@ -435,7 +435,7 @@ func (p *Pipe) SetFifoSize(size int64) (int64, error) {
 		size = MinimumPipeSize // Per spec.
 	}
 	if size > MaximumPipeSize {
-		return 0, syserror.EPERM
+		return 0, linuxerr.EPERM
 	}
 	p.mu.Lock()
 	defer p.mu.Unlock()
diff --git a/pkg/sentry/kernel/ptrace.go b/pkg/sentry/kernel/ptrace.go
index 1c6100efe..cdaee5d7f 100644
--- a/pkg/sentry/kernel/ptrace.go
+++ b/pkg/sentry/kernel/ptrace.go
@@ -482,7 +482,7 @@ func (t *Task) ptraceTraceme() error {
 	t.tg.pidns.owner.mu.Lock()
 	defer t.tg.pidns.owner.mu.Unlock()
 	if t.hasTracer() {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	if t.parent == nil {
 		// In Linux, only init can not have a parent, and init is assumed never
@@ -498,7 +498,7 @@ func (t *Task) ptraceTraceme() error {
 		return nil
 	}
 	if !t.parent.canTraceLocked(t, true) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	if t.parent.exitState != TaskExitNone {
 		// Fail silently, as if we were successfully attached but then
@@ -514,21 +514,21 @@ func (t *Task) ptraceTraceme() error {
 // ptrace(PTRACE_SEIZE, target, 0, opts) if seize is true. t is the caller.
 func (t *Task) ptraceAttach(target *Task, seize bool, opts uintptr) error {
 	if t.tg == target.tg {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	t.tg.pidns.owner.mu.Lock()
 	defer t.tg.pidns.owner.mu.Unlock()
 	if !t.canTraceLocked(target, true) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	if target.hasTracer() {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	// Attaching to zombies and dead tasks is not permitted; the exit
 	// notification logic relies on this. Linux allows attaching to PF_EXITING
 	// tasks, though.
 	if target.exitState >= TaskExitZombie {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	if seize {
 		if err := target.ptraceSetOptionsLocked(opts); err != nil {
diff --git a/pkg/sentry/kernel/rseq.go b/pkg/sentry/kernel/rseq.go
index 2344565cd..47babaa7a 100644
--- a/pkg/sentry/kernel/rseq.go
+++ b/pkg/sentry/kernel/rseq.go
@@ -113,7 +113,7 @@ func (t *Task) ClearRSeq(addr hostarch.Addr, length, signature uint32) error {
 		return linuxerr.EINVAL
 	}
 	if t.rseqSignature != signature {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 
 	if err := t.rseqClearCPU(); err != nil {
diff --git a/pkg/sentry/kernel/semaphore/semaphore.go b/pkg/sentry/kernel/semaphore/semaphore.go
index 2dbc8353a..dda22cfb8 100644
--- a/pkg/sentry/kernel/semaphore/semaphore.go
+++ b/pkg/sentry/kernel/semaphore/semaphore.go
@@ -143,7 +143,7 @@ func (r *Registry) FindOrCreate(ctx context.Context, key, nsems int32, mode linu
 			// Check that caller can access semaphore set.
 			creds := auth.CredentialsFromContext(ctx)
 			if !set.checkPerms(creds, fs.PermsFromMode(mode)) {
-				return nil, syserror.EACCES
+				return nil, linuxerr.EACCES
 			}
 
 			// Validate parameters.
@@ -253,7 +253,7 @@ func (r *Registry) RemoveID(id int32, creds *auth.Credentials) error {
 	// "The effective user ID of the calling process must match the creator or
 	// owner of the semaphore set, or the caller must be privileged."
 	if !set.checkCredentials(creds) && !set.checkCapability(creds) {
-		return syserror.EACCES
+		return linuxerr.EACCES
 	}
 
 	delete(r.semaphores, set.ID)
@@ -371,7 +371,7 @@ func (s *Set) Change(ctx context.Context, creds *auth.Credentials, owner fs.File
 	// "The effective UID of the calling process must match the owner or creator
 	// of the semaphore set, or the caller must be privileged."
 	if !s.checkCredentials(creds) && !s.checkCapability(creds) {
-		return syserror.EACCES
+		return linuxerr.EACCES
 	}
 
 	s.owner = owner
@@ -396,7 +396,7 @@ func (s *Set) semStat(creds *auth.Credentials, permMask fs.PermMask) (*linux.Sem
 	defer s.mu.Unlock()
 
 	if !s.checkPerms(creds, permMask) {
-		return nil, syserror.EACCES
+		return nil, linuxerr.EACCES
 	}
 
 	return &linux.SemidDS{
@@ -426,7 +426,7 @@ func (s *Set) SetVal(ctx context.Context, num int32, val int16, creds *auth.Cred
 
 	// "The calling process must have alter permission on the semaphore set."
 	if !s.checkPerms(creds, fs.PermMask{Write: true}) {
-		return syserror.EACCES
+		return linuxerr.EACCES
 	}
 
 	sem := s.findSem(num)
@@ -462,7 +462,7 @@ func (s *Set) SetValAll(ctx context.Context, vals []uint16, creds *auth.Credenti
 
 	// "The calling process must have alter permission on the semaphore set."
 	if !s.checkPerms(creds, fs.PermMask{Write: true}) {
-		return syserror.EACCES
+		return linuxerr.EACCES
 	}
 
 	for i, val := range vals {
@@ -484,7 +484,7 @@ func (s *Set) GetVal(num int32, creds *auth.Credentials) (int16, error) {
 
 	// "The calling process must have read permission on the semaphore set."
 	if !s.checkPerms(creds, fs.PermMask{Read: true}) {
-		return 0, syserror.EACCES
+		return 0, linuxerr.EACCES
 	}
 
 	sem := s.findSem(num)
@@ -501,7 +501,7 @@ func (s *Set) GetValAll(creds *auth.Credentials) ([]uint16, error) {
 
 	// "The calling process must have read permission on the semaphore set."
 	if !s.checkPerms(creds, fs.PermMask{Read: true}) {
-		return nil, syserror.EACCES
+		return nil, linuxerr.EACCES
 	}
 
 	vals := make([]uint16, s.Size())
@@ -518,7 +518,7 @@ func (s *Set) GetPID(num int32, creds *auth.Credentials) (int32, error) {
 
 	// "The calling process must have read permission on the semaphore set."
 	if !s.checkPerms(creds, fs.PermMask{Read: true}) {
-		return 0, syserror.EACCES
+		return 0, linuxerr.EACCES
 	}
 
 	sem := s.findSem(num)
@@ -534,7 +534,7 @@ func (s *Set) countWaiters(num int32, creds *auth.Credentials, pred func(w *wait
 
 	// The calling process must have read permission on the semaphore set.
 	if !s.checkPerms(creds, fs.PermMask{Read: true}) {
-		return 0, syserror.EACCES
+		return 0, linuxerr.EACCES
 	}
 
 	sem := s.findSem(num)
@@ -590,7 +590,7 @@ func (s *Set) ExecuteOps(ctx context.Context, ops []linux.Sembuf, creds *auth.Cr
 	}
 
 	if !s.checkPerms(creds, fs.PermMask{Read: readOnly, Write: !readOnly}) {
-		return nil, 0, syserror.EACCES
+		return nil, 0, linuxerr.EACCES
 	}
 
 	ch, num, err := s.executeOps(ctx, ops, pid)
diff --git a/pkg/sentry/kernel/sessions.go b/pkg/sentry/kernel/sessions.go
index 973d708a3..c0c1f1f13 100644
--- a/pkg/sentry/kernel/sessions.go
+++ b/pkg/sentry/kernel/sessions.go
@@ -16,6 +16,7 @@ package kernel
 
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/syserror"
 )
 
@@ -277,14 +278,14 @@ func (tg *ThreadGroup) createSession() error {
 			continue
 		}
 		if s.leader == tg {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		if s.id == SessionID(id) {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		for pg := s.processGroups.Front(); pg != nil; pg = pg.Next() {
 			if pg.id == ProcessGroupID(id) {
-				return syserror.EPERM
+				return linuxerr.EPERM
 			}
 		}
 	}
@@ -380,11 +381,11 @@ func (tg *ThreadGroup) CreateProcessGroup() error {
 			continue
 		}
 		if s.leader == tg {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		for pg := s.processGroups.Front(); pg != nil; pg = pg.Next() {
 			if pg.id == ProcessGroupID(id) {
-				return syserror.EPERM
+				return linuxerr.EPERM
 			}
 		}
 	}
@@ -442,17 +443,17 @@ func (tg *ThreadGroup) JoinProcessGroup(pidns *PIDNamespace, pgid ProcessGroupID
 	// Lookup the ProcessGroup.
 	pg := pidns.processGroups[pgid]
 	if pg == nil {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 
 	// Disallow the join if an execve has performed, per POSIX.
 	if checkExec && tg.execed {
-		return syserror.EACCES
+		return linuxerr.EACCES
 	}
 
 	// See if it's in the same session as ours.
 	if pg.session != tg.processGroup.session {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 
 	// Join the group; adjust children.
diff --git a/pkg/sentry/kernel/shm/shm.go b/pkg/sentry/kernel/shm/shm.go
index 7a6e91004..9c66b90ef 100644
--- a/pkg/sentry/kernel/shm/shm.go
+++ b/pkg/sentry/kernel/shm/shm.go
@@ -170,7 +170,7 @@ func (r *Registry) FindOrCreate(ctx context.Context, pid int32, key Key, size ui
 				// memory segment, and does not have the CAP_IPC_OWNER
 				// capability in the user namespace that governs its IPC
 				// namespace." - man shmget(2)
-				return nil, syserror.EACCES
+				return nil, linuxerr.EACCES
 			}
 
 			if size > shm.size {
@@ -559,7 +559,7 @@ func (s *Shm) ConfigureAttach(ctx context.Context, addr hostarch.Addr, opts Atta
 		// "The calling process does not have the required permissions for the
 		// requested attach type, and does not have the CAP_IPC_OWNER capability
 		// in the user namespace that governs its IPC namespace." - man shmat(2)
-		return memmap.MMapOpts{}, syserror.EACCES
+		return memmap.MMapOpts{}, linuxerr.EACCES
 	}
 	return memmap.MMapOpts{
 		Length: s.size,
@@ -596,7 +596,7 @@ func (s *Shm) IPCStat(ctx context.Context) (*linux.ShmidDS, error) {
 		// read access for shmid, and the calling process does not have the
 		// CAP_IPC_OWNER capability in the user namespace that governs its IPC
 		// namespace." - man shmctl(2)
-		return nil, syserror.EACCES
+		return nil, linuxerr.EACCES
 	}
 
 	var mode uint16
@@ -646,7 +646,7 @@ func (s *Shm) Set(ctx context.Context, ds *linux.ShmidDS) error {
 	defer s.mu.Unlock()
 
 	if !s.checkOwnership(ctx) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 
 	creds := auth.CredentialsFromContext(ctx)
diff --git a/pkg/sentry/kernel/task_clone.go b/pkg/sentry/kernel/task_clone.go
index 76fb0e2cb..7e1347aa6 100644
--- a/pkg/sentry/kernel/task_clone.go
+++ b/pkg/sentry/kernel/task_clone.go
@@ -23,7 +23,6 @@ import (
 	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sentry/inet"
-	"gvisor.dev/gvisor/pkg/syserror"
 	"gvisor.dev/gvisor/pkg/usermem"
 )
 
@@ -183,7 +182,7 @@ func (t *Task) Clone(opts *CloneOptions) (ThreadID, *SyscallControl, error) {
 		// in which it resides)." - clone(2). Neither chroot(2) nor
 		// user_namespaces(7) document this.
 		if t.IsChrooted() {
-			return 0, nil, syserror.EPERM
+			return 0, nil, linuxerr.EPERM
 		}
 		userns, err = creds.NewChildUserNamespace()
 		if err != nil {
@@ -191,7 +190,7 @@ func (t *Task) Clone(opts *CloneOptions) (ThreadID, *SyscallControl, error) {
 		}
 	}
 	if (opts.NewPIDNamespace || opts.NewNetworkNamespace || opts.NewUTSNamespace) && !creds.HasCapabilityIn(linux.CAP_SYS_ADMIN, userns) {
-		return 0, nil, syserror.EPERM
+		return 0, nil, linuxerr.EPERM
 	}
 
 	utsns := t.UTSNamespace()
@@ -242,7 +241,7 @@ func (t *Task) Clone(opts *CloneOptions) (ThreadID, *SyscallControl, error) {
 	}
 	if opts.SetTLS {
 		if !image.Arch.SetTLS(uintptr(opts.TLS)) {
-			return 0, nil, syserror.EPERM
+			return 0, nil, linuxerr.EPERM
 		}
 	}
 
@@ -479,7 +478,7 @@ func (t *Task) Unshare(opts *SharingOptions) error {
 	}
 	if opts.NewUserNamespace {
 		if t.IsChrooted() {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		newUserNS, err := creds.NewChildUserNamespace()
 		if err != nil {
@@ -495,7 +494,7 @@ func (t *Task) Unshare(opts *SharingOptions) error {
 	haveCapSysAdmin := t.HasCapability(linux.CAP_SYS_ADMIN)
 	if opts.NewPIDNamespace {
 		if !haveCapSysAdmin {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		t.childPIDNamespace = t.tg.pidns.NewChild(t.UserNamespace())
 	}
@@ -504,14 +503,14 @@ func (t *Task) Unshare(opts *SharingOptions) error {
 	if opts.NewNetworkNamespace {
 		if !haveCapSysAdmin {
 			t.mu.Unlock()
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		t.netns = inet.NewNamespace(t.netns)
 	}
 	if opts.NewUTSNamespace {
 		if !haveCapSysAdmin {
 			t.mu.Unlock()
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// Note that this must happen after NewUserNamespace, so the
 		// new user namespace is used if there is one.
@@ -520,7 +519,7 @@ func (t *Task) Unshare(opts *SharingOptions) error {
 	if opts.NewIPCNamespace {
 		if !haveCapSysAdmin {
 			t.mu.Unlock()
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// Note that "If CLONE_NEWIPC is set, then create the process in a new IPC
 		// namespace"
diff --git a/pkg/sentry/kernel/task_identity.go b/pkg/sentry/kernel/task_identity.go
index 29f154ebd..a9067b682 100644
--- a/pkg/sentry/kernel/task_identity.go
+++ b/pkg/sentry/kernel/task_identity.go
@@ -19,7 +19,6 @@ import (
 	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
 	"gvisor.dev/gvisor/pkg/sentry/mm"
-	"gvisor.dev/gvisor/pkg/syserror"
 )
 
 // Credentials returns t's credentials.
@@ -71,7 +70,7 @@ func (t *Task) SetUID(uid auth.UID) error {
 	// capability) and uid does not match the real UID or saved set-user-ID of
 	// the calling process."
 	if kuid != creds.RealKUID && kuid != creds.SavedKUID {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	t.setKUIDsUncheckedLocked(creds.RealKUID, kuid, creds.SavedKUID)
 	return nil
@@ -102,12 +101,12 @@ func (t *Task) SetREUID(r, e auth.UID) error {
 		// "Unprivileged processes may only set the effective user ID to the
 		// real user ID, the effective user ID, or the saved set-user-ID."
 		if newE != creds.RealKUID && newE != creds.EffectiveKUID && newE != creds.SavedKUID {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// "Unprivileged users may only set the real user ID to the real user
 		// ID or the effective user ID."
 		if newR != creds.RealKUID && newR != creds.EffectiveKUID {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 	}
 	// "If the real user ID is set (i.e., ruid is not -1) or the effective user
@@ -240,7 +239,7 @@ func (t *Task) SetGID(gid auth.GID) error {
 		return nil
 	}
 	if kgid != creds.RealKGID && kgid != creds.SavedKGID {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	t.setKGIDsUncheckedLocked(creds.RealKGID, kgid, creds.SavedKGID)
 	return nil
@@ -268,10 +267,10 @@ func (t *Task) SetREGID(r, e auth.GID) error {
 	}
 	if !creds.HasCapability(linux.CAP_SETGID) {
 		if newE != creds.RealKGID && newE != creds.EffectiveKGID && newE != creds.SavedKGID {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		if newR != creds.RealKGID && newR != creds.EffectiveKGID {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 	}
 	newS := creds.SavedKGID
@@ -344,7 +343,7 @@ func (t *Task) SetExtraGIDs(gids []auth.GID) error {
 	defer t.mu.Unlock()
 	creds := t.Credentials()
 	if !creds.HasCapability(linux.CAP_SETGID) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	kgids := make([]auth.KGID, len(gids))
 	for i, gid := range gids {
@@ -368,25 +367,25 @@ func (t *Task) SetCapabilitySets(permitted, inheritable, effective auth.Capabili
 	// "Permitted: This is a limiting superset for the effective capabilities
 	// that the thread may assume." - capabilities(7)
 	if effective & ^permitted != 0 {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	creds := t.Credentials()
 	// "It is also a limiting superset for the capabilities that may be added
 	// to the inheritable set by a thread that does not have the CAP_SETPCAP
 	// capability in its effective set."
 	if !creds.HasCapability(linux.CAP_SETPCAP) && (inheritable & ^(creds.InheritableCaps|creds.PermittedCaps) != 0) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	// "If a thread drops a capability from its permitted set, it can never
 	// reacquire that capability (unless it execve(2)s ..."
 	if permitted & ^creds.PermittedCaps != 0 {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	// "... if a capability is not in the bounding set, then a thread can't add
 	// this capability to its inheritable set, even if it was in its permitted
 	// capabilities ..."
 	if inheritable & ^(creds.InheritableCaps|creds.BoundingCaps) != 0 {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	creds = creds.Fork() // The credentials object is immutable. See doc for creds.
 	creds.PermittedCaps = permitted
@@ -403,7 +402,7 @@ func (t *Task) DropBoundingCapability(cp linux.Capability) error {
 	defer t.mu.Unlock()
 	creds := t.Credentials()
 	if !creds.HasCapability(linux.CAP_SETPCAP) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 	creds = creds.Fork() // The credentials object is immutable. See doc for creds.
 	creds.BoundingCaps &^= auth.CapabilitySetOf(cp)
@@ -423,7 +422,7 @@ func (t *Task) SetUserNamespace(ns *auth.UserNamespace) error {
 	// If t just created ns, then t.creds is guaranteed to have CAP_SYS_ADMIN
 	// in ns (by rule 3 in auth.Credentials.HasCapability).
 	if !creds.HasCapabilityIn(linux.CAP_SYS_ADMIN, ns) {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 
 	creds = creds.Fork() // The credentials object is immutable. See doc for creds.
diff --git a/pkg/sentry/kernel/thread_group.go b/pkg/sentry/kernel/thread_group.go
index 8ae00c649..3ce11f542 100644
--- a/pkg/sentry/kernel/thread_group.go
+++ b/pkg/sentry/kernel/thread_group.go
@@ -372,7 +372,7 @@ func (tg *ThreadGroup) SetControllingTTY(tty *TTY, steal bool, isReadable bool)
 	if tty.tg != nil && tg.processGroup.session != tty.tg.processGroup.session {
 		// Stealing requires CAP_SYS_ADMIN in the root user namespace.
 		if !hasAdmin || !steal {
-			return syserror.EPERM
+			return linuxerr.EPERM
 		}
 		// Steal the TTY away. Unlike TIOCNOTTY, don't send signals.
 		for othertg := range tg.pidns.owner.Root.tgids {
@@ -392,7 +392,7 @@ func (tg *ThreadGroup) SetControllingTTY(tty *TTY, steal bool, isReadable bool)
 	}
 
 	if !isReadable && !hasAdmin {
-		return syserror.EPERM
+		return linuxerr.EPERM
 	}
 
 	// Set the controlling terminal and foreground process group.
@@ -514,7 +514,7 @@ func (tg *ThreadGroup) SetForegroundProcessGroup(tty *TTY, pgid ProcessGroupID)
 
 	// pg must be part of this process's session.
 	if tg.processGroup.session != pg.session {
-		return -1, syserror.EPERM
+		return -1, linuxerr.EPERM
 	}
 
 	tg.processGroup.session.foreground.id = pgid
author	Zach Koopmans <zkoopmans@google.com>	2021-06-30 08:15:44 -0700
committer	gVisor bot <gvisor-bot@google.com>	2021-06-30 08:18:59 -0700
commit	6ef268409620c57197b9d573e23be8cb05dbf381 (patch)
tree	6dddb49b605335939b7ef7b23c50a3eadee5e912 /pkg/sentry/kernel
parent	66a79461a23e5e98c53a809eda442393cd6925b3 (diff)