Merge release-20210628.0-8-g54b71221c (automated)

author: gVisor bot <gvisor-bot@google.com> 2021-06-29 22:13:25 +0000
committer: gVisor bot <gvisor-bot@google.com> 2021-06-29 22:13:25 +0000
commit: a81deffb4e19f1edb78b618a97df4bd129e312c8 (patch)
tree: 43699ff370db20b5fa2f55f988d63f61244a4436 /pkg/sentry/kernel
parent: 42b672d53fb6fd9fe71c0efc373843d79713afca (diff)
parent: 54b71221c0b7a9159f369263ea6189bdba4eac3a (diff)
24 files changed, 114 insertions, 93 deletions
diff --git a/pkg/sentry/kernel/auth/credentials.go b/pkg/sentry/kernel/auth/credentials.go
index 3325fedcb..32c344399 100644
--- a/pkg/sentry/kernel/auth/credentials.go
+++ b/pkg/sentry/kernel/auth/credentials.go
@@ -16,6 +16,7 @@ package auth
 
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/syserror"
 )
 
@@ -203,7 +204,7 @@ func (c *Credentials) UseUID(uid UID) (KUID, error) {
 	// uid must be mapped.
 	kuid := c.UserNamespace.MapToKUID(uid)
 	if !kuid.Ok() {
-		return NoID, syserror.EINVAL
+		return NoID, linuxerr.EINVAL
 	}
 	// If c has CAP_SETUID, then it can use any UID in its user namespace.
 	if c.HasCapability(linux.CAP_SETUID) {
@@ -222,7 +223,7 @@ func (c *Credentials) UseUID(uid UID) (KUID, error) {
 func (c *Credentials) UseGID(gid GID) (KGID, error) {
 	kgid := c.UserNamespace.MapToKGID(gid)
 	if !kgid.Ok() {
-		return NoID, syserror.EINVAL
+		return NoID, linuxerr.EINVAL
 	}
 	if c.HasCapability(linux.CAP_SETGID) {
 		return kgid, nil
@@ -239,7 +240,7 @@ func (c *Credentials) UseGID(gid GID) (KGID, error) {
 func (c *Credentials) SetUID(uid UID) error {
 	kuid := c.UserNamespace.MapToKUID(uid)
 	if !kuid.Ok() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	c.RealKUID = kuid
 	c.EffectiveKUID = kuid
@@ -253,7 +254,7 @@ func (c *Credentials) SetUID(uid UID) error {
 func (c *Credentials) SetGID(gid GID) error {
 	kgid := c.UserNamespace.MapToKGID(gid)
 	if !kgid.Ok() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	c.RealKGID = kgid
 	c.EffectiveKGID = kgid
diff --git a/pkg/sentry/kernel/auth/id_map.go b/pkg/sentry/kernel/auth/id_map.go
index 28cbe159d..955b6d40b 100644
--- a/pkg/sentry/kernel/auth/id_map.go
+++ b/pkg/sentry/kernel/auth/id_map.go
@@ -17,6 +17,7 @@ package auth
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/syserror"
 )
 
@@ -110,7 +111,7 @@ func (ns *UserNamespace) SetUIDMap(ctx context.Context, entries []IDMapEntry) er
 	}
 	// "At least one line must be written to the file."
 	if len(entries) == 0 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	// """
 	// In order for a process to write to the /proc/[pid]/uid_map
@@ -170,11 +171,11 @@ func (ns *UserNamespace) trySetUIDMap(entries []IDMapEntry) error {
 		// checks for NoID.
 		lastID := e.FirstID + e.Length
 		if lastID <= e.FirstID {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		lastParentID := e.FirstParentID + e.Length
 		if lastParentID <= e.FirstParentID {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		// "3. The mapped user IDs (group IDs) must in turn have a mapping in
 		// the parent user namespace."
@@ -186,10 +187,10 @@ func (ns *UserNamespace) trySetUIDMap(entries []IDMapEntry) error {
 		}
 		// If either of these Adds fail, we have an overlapping range.
 		if !ns.uidMapFromParent.Add(idMapRange{e.FirstParentID, lastParentID}, e.FirstID) {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		if !ns.uidMapToParent.Add(idMapRange{e.FirstID, lastID}, e.FirstParentID) {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 	}
 	return nil
@@ -205,7 +206,7 @@ func (ns *UserNamespace) SetGIDMap(ctx context.Context, entries []IDMapEntry) er
 		return syserror.EPERM
 	}
 	if len(entries) == 0 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if !c.HasCapabilityIn(linux.CAP_SETGID, ns) {
 		return syserror.EPERM
@@ -239,20 +240,20 @@ func (ns *UserNamespace) trySetGIDMap(entries []IDMapEntry) error {
 	for _, e := range entries {
 		lastID := e.FirstID + e.Length
 		if lastID <= e.FirstID {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		lastParentID := e.FirstParentID + e.Length
 		if lastParentID <= e.FirstParentID {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		if !ns.parent.allIDsMapped(&ns.parent.gidMapToParent, e.FirstParentID, lastParentID) {
 			return syserror.EPERM
 		}
 		if !ns.gidMapFromParent.Add(idMapRange{e.FirstParentID, lastParentID}, e.FirstID) {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		if !ns.gidMapToParent.Add(idMapRange{e.FirstID, lastID}, e.FirstParentID) {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 	}
 	return nil
diff --git a/pkg/sentry/kernel/fasync/fasync.go b/pkg/sentry/kernel/fasync/fasync.go
index 5d584dc45..473987a79 100644
--- a/pkg/sentry/kernel/fasync/fasync.go
+++ b/pkg/sentry/kernel/fasync/fasync.go
@@ -17,12 +17,12 @@ package fasync
 
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
 	"gvisor.dev/gvisor/pkg/sentry/kernel"
 	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
 	"gvisor.dev/gvisor/pkg/sentry/vfs"
 	"gvisor.dev/gvisor/pkg/sync"
-	"gvisor.dev/gvisor/pkg/syserror"
 	"gvisor.dev/gvisor/pkg/waiter"
 )
 
@@ -248,7 +248,7 @@ func (a *FileAsync) Signal() linux.Signal {
 // to send SIGIO.
 func (a *FileAsync) SetSignal(signal linux.Signal) error {
 	if signal != 0 && !signal.IsValid() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	a.mu.Lock()
 	defer a.mu.Unlock()
diff --git a/pkg/sentry/kernel/futex/futex.go b/pkg/sentry/kernel/futex/futex.go
index 0427cf3f4..5c64ce11e 100644
--- a/pkg/sentry/kernel/futex/futex.go
+++ b/pkg/sentry/kernel/futex/futex.go
@@ -20,6 +20,7 @@ package futex
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sentry/memmap"
 	"gvisor.dev/gvisor/pkg/sync"
@@ -332,7 +333,7 @@ func getKey(t Target, addr hostarch.Addr, private bool) (Key, error) {
 	// Ensure the address is aligned.
 	// It must be a DWORD boundary.
 	if addr&0x3 != 0 {
-		return Key{}, syserror.EINVAL
+		return Key{}, linuxerr.EINVAL
 	}
 	if private {
 		return Key{Kind: KindPrivate, Offset: uint64(addr)}, nil
@@ -790,7 +791,7 @@ func (m *Manager) unlockPILocked(t Target, addr hostarch.Addr, tid uint32, b *bu
 		return err
 	}
 	if prev != cur {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	b.wakeWaiterLocked(next)
diff --git a/pkg/sentry/kernel/kcov.go b/pkg/sentry/kernel/kcov.go
index 4b943106b..941cc373f 100644
--- a/pkg/sentry/kernel/kcov.go
+++ b/pkg/sentry/kernel/kcov.go
@@ -22,6 +22,7 @@ import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
 	"gvisor.dev/gvisor/pkg/coverage"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/safemem"
 	"gvisor.dev/gvisor/pkg/sentry/memmap"
@@ -131,13 +132,13 @@ func (kcov *Kcov) InitTrace(size uint64) error {
 	// To simplify all the logic around mapping, we require that the length of the
 	// shared region is a multiple of the system page size.
 	if (8*size)&(hostarch.PageSize-1) != 0 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	// We need space for at least two uint64s to hold current position and a
 	// single PC.
 	if size < 2 || size > kcovAreaSizeMax {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	kcov.size = size
@@ -157,7 +158,7 @@ func (kcov *Kcov) EnableTrace(ctx context.Context, traceKind uint8) error {
 
 	// KCOV_ENABLE must be preceded by KCOV_INIT_TRACE and an mmap call.
 	if kcov.mode != linux.KCOV_MODE_INIT || kcov.mappable == nil {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	switch traceKind {
@@ -167,7 +168,7 @@ func (kcov *Kcov) EnableTrace(ctx context.Context, traceKind uint8) error {
 		// We do not support KCOV_MODE_TRACE_CMP.
 		return syserror.ENOTSUP
 	default:
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	if kcov.owningTask != nil && kcov.owningTask != t {
@@ -195,7 +196,7 @@ func (kcov *Kcov) DisableTrace(ctx context.Context) error {
 	}
 
 	if t != kcov.owningTask {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	kcov.mode = linux.KCOV_MODE_INIT
 	kcov.owningTask = nil
@@ -237,7 +238,7 @@ func (kcov *Kcov) ConfigureMMap(ctx context.Context, opts *memmap.MMapOpts) erro
 	defer kcov.mu.Unlock()
 
 	if kcov.mode != linux.KCOV_MODE_INIT {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	if kcov.mappable == nil {
diff --git a/pkg/sentry/kernel/pipe/node.go b/pkg/sentry/kernel/pipe/node.go
index 6497dc4ba..2321d26dc 100644
--- a/pkg/sentry/kernel/pipe/node.go
+++ b/pkg/sentry/kernel/pipe/node.go
@@ -17,6 +17,7 @@ package pipe
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
 	"gvisor.dev/gvisor/pkg/sentry/fs/fsutil"
 	"gvisor.dev/gvisor/pkg/sync"
@@ -130,7 +131,7 @@ func (i *inodeOperations) GetFile(ctx context.Context, d *fs.Dirent, flags fs.Fi
 		return rw, nil
 
 	default:
-		return nil, syserror.EINVAL
+		return nil, linuxerr.EINVAL
 	}
 }
 
diff --git a/pkg/sentry/kernel/pipe/pipe.go b/pkg/sentry/kernel/pipe/pipe.go
index 06769931a..979ea10bf 100644
--- a/pkg/sentry/kernel/pipe/pipe.go
+++ b/pkg/sentry/kernel/pipe/pipe.go
@@ -22,6 +22,7 @@ import (
 
 	"golang.org/x/sys/unix"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/safemem"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
@@ -428,7 +429,7 @@ func (p *Pipe) FifoSize(context.Context, *fs.File) (int64, error) {
 // SetFifoSize implements fs.FifoSizer.SetFifoSize.
 func (p *Pipe) SetFifoSize(size int64) (int64, error) {
 	if size < 0 {
-		return 0, syserror.EINVAL
+		return 0, linuxerr.EINVAL
 	}
 	if size < MinimumPipeSize {
 		size = MinimumPipeSize // Per spec.
diff --git a/pkg/sentry/kernel/pipe/vfs.go b/pkg/sentry/kernel/pipe/vfs.go
index 95b948edb..623375417 100644
--- a/pkg/sentry/kernel/pipe/vfs.go
+++ b/pkg/sentry/kernel/pipe/vfs.go
@@ -17,6 +17,7 @@ package pipe
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/safemem"
 	"gvisor.dev/gvisor/pkg/sentry/arch"
@@ -90,7 +91,7 @@ func (vp *VFSPipe) Open(ctx context.Context, mnt *vfs.Mount, vfsd *vfs.Dentry, s
 	readable := vfs.MayReadFileWithOpenFlags(statusFlags)
 	writable := vfs.MayWriteFileWithOpenFlags(statusFlags)
 	if !readable && !writable {
-		return nil, syserror.EINVAL
+		return nil, linuxerr.EINVAL
 	}
 
 	fd, err := vp.newFD(mnt, vfsd, statusFlags, locks)
@@ -415,7 +416,7 @@ func Tee(ctx context.Context, dst, src *VFSPipeFD, count int64) (int64, error) {
 // Preconditions: count > 0.
 func spliceOrTee(ctx context.Context, dst, src *VFSPipeFD, count int64, removeFromSrc bool) (int64, error) {
 	if dst.pipe == src.pipe {
-		return 0, syserror.EINVAL
+		return 0, linuxerr.EINVAL
 	}
 
 	lockTwoPipes(dst.pipe, src.pipe)
diff --git a/pkg/sentry/kernel/posixtimer.go b/pkg/sentry/kernel/posixtimer.go
index d801a3d83..049cc07df 100644
--- a/pkg/sentry/kernel/posixtimer.go
+++ b/pkg/sentry/kernel/posixtimer.go
@@ -18,6 +18,7 @@ import (
 	"math"
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	ktime "gvisor.dev/gvisor/pkg/sentry/kernel/time"
 	"gvisor.dev/gvisor/pkg/syserror"
 )
@@ -214,16 +215,16 @@ func (t *Task) IntervalTimerCreate(c ktime.Clock, sigev *linux.Sigevent) (linux.
 		target, ok := t.tg.pidns.tasks[ThreadID(sigev.Tid)]
 		t.tg.pidns.owner.mu.RUnlock()
 		if !ok || target.tg != t.tg {
-			return 0, syserror.EINVAL
+			return 0, linuxerr.EINVAL
 		}
 		it.target = target
 	default:
-		return 0, syserror.EINVAL
+		return 0, linuxerr.EINVAL
 	}
 	if sigev.Notify != linux.SIGEV_NONE {
 		it.signo = linux.Signal(sigev.Signo)
 		if !it.signo.IsValid() {
-			return 0, syserror.EINVAL
+			return 0, linuxerr.EINVAL
 		}
 	}
 	it.timer = ktime.NewTimer(c, it)
@@ -238,7 +239,7 @@ func (t *Task) IntervalTimerDelete(id linux.TimerID) error {
 	defer t.tg.timerMu.Unlock()
 	it := t.tg.timers[id]
 	if it == nil {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	delete(t.tg.timers, id)
 	it.DestroyTimer()
@@ -251,7 +252,7 @@ func (t *Task) IntervalTimerSettime(id linux.TimerID, its linux.Itimerspec, abs
 	defer t.tg.timerMu.Unlock()
 	it := t.tg.timers[id]
 	if it == nil {
-		return linux.Itimerspec{}, syserror.EINVAL
+		return linux.Itimerspec{}, linuxerr.EINVAL
 	}
 
 	newS, err := ktime.SettingFromItimerspec(its, abs, it.timer.Clock())
@@ -269,7 +270,7 @@ func (t *Task) IntervalTimerGettime(id linux.TimerID) (linux.Itimerspec, error)
 	defer t.tg.timerMu.Unlock()
 	it := t.tg.timers[id]
 	if it == nil {
-		return linux.Itimerspec{}, syserror.EINVAL
+		return linux.Itimerspec{}, linuxerr.EINVAL
 	}
 
 	tm, s := it.timer.Get()
@@ -285,7 +286,7 @@ func (t *Task) IntervalTimerGetoverrun(id linux.TimerID) (int32, error) {
 	defer t.tg.timerMu.Unlock()
 	it := t.tg.timers[id]
 	if it == nil {
-		return 0, syserror.EINVAL
+		return 0, linuxerr.EINVAL
 	}
 	// By timer_create(2) invariant, either it.target == nil (in which case
 	// it.overrunLast is immutably 0) or t.tg == it.target.tg; and the fact
diff --git a/pkg/sentry/kernel/ptrace.go b/pkg/sentry/kernel/ptrace.go
index 20563f02a..1c6100efe 100644
--- a/pkg/sentry/kernel/ptrace.go
+++ b/pkg/sentry/kernel/ptrace.go
@@ -19,6 +19,7 @@ import (
 	"sync/atomic"
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/marshal/primitive"
 	"gvisor.dev/gvisor/pkg/sentry/mm"
@@ -994,7 +995,7 @@ func (t *Task) ptraceSetOptionsLocked(opts uintptr) error {
 		linux.PTRACE_O_TRACEVFORK |
 		linux.PTRACE_O_TRACEVFORKDONE)
 	if opts&^valid != 0 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	t.ptraceOpts = ptraceOptions{
 		ExitKill:       opts&linux.PTRACE_O_EXITKILL != 0,
@@ -1221,7 +1222,7 @@ func (t *Task) Ptrace(req int64, pid ThreadID, addr, data hostarch.Addr) error {
 		t.tg.pidns.owner.mu.RLock()
 		defer t.tg.pidns.owner.mu.RUnlock()
 		if target.ptraceSiginfo == nil {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		_, err := target.ptraceSiginfo.CopyOut(t, data)
 		return err
@@ -1234,14 +1235,14 @@ func (t *Task) Ptrace(req int64, pid ThreadID, addr, data hostarch.Addr) error {
 		t.tg.pidns.owner.mu.RLock()
 		defer t.tg.pidns.owner.mu.RUnlock()
 		if target.ptraceSiginfo == nil {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		target.ptraceSiginfo = &info
 		return nil
 
 	case linux.PTRACE_GETSIGMASK:
 		if addr != linux.SignalSetSize {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		mask := target.SignalMask()
 		_, err := mask.CopyOut(t, data)
@@ -1249,7 +1250,7 @@ func (t *Task) Ptrace(req int64, pid ThreadID, addr, data hostarch.Addr) error {
 
 	case linux.PTRACE_SETSIGMASK:
 		if addr != linux.SignalSetSize {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		var mask linux.SignalSet
 		if _, err := mask.CopyIn(t, data); err != nil {
diff --git a/pkg/sentry/kernel/rseq.go b/pkg/sentry/kernel/rseq.go
index 4bc5bca44..2344565cd 100644
--- a/pkg/sentry/kernel/rseq.go
+++ b/pkg/sentry/kernel/rseq.go
@@ -18,6 +18,7 @@ import (
 	"fmt"
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sentry/hostcpu"
 	"gvisor.dev/gvisor/pkg/syserror"
@@ -59,20 +60,20 @@ func (t *Task) RSeqAvailable() bool {
 func (t *Task) SetRSeq(addr hostarch.Addr, length, signature uint32) error {
 	if t.rseqAddr != 0 {
 		if t.rseqAddr != addr {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		if t.rseqSignature != signature {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		return syserror.EBUSY
 	}
 
 	// rseq must be aligned and correctly sized.
 	if addr&(linux.AlignOfRSeq-1) != 0 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if length != linux.SizeOfRSeq {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if _, ok := t.MemoryManager().CheckIORange(addr, linux.SizeOfRSeq); !ok {
 		return syserror.EFAULT
@@ -103,13 +104,13 @@ func (t *Task) SetRSeq(addr hostarch.Addr, length, signature uint32) error {
 // Preconditions: The caller must be running on the task goroutine.
 func (t *Task) ClearRSeq(addr hostarch.Addr, length, signature uint32) error {
 	if t.rseqAddr == 0 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if t.rseqAddr != addr {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if length != linux.SizeOfRSeq {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if t.rseqSignature != signature {
 		return syserror.EPERM
@@ -152,10 +153,10 @@ func (t *Task) SetOldRSeqCriticalRegion(r OldRSeqCriticalRegion) error {
 		return nil
 	}
 	if r.CriticalSection.Start >= r.CriticalSection.End {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if r.CriticalSection.Contains(r.Restart) {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	// TODO(jamieliu): check that r.CriticalSection and r.Restart are in
 	// the application address range, for consistency with Linux.
@@ -187,7 +188,7 @@ func (t *Task) SetOldRSeqCPUAddr(addr hostarch.Addr) error {
 	// unfortunate, but unlikely in a correct program.
 	if err := t.rseqUpdateCPU(); err != nil {
 		t.oldRSeqCPUAddr = 0
-		return syserror.EINVAL // yes, EINVAL, not err or EFAULT
+		return linuxerr.EINVAL // yes, EINVAL, not err or EFAULT
 	}
 	return nil
 }
diff --git a/pkg/sentry/kernel/semaphore/semaphore.go b/pkg/sentry/kernel/semaphore/semaphore.go
index 47bb66b42..2dbc8353a 100644
--- a/pkg/sentry/kernel/semaphore/semaphore.go
+++ b/pkg/sentry/kernel/semaphore/semaphore.go
@@ -20,6 +20,7 @@ import (
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
 	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
@@ -127,7 +128,7 @@ func NewRegistry(userNS *auth.UserNamespace) *Registry {
 // exists.
 func (r *Registry) FindOrCreate(ctx context.Context, key, nsems int32, mode linux.FileMode, private, create, exclusive bool) (*Set, error) {
 	if nsems < 0 || nsems > semsMax {
-		return nil, syserror.EINVAL
+		return nil, linuxerr.EINVAL
 	}
 
 	r.mu.Lock()
@@ -147,7 +148,7 @@ func (r *Registry) FindOrCreate(ctx context.Context, key, nsems int32, mode linu
 
 			// Validate parameters.
 			if nsems > int32(set.Size()) {
-				return nil, syserror.EINVAL
+				return nil, linuxerr.EINVAL
 			}
 			if create && exclusive {
 				return nil, syserror.EEXIST
@@ -163,7 +164,7 @@ func (r *Registry) FindOrCreate(ctx context.Context, key, nsems int32, mode linu
 
 	// Zero is only valid if an existing set is found.
 	if nsems == 0 {
-		return nil, syserror.EINVAL
+		return nil, linuxerr.EINVAL
 	}
 
 	// Apply system limits.
@@ -238,7 +239,7 @@ func (r *Registry) RemoveID(id int32, creds *auth.Credentials) error {
 
 	set := r.semaphores[id]
 	if set == nil {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	index, found := r.findIndexByID(id)
 	if !found {
diff --git a/pkg/sentry/kernel/shm/shm.go b/pkg/sentry/kernel/shm/shm.go
index a73f1bdca..7a6e91004 100644
--- a/pkg/sentry/kernel/shm/shm.go
+++ b/pkg/sentry/kernel/shm/shm.go
@@ -38,6 +38,7 @@ import (
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
@@ -145,7 +146,7 @@ func (r *Registry) FindOrCreate(ctx context.Context, pid int32, key Key, size ui
 		//
 		// Note that 'private' always implies the creation of a new segment
 		// whether IPC_CREAT is specified or not.
-		return nil, syserror.EINVAL
+		return nil, linuxerr.EINVAL
 	}
 
 	r.mu.Lock()
@@ -175,7 +176,7 @@ func (r *Registry) FindOrCreate(ctx context.Context, pid int32, key Key, size ui
 			if size > shm.size {
 				// "A segment for the given key exists, but size is greater than
 				// the size of that segment." - man shmget(2)
-				return nil, syserror.EINVAL
+				return nil, linuxerr.EINVAL
 			}
 
 			if create && exclusive {
@@ -200,7 +201,7 @@ func (r *Registry) FindOrCreate(ctx context.Context, pid int32, key Key, size ui
 	if val, ok := hostarch.Addr(size).RoundUp(); ok {
 		sizeAligned = uint64(val)
 	} else {
-		return nil, syserror.EINVAL
+		return nil, linuxerr.EINVAL
 	}
 
 	if numPages := sizeAligned / hostarch.PageSize; r.totalPages+numPages > linux.SHMALL {
@@ -652,7 +653,7 @@ func (s *Shm) Set(ctx context.Context, ds *linux.ShmidDS) error {
 	uid := creds.UserNamespace.MapToKUID(auth.UID(ds.ShmPerm.UID))
 	gid := creds.UserNamespace.MapToKGID(auth.GID(ds.ShmPerm.GID))
 	if !uid.Ok() || !gid.Ok() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	// User may only modify the lower 9 bits of the mode. All the other bits are
diff --git a/pkg/sentry/kernel/signalfd/signalfd.go b/pkg/sentry/kernel/signalfd/signalfd.go
index f58ec4194..47958e2d4 100644
--- a/pkg/sentry/kernel/signalfd/signalfd.go
+++ b/pkg/sentry/kernel/signalfd/signalfd.go
@@ -18,6 +18,7 @@ package signalfd
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
 	"gvisor.dev/gvisor/pkg/sentry/fs/anon"
 	"gvisor.dev/gvisor/pkg/sentry/fs/fsutil"
@@ -64,7 +65,7 @@ func New(ctx context.Context, mask linux.SignalSet) (*fs.File, error) {
 	t := kernel.TaskFromContext(ctx)
 	if t == nil {
 		// No task context? Not valid.
-		return nil, syserror.EINVAL
+		return nil, linuxerr.EINVAL
 	}
 	// name matches fs/signalfd.c:signalfd4.
 	dirent := fs.NewDirent(ctx, anon.NewInode(ctx), "anon_inode:[signalfd]")
diff --git a/pkg/sentry/kernel/task.go b/pkg/sentry/kernel/task.go
index 2e3b4488a..d211e4d82 100644
--- a/pkg/sentry/kernel/task.go
+++ b/pkg/sentry/kernel/task.go
@@ -21,6 +21,7 @@ import (
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/bpf"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
 	"gvisor.dev/gvisor/pkg/sentry/inet"
@@ -32,7 +33,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/usage"
 	"gvisor.dev/gvisor/pkg/sentry/vfs"
 	"gvisor.dev/gvisor/pkg/sync"
-	"gvisor.dev/gvisor/pkg/syserror"
 	"gvisor.dev/gvisor/pkg/waiter"
 )
 
@@ -846,7 +846,7 @@ func (t *Task) OOMScoreAdj() int32 {
 // value should be between -1000 and 1000 inclusive.
 func (t *Task) SetOOMScoreAdj(adj int32) error {
 	if adj > 1000 || adj < -1000 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	atomic.StoreInt32(&t.tg.oomScoreAdj, adj)
 	return nil
diff --git a/pkg/sentry/kernel/task_acct.go b/pkg/sentry/kernel/task_acct.go
index e574997f7..dd364ae50 100644
--- a/pkg/sentry/kernel/task_acct.go
+++ b/pkg/sentry/kernel/task_acct.go
@@ -18,10 +18,10 @@ package kernel
 
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	ktime "gvisor.dev/gvisor/pkg/sentry/kernel/time"
 	"gvisor.dev/gvisor/pkg/sentry/limits"
 	"gvisor.dev/gvisor/pkg/sentry/usage"
-	"gvisor.dev/gvisor/pkg/syserror"
 )
 
 // Getitimer implements getitimer(2).
@@ -44,7 +44,7 @@ func (t *Task) Getitimer(id int32) (linux.ItimerVal, error) {
 		s, _ = t.tg.itimerProfSetting.At(tm)
 		t.tg.signalHandlers.mu.Unlock()
 	default:
-		return linux.ItimerVal{}, syserror.EINVAL
+		return linux.ItimerVal{}, linuxerr.EINVAL
 	}
 	val, iv := ktime.SpecFromSetting(tm, s)
 	return linux.ItimerVal{
@@ -105,7 +105,7 @@ func (t *Task) Setitimer(id int32, newitv linux.ItimerVal) (linux.ItimerVal, err
 			return linux.ItimerVal{}, err
 		}
 	default:
-		return linux.ItimerVal{}, syserror.EINVAL
+		return linux.ItimerVal{}, linuxerr.EINVAL
 	}
 	oldval, oldiv := ktime.SpecFromSetting(tm, olds)
 	return linux.ItimerVal{
diff --git a/pkg/sentry/kernel/task_clone.go b/pkg/sentry/kernel/task_clone.go
index 405771f3f..76fb0e2cb 100644
--- a/pkg/sentry/kernel/task_clone.go
+++ b/pkg/sentry/kernel/task_clone.go
@@ -20,6 +20,7 @@ import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/bpf"
 	"gvisor.dev/gvisor/pkg/cleanup"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sentry/inet"
 	"gvisor.dev/gvisor/pkg/syserror"
@@ -142,25 +143,25 @@ func (t *Task) Clone(opts *CloneOptions) (ThreadID, *SyscallControl, error) {
 	// address, any set of signal handlers must refer to the same address
 	// space.
 	if !opts.NewSignalHandlers && opts.NewAddressSpace {
-		return 0, nil, syserror.EINVAL
+		return 0, nil, linuxerr.EINVAL
 	}
 	// In order for the behavior of thread-group-directed signals to be sane,
 	// all tasks in a thread group must share signal handlers.
 	if !opts.NewThreadGroup && opts.NewSignalHandlers {
-		return 0, nil, syserror.EINVAL
+		return 0, nil, linuxerr.EINVAL
 	}
 	// All tasks in a thread group must be in the same PID namespace.
 	if !opts.NewThreadGroup && (opts.NewPIDNamespace || t.childPIDNamespace != nil) {
-		return 0, nil, syserror.EINVAL
+		return 0, nil, linuxerr.EINVAL
 	}
 	// The two different ways of specifying a new PID namespace are
 	// incompatible.
 	if opts.NewPIDNamespace && t.childPIDNamespace != nil {
-		return 0, nil, syserror.EINVAL
+		return 0, nil, linuxerr.EINVAL
 	}
 	// Thread groups and FS contexts cannot span user namespaces.
 	if opts.NewUserNamespace && (!opts.NewThreadGroup || !opts.NewFSContext) {
-		return 0, nil, syserror.EINVAL
+		return 0, nil, linuxerr.EINVAL
 	}
 
 	// Pull task registers and FPU state, a cloned task will inherit the
@@ -463,14 +464,14 @@ func (t *Task) Unshare(opts *SharingOptions) error {
 	// sense that clone(2) allows a task to share signal handlers and address
 	// spaces with tasks in other thread groups.
 	if opts.NewAddressSpace || opts.NewSignalHandlers {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	creds := t.Credentials()
 	if opts.NewThreadGroup {
 		t.tg.signalHandlers.mu.Lock()
 		if t.tg.tasksCount != 1 {
 			t.tg.signalHandlers.mu.Unlock()
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		t.tg.signalHandlers.mu.Unlock()
 		// This isn't racy because we're the only living task, and therefore
diff --git a/pkg/sentry/kernel/task_identity.go b/pkg/sentry/kernel/task_identity.go
index 0325967e4..29f154ebd 100644
--- a/pkg/sentry/kernel/task_identity.go
+++ b/pkg/sentry/kernel/task_identity.go
@@ -16,6 +16,7 @@ package kernel
 
 import (
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
 	"gvisor.dev/gvisor/pkg/sentry/mm"
 	"gvisor.dev/gvisor/pkg/syserror"
@@ -47,7 +48,7 @@ func (t *Task) HasCapability(cp linux.Capability) bool {
 func (t *Task) SetUID(uid auth.UID) error {
 	// setuid considers -1 to be invalid.
 	if !uid.Ok() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	t.mu.Lock()
@@ -56,7 +57,7 @@ func (t *Task) SetUID(uid auth.UID) error {
 	creds := t.Credentials()
 	kuid := creds.UserNamespace.MapToKUID(uid)
 	if !kuid.Ok() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	// "setuid() sets the effective user ID of the calling process. If the
 	// effective UID of the caller is root (more precisely: if the caller has
@@ -87,14 +88,14 @@ func (t *Task) SetREUID(r, e auth.UID) error {
 	if r.Ok() {
 		newR = creds.UserNamespace.MapToKUID(r)
 		if !newR.Ok() {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 	}
 	newE := creds.EffectiveKUID
 	if e.Ok() {
 		newE = creds.UserNamespace.MapToKUID(e)
 		if !newE.Ok() {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 	}
 	if !creds.HasCapability(linux.CAP_SETUID) {
@@ -223,7 +224,7 @@ func (t *Task) setKUIDsUncheckedLocked(newR, newE, newS auth.KUID) {
 // SetGID implements the semantics of setgid(2).
 func (t *Task) SetGID(gid auth.GID) error {
 	if !gid.Ok() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	t.mu.Lock()
@@ -232,7 +233,7 @@ func (t *Task) SetGID(gid auth.GID) error {
 	creds := t.Credentials()
 	kgid := creds.UserNamespace.MapToKGID(gid)
 	if !kgid.Ok() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 	if creds.HasCapability(linux.CAP_SETGID) {
 		t.setKGIDsUncheckedLocked(kgid, kgid, kgid)
@@ -255,14 +256,14 @@ func (t *Task) SetREGID(r, e auth.GID) error {
 	if r.Ok() {
 		newR = creds.UserNamespace.MapToKGID(r)
 		if !newR.Ok() {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 	}
 	newE := creds.EffectiveKGID
 	if e.Ok() {
 		newE = creds.UserNamespace.MapToKGID(e)
 		if !newE.Ok() {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 	}
 	if !creds.HasCapability(linux.CAP_SETGID) {
@@ -349,7 +350,7 @@ func (t *Task) SetExtraGIDs(gids []auth.GID) error {
 	for i, gid := range gids {
 		kgid := creds.UserNamespace.MapToKGID(gid)
 		if !kgid.Ok() {
-			return syserror.EINVAL
+			return linuxerr.EINVAL
 		}
 		kgids[i] = kgid
 	}
diff --git a/pkg/sentry/kernel/task_sched.go b/pkg/sentry/kernel/task_sched.go
index f142feab4..9d9fa76a6 100644
--- a/pkg/sentry/kernel/task_sched.go
+++ b/pkg/sentry/kernel/task_sched.go
@@ -23,12 +23,12 @@ import (
 	"time"
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sentry/hostcpu"
 	"gvisor.dev/gvisor/pkg/sentry/kernel/sched"
 	ktime "gvisor.dev/gvisor/pkg/sentry/kernel/time"
 	"gvisor.dev/gvisor/pkg/sentry/limits"
 	"gvisor.dev/gvisor/pkg/sentry/usage"
-	"gvisor.dev/gvisor/pkg/syserror"
 )
 
 // TaskGoroutineState is a coarse representation of the current execution
@@ -601,7 +601,7 @@ func (t *Task) SetCPUMask(mask sched.CPUSet) error {
 
 	// Ensure that at least 1 CPU is still allowed.
 	if mask.NumCPUs() == 0 {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	if t.k.useHostCores {
diff --git a/pkg/sentry/kernel/task_signals.go b/pkg/sentry/kernel/task_signals.go
index 8ca61ed48..f54c774cb 100644
--- a/pkg/sentry/kernel/task_signals.go
+++ b/pkg/sentry/kernel/task_signals.go
@@ -22,6 +22,7 @@ import (
 	"time"
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/eventchannel"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sentry/arch"
@@ -370,7 +371,7 @@ func (t *Task) Sigtimedwait(set linux.SignalSet, timeout time.Duration) (*linux.
 // The following errors may be returned:
 //
 //	syserror.ESRCH - The task has exited.
-//	syserror.EINVAL - The signal is not valid.
+//	linuxerr.EINVAL - The signal is not valid.
 //	syserror.EAGAIN - THe signal is realtime, and cannot be queued.
 //
 func (t *Task) SendSignal(info *linux.SignalInfo) error {
@@ -413,7 +414,7 @@ func (t *Task) sendSignalTimerLocked(info *linux.SignalInfo, group bool, timer *
 		return nil
 	}
 	if !sig.IsValid() {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	// Signal side effects apply even if the signal is ultimately discarded.
@@ -684,7 +685,7 @@ func (t *Task) SetSignalStack(alt linux.SignalStack) bool {
 // to *actptr (if actptr is not nil) and returns the old signal action.
 func (tg *ThreadGroup) SetSigAction(sig linux.Signal, actptr *linux.SigAction) (linux.SigAction, error) {
 	if !sig.IsValid() {
-		return linux.SigAction{}, syserror.EINVAL
+		return linux.SigAction{}, linuxerr.EINVAL
 	}
 
 	tg.pidns.owner.mu.RLock()
@@ -695,7 +696,7 @@ func (tg *ThreadGroup) SetSigAction(sig linux.Signal, actptr *linux.SigAction) (
 	oldact := sh.actions[sig]
 	if actptr != nil {
 		if sig == linux.SIGKILL || sig == linux.SIGSTOP {
-			return oldact, syserror.EINVAL
+			return oldact, linuxerr.EINVAL
 		}
 
 		act := *actptr
diff --git a/pkg/sentry/kernel/task_syscall.go b/pkg/sentry/kernel/task_syscall.go
index 1874f74e5..409b712d8 100644
--- a/pkg/sentry/kernel/task_syscall.go
+++ b/pkg/sentry/kernel/task_syscall.go
@@ -22,6 +22,7 @@ import (
 	"golang.org/x/sys/unix"
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/bits"
+	"gvisor.dev/gvisor/pkg/errors"
 	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/marshal"
@@ -380,6 +381,8 @@ func ExtractErrno(err error, sysno int) int {
 		return 0
 	case unix.Errno:
 		return int(err)
+	case *errors.Error:
+		return int(err.Errno())
 	case syserror.SyscallRestartErrno:
 		return int(err)
 	case *memmap.BusError:
diff --git a/pkg/sentry/kernel/task_usermem.go b/pkg/sentry/kernel/task_usermem.go
index fc6d9438a..7935d15a6 100644
--- a/pkg/sentry/kernel/task_usermem.go
+++ b/pkg/sentry/kernel/task_usermem.go
@@ -19,6 +19,7 @@ import (
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/hostarch"
 	"gvisor.dev/gvisor/pkg/sentry/mm"
 	"gvisor.dev/gvisor/pkg/syserror"
@@ -202,7 +203,7 @@ func (t *Task) CopyInIovecs(addr hostarch.Addr, numIovecs int) (hostarch.AddrRan
 			base := hostarch.Addr(hostarch.ByteOrder.Uint64(b[0:8]))
 			length := hostarch.ByteOrder.Uint64(b[8:16])
 			if length > math.MaxInt64 {
-				return hostarch.AddrRangeSeq{}, syserror.EINVAL
+				return hostarch.AddrRangeSeq{}, linuxerr.EINVAL
 			}
 			ar, ok := t.MemoryManager().CheckIORange(base, int64(length))
 			if !ok {
@@ -270,7 +271,7 @@ func (t *Task) SingleIOSequence(addr hostarch.Addr, length int, opts usermem.IOO
 // Preconditions: Same as Task.CopyInIovecs.
 func (t *Task) IovecsIOSequence(addr hostarch.Addr, iovcnt int, opts usermem.IOOpts) (usermem.IOSequence, error) {
 	if iovcnt < 0 || iovcnt > linux.UIO_MAXIOV {
-		return usermem.IOSequence{}, syserror.EINVAL
+		return usermem.IOSequence{}, linuxerr.EINVAL
 	}
 	ars, err := t.CopyInIovecs(addr, iovcnt)
 	if err != nil {
diff --git a/pkg/sentry/kernel/thread_group.go b/pkg/sentry/kernel/thread_group.go
index 4566e4c7c..8ae00c649 100644
--- a/pkg/sentry/kernel/thread_group.go
+++ b/pkg/sentry/kernel/thread_group.go
@@ -19,6 +19,7 @@ import (
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sentry/fs"
 	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
 	ktime "gvisor.dev/gvisor/pkg/sentry/kernel/time"
@@ -357,7 +358,7 @@ func (tg *ThreadGroup) SetControllingTTY(tty *TTY, steal bool, isReadable bool)
 	// "The calling process must be a session leader and not have a
 	// controlling terminal already." - tty_ioctl(4)
 	if tg.processGroup.session.leader != tg || tg.tty != nil {
-		return syserror.EINVAL
+		return linuxerr.EINVAL
 	}
 
 	creds := auth.CredentialsFromContext(tg.leader)
@@ -501,7 +502,7 @@ func (tg *ThreadGroup) SetForegroundProcessGroup(tty *TTY, pgid ProcessGroupID)
 
 	// pgid must be positive.
 	if pgid < 0 {
-		return -1, syserror.EINVAL
+		return -1, linuxerr.EINVAL
 	}
 
 	// pg must not be empty. Empty process groups are removed from their
diff --git a/pkg/sentry/kernel/time/time.go b/pkg/sentry/kernel/time/time.go
index 26aa34aa6..191b92811 100644
--- a/pkg/sentry/kernel/time/time.go
+++ b/pkg/sentry/kernel/time/time.go
@@ -22,8 +22,8 @@ import (
 	"time"
 
 	"gvisor.dev/gvisor/pkg/abi/linux"
+	"gvisor.dev/gvisor/pkg/errors/linuxerr"
 	"gvisor.dev/gvisor/pkg/sync"
-	"gvisor.dev/gvisor/pkg/syserror"
 	"gvisor.dev/gvisor/pkg/waiter"
 )
 
@@ -322,7 +322,7 @@ func SettingFromSpec(value time.Duration, interval time.Duration, c Clock) (Sett
 // interpreted as a time relative to now.
 func SettingFromSpecAt(value time.Duration, interval time.Duration, now Time) (Setting, error) {
 	if value < 0 {
-		return Setting{}, syserror.EINVAL
+		return Setting{}, linuxerr.EINVAL
 	}
 	if value == 0 {
 		return Setting{Period: interval}, nil
@@ -338,7 +338,7 @@ func SettingFromSpecAt(value time.Duration, interval time.Duration, now Time) (S
 // interpreted as an absolute time.
 func SettingFromAbsSpec(value Time, interval time.Duration) (Setting, error) {
 	if value.Before(ZeroTime) {
-		return Setting{}, syserror.EINVAL
+		return Setting{}, linuxerr.EINVAL
 	}
 	if value.IsZero() {
 		return Setting{Period: interval}, nil
author	gVisor bot <gvisor-bot@google.com>	2021-06-29 22:13:25 +0000
committer	gVisor bot <gvisor-bot@google.com>	2021-06-29 22:13:25 +0000
commit	a81deffb4e19f1edb78b618a97df4bd129e312c8 (patch)
tree	43699ff370db20b5fa2f55f988d63f61244a4436 /pkg/sentry/kernel
parent	42b672d53fb6fd9fe71c0efc373843d79713afca (diff)
parent	54b71221c0b7a9159f369263ea6189bdba4eac3a (diff)