diff options
| author | gVisor bot <gvisor-bot@google.com> | 2021-01-12 20:47:44 +0000 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-01-12 20:47:44 +0000 |
| commit | fbc3a3d984eb113f7487e38ba55e5f813fc72aec (patch) | |
| tree | d22a96c80f5f9a35c71687740e35c0021475d428 /pkg/sentry/kernel | |
| parent | 1ea6658d24215e9fbcdb693b00884e1bdbdcc95d (diff) | |
| parent | 4e03e87547853523d4ff941935a6ef1712518c61 (diff) | |
Merge release-20201216.0-87-g4e03e8754 (automated)
Diffstat (limited to 'pkg/sentry/kernel')
| -rw-r--r-- | pkg/sentry/kernel/auth/id.go | 14 | ||||
| -rw-r--r-- | pkg/sentry/kernel/auth/id_map_set.go | 6 | ||||
| -rw-r--r-- | pkg/sentry/kernel/kernel.go | 4 |
3 files changed, 17 insertions, 7 deletions
diff --git a/pkg/sentry/kernel/auth/id.go b/pkg/sentry/kernel/auth/id.go index 4c32ee703..994486ea8 100644 --- a/pkg/sentry/kernel/auth/id.go +++ b/pkg/sentry/kernel/auth/id.go @@ -62,18 +62,28 @@ const ( // field is displayed as 4294967295 (-1 as an unsigned integer);" - // user_namespaces(7) OverflowUID = UID(65534) + + // OverflowGID is the group equivalent to OverflowUID. OverflowGID = GID(65534) // NobodyKUID is the user ID usually reserved for the least privileged user // "nobody". NobodyKUID = KUID(65534) + + // NobodyKGID is the group equivalent to NobodyKUID. NobodyKGID = KGID(65534) // RootKUID is the user ID usually used for the most privileged user "root". RootKUID = KUID(0) + + // RootKGID is the group equivalent to RootKUID. RootKGID = KGID(0) - RootUID = UID(0) - RootGID = GID(0) + + // RootUID is the root user. + RootUID = UID(0) + + // RootGID is the root group. + RootGID = GID(0) ) // Ok returns true if uid is not -1. diff --git a/pkg/sentry/kernel/auth/id_map_set.go b/pkg/sentry/kernel/auth/id_map_set.go index d8a05ce46..479753981 100644 --- a/pkg/sentry/kernel/auth/id_map_set.go +++ b/pkg/sentry/kernel/auth/id_map_set.go @@ -1556,8 +1556,8 @@ type idMapSegmentDataSlices struct { Values []uint32 } -// ExportSortedSlice returns a copy of all segments in the given set, in ascending -// key order. +// ExportSortedSlices returns a copy of all segments in the given set, in +// ascending key order. func (s *idMapSet) ExportSortedSlices() *idMapSegmentDataSlices { var sds idMapSegmentDataSlices for seg := s.FirstSegment(); seg.Ok(); seg = seg.NextSegment() { @@ -1571,7 +1571,7 @@ func (s *idMapSet) ExportSortedSlices() *idMapSegmentDataSlices { return &sds } -// ImportSortedSlice initializes the given set from the given slice. +// ImportSortedSlices initializes the given set from the given slice. // // Preconditions: // * s must be empty. diff --git a/pkg/sentry/kernel/kernel.go b/pkg/sentry/kernel/kernel.go index b8627a54f..303ae8056 100644 --- a/pkg/sentry/kernel/kernel.go +++ b/pkg/sentry/kernel/kernel.go @@ -1433,8 +1433,8 @@ func (k *Kernel) GlobalInit() *ThreadGroup { return k.globalInit } -// TestOnly_SetGlobalInit sets the thread group with ID 1 in the root PID namespace. -func (k *Kernel) TestOnly_SetGlobalInit(tg *ThreadGroup) { +// TestOnlySetGlobalInit sets the thread group with ID 1 in the root PID namespace. +func (k *Kernel) TestOnlySetGlobalInit(tg *ThreadGroup) { k.globalInit = tg } |