Add O_PATH support in vfs2

PiperOrigin-RevId: 354367665
author: gVisor bot <gvisor-bot@google.com> 2021-01-28 12:22:00 -0800
committer: gVisor bot <gvisor-bot@google.com> 2021-01-28 12:24:37 -0800
commit: d8c330254a7df21cb5edac3440b62a512fcc8d2d (patch)
tree: 7c37b273cca0389da1375c7984cbd5fd21c01952 /pkg/sentry/syscalls/linux/vfs2/fd.go
parent: 449c155bc00aa36522f80f816b18e9a9521e1fe6 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/pkg/sentry/syscalls/linux/vfs2/fd.go b/pkg/sentry/syscalls/linux/vfs2/fd.go
index e39f074f2..1a31898e8 100644
--- a/pkg/sentry/syscalls/linux/vfs2/fd.go
+++ b/pkg/sentry/syscalls/linux/vfs2/fd.go
@@ -123,6 +123,15 @@ func Fcntl(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall
 	}
 	defer file.DecRef(t)
 
+	if file.StatusFlags()&linux.O_PATH != 0 {
+		switch cmd {
+		case linux.F_DUPFD, linux.F_DUPFD_CLOEXEC, linux.F_GETFD, linux.F_SETFD, linux.F_GETFL:
+			// allowed
+		default:
+			return 0, nil, syserror.EBADF
+		}
+	}
+
 	switch cmd {
 	case linux.F_DUPFD, linux.F_DUPFD_CLOEXEC:
 		minfd := args[2].Int()
@@ -395,6 +404,10 @@ func Fadvise64(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Sys
 	}
 	defer file.DecRef(t)
 
+	if file.StatusFlags()&linux.O_PATH != 0 {
+		return 0, nil, syserror.EBADF
+	}
+
 	// If the FD refers to a pipe or FIFO, return error.
 	if _, isPipe := file.Impl().(*pipe.VFSPipeFD); isPipe {
 		return 0, nil, syserror.ESPIPE
author	gVisor bot <gvisor-bot@google.com>	2021-01-28 12:22:00 -0800
committer	gVisor bot <gvisor-bot@google.com>	2021-01-28 12:24:37 -0800
commit	d8c330254a7df21cb5edac3440b62a512fcc8d2d (patch)
tree	7c37b273cca0389da1375c7984cbd5fd21c01952 /pkg/sentry/syscalls/linux/vfs2/fd.go
parent	449c155bc00aa36522f80f816b18e9a9521e1fe6 (diff)