Merge release-20200622.1-206-g5e34ee68c (automated)

author: gVisor bot <gvisor-bot@google.com> 2020-07-23 23:37:23 +0000
committer: gVisor bot <gvisor-bot@google.com> 2020-07-23 23:37:23 +0000
commit: 889487928af61ef0544f8bec6c3d35fd423905c3 (patch)
tree: 28dfaeea4ae4bc04e016061ca36c6798ad03f43b /pkg/sentry/syscalls/linux/vfs2/mount.go
parent: 1d05051701a6f92a093b8948b58f4bf2128eebdd (diff)
parent: 5e34ee68c93888eba3d56a2b713dbeebf406efa3 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/pkg/sentry/syscalls/linux/vfs2/mount.go b/pkg/sentry/syscalls/linux/vfs2/mount.go
index adeaa39cc..ea337de7c 100644
--- a/pkg/sentry/syscalls/linux/vfs2/mount.go
+++ b/pkg/sentry/syscalls/linux/vfs2/mount.go
@@ -77,8 +77,7 @@ func Mount(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall
 
 	// Silently allow MS_NOSUID, since we don't implement set-id bits
 	// anyway.
-	const unsupportedFlags = linux.MS_NODEV |
-		linux.MS_NODIRATIME | linux.MS_STRICTATIME
+	const unsupportedFlags = linux.MS_NODIRATIME | linux.MS_STRICTATIME
 
 	// Linux just allows passing any flags to mount(2) - it won't fail when
 	// unknown or unsupported flags are passed. Since we don't implement
@@ -94,6 +93,12 @@ func Mount(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall
 	if flags&linux.MS_NOEXEC == linux.MS_NOEXEC {
 		opts.Flags.NoExec = true
 	}
+	if flags&linux.MS_NODEV == linux.MS_NODEV {
+		opts.Flags.NoDev = true
+	}
+	if flags&linux.MS_NOSUID == linux.MS_NOSUID {
+		opts.Flags.NoSUID = true
+	}
 	if flags&linux.MS_RDONLY == linux.MS_RDONLY {
 		opts.ReadOnly = true
 	}
author	gVisor bot <gvisor-bot@google.com>	2020-07-23 23:37:23 +0000
committer	gVisor bot <gvisor-bot@google.com>	2020-07-23 23:37:23 +0000
commit	889487928af61ef0544f8bec6c3d35fd423905c3 (patch)
tree	28dfaeea4ae4bc04e016061ca36c6798ad03f43b /pkg/sentry/syscalls/linux/vfs2/mount.go
parent	1d05051701a6f92a093b8948b58f4bf2128eebdd (diff)
parent	5e34ee68c93888eba3d56a2b713dbeebf406efa3 (diff)