Add permission checks to vfs2 truncate.

- Check write permission on truncate(2). Unlike ftruncate(2), truncate(2) fails if the user does not have write permissions on the file. - For gofers under InteropModeShared, check file type before making a truncate request. We should fail early and avoid making an rpc when possible. Furthermore, depending on the remote host's failure may give us unexpected behavior--if the host converts the truncate request to an ftruncate syscall on an open fd, we will get EINVAL instead of EISDIR. Updates #2923. PiperOrigin-RevId: 322913569
author: Dean Deng <deandeng@google.com> 2020-07-23 18:46:10 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-07-23 18:52:44 -0700
commit: d9a3f5d0c7d675b3cb4519eccca341bac33456af (patch)
tree: 84a79ce511fed0dd4faf362896bc6d2be1c0cc82 /pkg/sentry/syscalls
parent: bac4ebaabfac95f7b467b9c777a890fcf31a42ae (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/pkg/sentry/syscalls/linux/vfs2/setstat.go b/pkg/sentry/syscalls/linux/vfs2/setstat.go
index 09ecfed26..6daedd173 100644
--- a/pkg/sentry/syscalls/linux/vfs2/setstat.go
+++ b/pkg/sentry/syscalls/linux/vfs2/setstat.go
@@ -178,6 +178,7 @@ func Truncate(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Sysc
 			Mask: linux.STATX_SIZE,
 			Size: uint64(length),
 		},
+		NeedWritePerm: true,
 	})
 	return 0, nil, handleSetSizeError(t, err)
 }
@@ -197,6 +198,10 @@ func Ftruncate(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Sys
 	}
 	defer file.DecRef()
 
+	if !file.IsWritable() {
+		return 0, nil, syserror.EINVAL
+	}
+
 	err := file.SetStat(t, vfs.SetStatOptions{
 		Stat: linux.Statx{
 			Mask: linux.STATX_SIZE,
author	Dean Deng <deandeng@google.com>	2020-07-23 18:46:10 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-07-23 18:52:44 -0700
commit	d9a3f5d0c7d675b3cb4519eccca341bac33456af (patch)
tree	84a79ce511fed0dd4faf362896bc6d2be1c0cc82 /pkg/sentry/syscalls
parent	bac4ebaabfac95f7b467b9c777a890fcf31a42ae (diff)