createAt should return all errors from FindInode except ENOENT.

Previously, createAt was eating all errors from FindInode except for EACCES and
proceeding with the creation. This is incorrect, as FindInode can return many
other errors (like ENAMETOOLONG) that should stop creation.

This CL changes createAt to return all errors encountered except for ENOENT,
which we can ignore because we are about to create the thing.

PiperOrigin-RevId: 245773222
Change-Id: I1b317021de70f0550fb865506f6d8147d4aebc56

1 files changed, 5 insertions, 4 deletions

diff --git a/pkg/sentry/syscalls/linux/sys_file.go b/pkg/sentry/syscalls/linux/sys_file.go
index d2d351449..50151f7b6 100644
--- a/pkg/sentry/syscalls/linux/sys_file.go
+++ b/pkg/sentry/syscalls/linux/sys_file.go
@@ -347,10 +347,9 @@ func createAt(t *kernel.Task, dirFD kdefs.FD, addr usermem.Addr, flags uint, mod
 				return syserror.ConvertIntr(err, kernel.ERESTARTSYS)
 			}
 			defer newFile.DecRef()
-		case syserror.EACCES:
-			// Permission denied while walking to the file.
-			return err
-		default:
+		case syserror.ENOENT:
+			// File does not exist. Proceed with creation.
+
 			// Do we have write permissions on the parent?
 			if err := d.Inode.CheckPermission(t, fs.PermMask{Write: true, Execute: true}); err != nil {
 				return err
@@ -365,6 +364,8 @@ func createAt(t *kernel.Task, dirFD kdefs.FD, addr usermem.Addr, flags uint, mod
 			}
 			defer newFile.DecRef()
 			targetDirent = newFile.Dirent
+		default:
+			return err
 		}
 
 		// Success.