Add permission checks to vfs2 truncate.

- Check write permission on truncate(2). Unlike ftruncate(2), truncate(2) fails if the user does not have write permissions on the file. - For gofers under InteropModeShared, check file type before making a truncate request. We should fail early and avoid making an rpc when possible. Furthermore, depending on the remote host's failure may give us unexpected behavior--if the host converts the truncate request to an ftruncate syscall on an open fd, we will get EINVAL instead of EISDIR. Updates #2923. PiperOrigin-RevId: 322913569
author: Dean Deng <deandeng@google.com> 2020-07-23 18:46:10 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-07-23 18:52:44 -0700
commit: d9a3f5d0c7d675b3cb4519eccca341bac33456af (patch)
tree: 84a79ce511fed0dd4faf362896bc6d2be1c0cc82 /pkg/sentry/vfs/options.go
parent: bac4ebaabfac95f7b467b9c777a890fcf31a42ae (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/pkg/sentry/vfs/options.go b/pkg/sentry/vfs/options.go
index d37208a1f..dfc8573fd 100644
--- a/pkg/sentry/vfs/options.go
+++ b/pkg/sentry/vfs/options.go
@@ -164,6 +164,12 @@ type SetStatOptions struct {
 	// == UTIME_OMIT (VFS users must unset the corresponding bit in Stat.Mask
 	// instead).
 	Stat linux.Statx
+
+	// NeedWritePerm indicates that write permission on the file is needed for
+	// this operation. This is needed for truncate(2) (note that ftruncate(2)
+	// does not require the same check--instead, it checks that the fd is
+	// writable).
+	NeedWritePerm bool
 }
 
 // BoundEndpointOptions contains options to VirtualFilesystem.BoundEndpointAt()
author	Dean Deng <deandeng@google.com>	2020-07-23 18:46:10 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-07-23 18:52:44 -0700
commit	d9a3f5d0c7d675b3cb4519eccca341bac33456af (patch)
tree	84a79ce511fed0dd4faf362896bc6d2be1c0cc82 /pkg/sentry/vfs/options.go
parent	bac4ebaabfac95f7b467b9c777a890fcf31a42ae (diff)