diff options
| author | gVisor bot <gvisor-bot@google.com> | 2020-03-13 16:02:07 +0000 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-03-13 16:02:07 +0000 |
| commit | bc50e54cd6edc4d0c398ff7202c28d05a250edf6 (patch) | |
| tree | 97805c6a1510589a12a26c794d6543155017f01f /pkg/sentry/vfs/options.go | |
| parent | 37e789e87f644506503548b039ffbd6c8b52d2cf (diff) | |
| parent | 8f8f16efafd48da3c5e4db329a90bb76620b2324 (diff) | |
Merge release-20200219.0-161-g8f8f16e (automated)
Diffstat (limited to 'pkg/sentry/vfs/options.go')
| -rwxr-xr-x | pkg/sentry/vfs/options.go | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/pkg/sentry/vfs/options.go b/pkg/sentry/vfs/options.go index 6af7fdac1..3e90dc4ed 100755 --- a/pkg/sentry/vfs/options.go +++ b/pkg/sentry/vfs/options.go @@ -46,8 +46,21 @@ type MknodOptions struct { DevMinor uint32 } +// MountFlags contains flags as specified for mount(2), e.g. MS_NOEXEC. +// MS_RDONLY is not part of MountFlags because it's tracked in Mount.writers. +type MountFlags struct { + // NoExec is equivalent to MS_NOEXEC. + NoExec bool +} + // MountOptions contains options to VirtualFilesystem.MountAt(). type MountOptions struct { + // Flags contains flags as specified for mount(2), e.g. MS_NOEXEC. + Flags MountFlags + + // ReadOnly is equivalent to MS_RDONLY. + ReadOnly bool + // GetFilesystemOptions contains options to FilesystemType.GetFilesystem(). GetFilesystemOptions GetFilesystemOptions @@ -75,7 +88,8 @@ type OpenOptions struct { // FileExec is set when the file is being opened to be executed. // VirtualFilesystem.OpenAt() checks that the caller has execute permissions - // on the file, and that the file is a regular file. + // on the file, that the file is a regular file, and that the mount doesn't + // have MS_NOEXEC set. FileExec bool } |