Move VFS2 handling of FD readability/writability to vfs.FileDescription.

PiperOrigin-RevId: 291006713
author: Jamie Liu <jamieliu@google.com> 2020-01-22 12:27:16 -0800
committer: gVisor bot <gvisor-bot@google.com> 2020-01-22 12:29:36 -0800
commit: 5ab1213a6c405071546c783d6d93b4e9af52842e (patch)
tree: 5671161794ad450b7d898b7dd01fbddde2376ab2 /pkg/sentry/vfs/permissions.go
parent: 159992300ddb2924cfbf1de57591a78ea27a3a4b (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/pkg/sentry/vfs/permissions.go b/pkg/sentry/vfs/permissions.go
index d279d05ca..f664581f4 100644
--- a/pkg/sentry/vfs/permissions.go
+++ b/pkg/sentry/vfs/permissions.go
@@ -94,14 +94,13 @@ func GenericCheckPermissions(creds *auth.Credentials, ats AccessTypes, isDir boo
 // the set of accesses permitted for the opened file:
 //
 // - O_TRUNC causes MayWrite to be set in the returned AccessTypes (since it
-// mutates the file), but does not permit the opened to write to the file
+// mutates the file), but does not permit writing to the open file description
 // thereafter.
 //
 // - "Linux reserves the special, nonstandard access mode 3 (binary 11) in
 // flags to mean: check for read and write permission on the file and return a
 // file descriptor that can't be used for reading or writing." - open(2). Thus
-// AccessTypesForOpenFlags returns MayRead|MayWrite in this case, but
-// filesystems are responsible for ensuring that access is denied.
+// AccessTypesForOpenFlags returns MayRead|MayWrite in this case.
 //
 // Use May{Read,Write}FileWithOpenFlags() for these checks instead.
 func AccessTypesForOpenFlags(flags uint32) AccessTypes {
author	Jamie Liu <jamieliu@google.com>	2020-01-22 12:27:16 -0800
committer	gVisor bot <gvisor-bot@google.com>	2020-01-22 12:29:36 -0800
commit	5ab1213a6c405071546c783d6d93b4e9af52842e (patch)
tree	5671161794ad450b7d898b7dd01fbddde2376ab2 /pkg/sentry/vfs/permissions.go
parent	159992300ddb2924cfbf1de57591a78ea27a3a4b (diff)