summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry
diff options
context:
space:
mode:
authorgVisor bot <gvisor-bot@google.com>2021-02-12 03:14:38 +0000
committergVisor bot <gvisor-bot@google.com>2021-02-12 03:14:38 +0000
commit430a49cc5449f0153f58621c0dcaf36d58a71c72 (patch)
treec11d97395e194ec8261b4065a073795d97fba7c9 /pkg/sentry
parenta5c96a9f604a00d72bc5ee01a8dc651276f463c5 (diff)
parent34614c39860a7316132a2bf572366618e7a78be9 (diff)
Merge release-20210201.0-92-g34614c398 (automated)
Diffstat (limited to 'pkg/sentry')
-rw-r--r--pkg/sentry/fsimpl/overlay/filesystem.go64
1 files changed, 19 insertions, 45 deletions
diff --git a/pkg/sentry/fsimpl/overlay/filesystem.go b/pkg/sentry/fsimpl/overlay/filesystem.go
index b36031291..890b01cdb 100644
--- a/pkg/sentry/fsimpl/overlay/filesystem.go
+++ b/pkg/sentry/fsimpl/overlay/filesystem.go
@@ -1308,8 +1308,8 @@ func (fs *filesystem) RmdirAt(ctx context.Context, rp *vfs.ResolvingPath) error
return err
}
- // Unlike UnlinkAt, we need a dentry representing the child directory being
- // removed in order to verify that it's empty.
+ // We need a dentry representing the child directory being removed in order
+ // to verify that it's empty.
child, _, err := fs.getChildLocked(ctx, parent, name, &ds)
if err != nil {
return err
@@ -1555,50 +1555,24 @@ func (fs *filesystem) UnlinkAt(ctx context.Context, rp *vfs.ResolvingPath) error
return err
}
- parentMode := atomic.LoadUint32(&parent.mode)
- child := parent.children[name]
- var childLayer lookupLayer
- if child == nil {
- if parentMode&linux.S_ISVTX != 0 {
- // If the parent's sticky bit is set, we need a child dentry to get
- // its owner.
- child, _, err = fs.getChildLocked(ctx, parent, name, &ds)
- if err != nil {
- return err
- }
- } else {
- // Determine if the file being unlinked actually exists. Holding
- // parent.dirMu prevents a dentry from being instantiated for the file,
- // which in turn prevents it from being copied-up, so this result is
- // stable.
- childLayer, err = fs.lookupLayerLocked(ctx, parent, name)
- if err != nil {
- return err
- }
- if !childLayer.existsInOverlay() {
- return syserror.ENOENT
- }
- }
+ // We need a dentry representing the child being removed in order to verify
+ // that it's not a directory.
+ child, childLayer, err := fs.getChildLocked(ctx, parent, name, &ds)
+ if err != nil {
+ return err
}
- if child != nil {
- if child.isDir() {
- return syserror.EISDIR
- }
- if err := parent.mayDelete(rp.Credentials(), child); err != nil {
- return err
- }
- if err := vfsObj.PrepareDeleteDentry(mntns, &child.vfsd); err != nil {
- return err
- }
- // Hold child.copyMu to prevent it from being copied-up during
- // deletion.
- child.copyMu.RLock()
- defer child.copyMu.RUnlock()
- if child.upperVD.Ok() {
- childLayer = lookupLayerUpper
- } else {
- childLayer = lookupLayerLower
- }
+ if child.isDir() {
+ return syserror.EISDIR
+ }
+ if err := parent.mayDelete(rp.Credentials(), child); err != nil {
+ return err
+ }
+ // Hold child.copyMu to prevent it from being copied-up during
+ // deletion.
+ child.copyMu.RLock()
+ defer child.copyMu.RUnlock()
+ if err := vfsObj.PrepareDeleteDentry(mntns, &child.vfsd); err != nil {
+ return err
}
pop := vfs.PathOperation{