diff options
author | Jamie Liu <jamieliu@google.com> | 2020-08-31 13:55:18 -0700 |
---|---|---|
committer | Andrei Vagin <avagin@gmail.com> | 2020-09-09 17:53:10 -0700 |
commit | 47b496054e05c2dd33c0ecf1386a36b3edf7c6ef (patch) | |
tree | 9bd7be583af4ffa307b0589a9a37737d9d439185 /pkg/sentry | |
parent | bdabd100d340d9ff88e65f31930e1f31800811f5 (diff) |
Don't use read-only host FD for writable gofer dentries in VFS2.
As documented for gofer.dentry.hostFD.
PiperOrigin-RevId: 329372319
Diffstat (limited to 'pkg/sentry')
-rw-r--r-- | pkg/sentry/fsimpl/gofer/gofer.go | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/gofer/gofer.go b/pkg/sentry/fsimpl/gofer/gofer.go index 81d34cfe3..57bff1789 100644 --- a/pkg/sentry/fsimpl/gofer/gofer.go +++ b/pkg/sentry/fsimpl/gofer/gofer.go @@ -1472,8 +1472,9 @@ func (d *dentry) ensureSharedHandle(ctx context.Context, read, write, trunc bool return err } - if d.hostFD < 0 && openReadable && h.fd >= 0 { - // We have no existing FD; use the new FD for at least reading. + if d.hostFD < 0 && h.fd >= 0 && openReadable && (d.writeFile.isNil() || openWritable) { + // We have no existing FD, and the new FD meets the requirements + // for d.hostFD, so start using it. d.hostFD = h.fd } else if d.hostFD >= 0 && d.writeFile.isNil() && openWritable { // We have an existing read-only FD, but the file has just been |