Merge release-20210726.0-53-g4249ba850 (automated)

author: gVisor bot <gvisor-bot@google.com> 2021-08-12 03:15:08 +0000
committer: gVisor bot <gvisor-bot@google.com> 2021-08-12 03:15:08 +0000
commit: e300f0c99cea22cf8e3f8a68fe7c36bf4a987be7 (patch)
tree: 6f9f6f29838c0ad4824abb19e7243e87aad541a2 /pkg/sentry
parent: 969b2bfa7e3197bf3da133e7c025d88bbc0c2ac2 (diff)
parent: 4249ba85068e7a398187af6c87daca2172ed25e5 (diff)
1 files changed, 0 insertions, 17 deletions
diff --git a/pkg/sentry/fsimpl/verity/filesystem.go b/pkg/sentry/fsimpl/verity/filesystem.go
index 930016a3e..63105069f 100644
--- a/pkg/sentry/fsimpl/verity/filesystem.go
+++ b/pkg/sentry/fsimpl/verity/filesystem.go
@@ -595,23 +595,6 @@ func (fs *filesystem) lookupAndVerifyLocked(ctx context.Context, parent *dentry,
 		}
 	}
 
-	// Clear the Merkle tree file if they are to be generated at runtime.
-	// TODO(b/182315468): Optimize the Merkle tree generate process to
-	// allow only updating certain files/directories.
-	if fs.allowRuntimeEnable {
-		childMerkleFD, err := vfsObj.OpenAt(ctx, fs.creds, &vfs.PathOperation{
-			Root:  childMerkleVD,
-			Start: childMerkleVD,
-		}, &vfs.OpenOptions{
-			Flags: linux.O_RDWR | linux.O_TRUNC,
-			Mode:  0644,
-		})
-		if err != nil {
-			return nil, err
-		}
-		childMerkleFD.DecRef(ctx)
-	}
-
 	// The dentry needs to be cleaned up if any error occurs. IncRef will be
 	// called if a verity child dentry is successfully created.
 	defer childMerkleVD.DecRef(ctx)
author	gVisor bot <gvisor-bot@google.com>	2021-08-12 03:15:08 +0000
committer	gVisor bot <gvisor-bot@google.com>	2021-08-12 03:15:08 +0000
commit	e300f0c99cea22cf8e3f8a68fe7c36bf4a987be7 (patch)
tree	6f9f6f29838c0ad4824abb19e7243e87aad541a2 /pkg/sentry
parent	969b2bfa7e3197bf3da133e7c025d88bbc0c2ac2 (diff)
parent	4249ba85068e7a398187af6c87daca2172ed25e5 (diff)