diff options
author | gVisor bot <gvisor-bot@google.com> | 2021-10-08 21:53:32 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-10-08 21:53:32 +0000 |
commit | c5b6f080367328a16f0820e00203c7a1322b84cc (patch) | |
tree | 14044319e647e80e41f5ba7ccc1cf4fa70fd05ef /pkg/sentry | |
parent | 89e1ae16f75923312bf487fd96ab74ce0211df73 (diff) | |
parent | da41ecc5be8a25d116b520da2c3d424ef488b159 (diff) |
Merge release-20210927.0-51-gda41ecc5b (automated)
Diffstat (limited to 'pkg/sentry')
-rw-r--r-- | pkg/sentry/fsimpl/gofer/gofer.go | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/pkg/sentry/fsimpl/gofer/gofer.go b/pkg/sentry/fsimpl/gofer/gofer.go index 7bef8242f..2dd9226c1 100644 --- a/pkg/sentry/fsimpl/gofer/gofer.go +++ b/pkg/sentry/fsimpl/gofer/gofer.go @@ -1595,7 +1595,10 @@ func (d *dentry) checkXattrPermissions(creds *auth.Credentials, name string, ats // (b/148380782). Allow all other extended attributes to be passed through // to the remote filesystem. This is inconsistent with Linux's 9p client, // but consistent with other filesystems (e.g. FUSE). - if strings.HasPrefix(name, linux.XATTR_SECURITY_PREFIX) || strings.HasPrefix(name, linux.XATTR_SYSTEM_PREFIX) { + // + // NOTE(b/202533394): Also disallow "trusted" namespace for now. This is + // consistent with the VFS1 gofer client. + if strings.HasPrefix(name, linux.XATTR_SECURITY_PREFIX) || strings.HasPrefix(name, linux.XATTR_SYSTEM_PREFIX) || strings.HasPrefix(name, linux.XATTR_TRUSTED_PREFIX) { return linuxerr.EOPNOTSUPP } mode := linux.FileMode(atomic.LoadUint32(&d.mode)) |