summaryrefslogtreecommitdiffhomepage
path: root/pkg
diff options
context:
space:
mode:
authorKevin Krakauer <krakauer@google.com>2019-11-04 10:56:13 -0800
committergVisor bot <gvisor-bot@google.com>2019-11-04 10:58:29 -0800
commit4fdd69d681bb3abb68a043377a2fb0ec8a031d54 (patch)
treea9f8e172d4c0692e364a240e8ce6d9de7b0a3ec8 /pkg
parentb23b36e701c40827065217f4652a51eebc5f9913 (diff)
Check that a file is a regular file with open(O_TRUNC).
It was possible to panic the sentry by opening a cache revalidating folder with O_TRUNC|O_CREAT. PiperOrigin-RevId: 278417533
Diffstat (limited to 'pkg')
-rw-r--r--pkg/sentry/fs/inode_operations.go2
-rw-r--r--pkg/sentry/syscalls/linux/sys_file.go8
2 files changed, 6 insertions, 4 deletions
diff --git a/pkg/sentry/fs/inode_operations.go b/pkg/sentry/fs/inode_operations.go
index 5cde9d215..d6c35c2dc 100644
--- a/pkg/sentry/fs/inode_operations.go
+++ b/pkg/sentry/fs/inode_operations.go
@@ -221,6 +221,8 @@ type InodeOperations interface {
// sys_ftruncate.
//
// Implementations need not check that length >= 0.
+ //
+ // Truncate must only be called on regular files.
Truncate(ctx context.Context, inode *Inode, size int64) error
// Allocate allows the caller to reserve disk space for the inode.
diff --git a/pkg/sentry/syscalls/linux/sys_file.go b/pkg/sentry/syscalls/linux/sys_file.go
index b9a8e3e21..c9f57fe27 100644
--- a/pkg/sentry/syscalls/linux/sys_file.go
+++ b/pkg/sentry/syscalls/linux/sys_file.go
@@ -169,7 +169,7 @@ func openAt(t *kernel.Task, dirFD int32, addr usermem.Addr, flags uint) (fd uint
if dirPath {
return syserror.ENOTDIR
}
- if flags&linux.O_TRUNC != 0 {
+ if flags&linux.O_TRUNC != 0 && fs.IsRegular(d.Inode.StableAttr) {
if err := d.Inode.Truncate(t, d, 0); err != nil {
return err
}
@@ -397,7 +397,7 @@ func createAt(t *kernel.Task, dirFD int32, addr usermem.Addr, flags uint, mode l
}
// Should we truncate the file?
- if flags&linux.O_TRUNC != 0 {
+ if flags&linux.O_TRUNC != 0 && fs.IsRegular(found.Inode.StableAttr) {
if err := found.Inode.Truncate(t, found, 0); err != nil {
return err
}
@@ -1483,7 +1483,7 @@ func Truncate(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Sysc
if fs.IsDir(d.Inode.StableAttr) {
return syserror.EISDIR
}
- if !fs.IsFile(d.Inode.StableAttr) {
+ if !fs.IsRegular(d.Inode.StableAttr) {
return syserror.EINVAL
}
@@ -1523,7 +1523,7 @@ func Ftruncate(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Sys
// Note that this is different from truncate(2) above, where a
// directory returns EISDIR.
- if !fs.IsFile(file.Dirent.Inode.StableAttr) {
+ if !fs.IsRegular(file.Dirent.Inode.StableAttr) {
return 0, nil, syserror.EINVAL
}