Merge release-20210208.0-96-ge50ee2620 (automated)

author: gVisor bot <gvisor-bot@google.com> 2021-02-25 21:01:34 +0000
committer: gVisor bot <gvisor-bot@google.com> 2021-02-25 21:01:34 +0000
commit: ca7a3c34629c390485c923f897392f8d3b09ae5f (patch)
tree: 214634527efbc75e9f73edca421042cebf746c31 /pkg
parent: 7751dcb2a85a2efefa647d0c0a4caa38e074f525 (diff)
parent: e50ee26207a99930be966bd48e04f5bccd85cc05 (diff)
3 files changed, 42 insertions, 10 deletions
diff --git a/pkg/sentry/kernel/semaphore/semaphore.go b/pkg/sentry/kernel/semaphore/semaphore.go
index db01e4a97..fe2ab1662 100644
--- a/pkg/sentry/kernel/semaphore/semaphore.go
+++ b/pkg/sentry/kernel/semaphore/semaphore.go
@@ -381,15 +381,24 @@ func (s *Set) Change(ctx context.Context, creds *auth.Credentials, owner fs.File
 
 // GetStat extracts semid_ds information from the set.
 func (s *Set) GetStat(creds *auth.Credentials) (*linux.SemidDS, error) {
+	// "The calling process must have read permission on the semaphore set."
+	return s.semStat(creds, fs.PermMask{Read: true})
+}
+
+// GetStatAny extracts semid_ds information from the set without requiring read access.
+func (s *Set) GetStatAny(creds *auth.Credentials) (*linux.SemidDS, error) {
+	return s.semStat(creds, fs.PermMask{})
+}
+
+func (s *Set) semStat(creds *auth.Credentials, permMask fs.PermMask) (*linux.SemidDS, error) {
 	s.mu.Lock()
 	defer s.mu.Unlock()
 
-	// "The calling process must have read permission on the semaphore set."
-	if !s.checkPerms(creds, fs.PermMask{Read: true}) {
+	if !s.checkPerms(creds, permMask) {
 		return nil, syserror.EACCES
 	}
 
-	ds := &linux.SemidDS{
+	return &linux.SemidDS{
 		SemPerm: linux.IPCPerm{
 			Key:  uint32(s.key),
 			UID:  uint32(creds.UserNamespace.MapFromKUID(s.owner.UID)),
@@ -402,8 +411,7 @@ func (s *Set) GetStat(creds *auth.Credentials) (*linux.SemidDS, error) {
 		SemOTime: s.opTime.TimeT(),
 		SemCTime: s.changeTime.TimeT(),
 		SemNSems: uint64(s.Size()),
-	}
-	return ds, nil
+	}, nil
 }
 
 // SetVal overrides a semaphore value, waking up waiters as needed.
diff --git a/pkg/sentry/syscalls/linux/linux64.go b/pkg/sentry/syscalls/linux/linux64.go
index 4747117b8..ac53a0c0e 100644
--- a/pkg/sentry/syscalls/linux/linux64.go
+++ b/pkg/sentry/syscalls/linux/linux64.go
@@ -118,7 +118,7 @@ var AMD64 = &kernel.SyscallTable{
 		63:  syscalls.Supported("uname", Uname),
 		64:  syscalls.Supported("semget", Semget),
 		65:  syscalls.PartiallySupported("semop", Semop, "Option SEM_UNDO not supported.", nil),
-		66:  syscalls.PartiallySupported("semctl", Semctl, "Options SEM_STAT_ANY not supported.", nil),
+		66:  syscalls.Supported("semctl", Semctl),
 		67:  syscalls.Supported("shmdt", Shmdt),
 		68:  syscalls.ErrorWithEvent("msgget", syserror.ENOSYS, "", []string{"gvisor.dev/issue/135"}), // TODO(b/29354921)
 		69:  syscalls.ErrorWithEvent("msgsnd", syserror.ENOSYS, "", []string{"gvisor.dev/issue/135"}), // TODO(b/29354921)
@@ -619,7 +619,7 @@ var ARM64 = &kernel.SyscallTable{
 		188: syscalls.ErrorWithEvent("msgrcv", syserror.ENOSYS, "", []string{"gvisor.dev/issue/135"}),          // TODO(b/29354921)
 		189: syscalls.ErrorWithEvent("msgsnd", syserror.ENOSYS, "", []string{"gvisor.dev/issue/135"}),          // TODO(b/29354921)
 		190: syscalls.Supported("semget", Semget),
-		191: syscalls.PartiallySupported("semctl", Semctl, "Options SEM_STAT_ANY not supported.", nil),
+		191: syscalls.Supported("semctl", Semctl),
 		192: syscalls.Supported("semtimedop", Semtimedop),
 		193: syscalls.PartiallySupported("semop", Semop, "Option SEM_UNDO not supported.", nil),
 		194: syscalls.PartiallySupported("shmget", Shmget, "Option SHM_HUGETLB is not supported.", nil),
diff --git a/pkg/sentry/syscalls/linux/sys_sem.go b/pkg/sentry/syscalls/linux/sys_sem.go
index 55287f147..f0570d927 100644
--- a/pkg/sentry/syscalls/linux/sys_sem.go
+++ b/pkg/sentry/syscalls/linux/sys_sem.go
@@ -220,8 +220,16 @@ func Semctl(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscal
 		return uintptr(semid), nil, err
 
 	case linux.SEM_STAT_ANY:
-		t.Kernel().EmitUnimplementedEvent(t)
-		fallthrough
+		arg := args[3].Pointer()
+		// id is an index in SEM_STAT.
+		semid, ds, err := semStatAny(t, id)
+		if err != nil {
+			return 0, nil, err
+		}
+		if _, err := ds.CopyOut(t, arg); err != nil {
+			return 0, nil, err
+		}
+		return uintptr(semid), nil, err
 
 	default:
 		return 0, nil, syserror.EINVAL
@@ -272,7 +280,23 @@ func semStat(t *kernel.Task, index int32) (int32, *linux.SemidDS, error) {
 	}
 	creds := auth.CredentialsFromContext(t)
 	ds, err := set.GetStat(creds)
-	return set.ID, ds, err
+	if err != nil {
+		return 0, ds, err
+	}
+	return set.ID, ds, nil
+}
+
+func semStatAny(t *kernel.Task, index int32) (int32, *linux.SemidDS, error) {
+	set := t.IPCNamespace().SemaphoreRegistry().FindByIndex(index)
+	if set == nil {
+		return 0, nil, syserror.EINVAL
+	}
+	creds := auth.CredentialsFromContext(t)
+	ds, err := set.GetStatAny(creds)
+	if err != nil {
+		return 0, ds, err
+	}
+	return set.ID, ds, nil
 }
 
 func setVal(t *kernel.Task, id int32, num int32, val int16) error {
author	gVisor bot <gvisor-bot@google.com>	2021-02-25 21:01:34 +0000
committer	gVisor bot <gvisor-bot@google.com>	2021-02-25 21:01:34 +0000
commit	ca7a3c34629c390485c923f897392f8d3b09ae5f (patch)
tree	214634527efbc75e9f73edca421042cebf746c31 /pkg
parent	7751dcb2a85a2efefa647d0c0a4caa38e074f525 (diff)
parent	e50ee26207a99930be966bd48e04f5bccd85cc05 (diff)