diff options
-rw-r--r-- | pkg/abi/linux/fs.go | 1 | ||||
-rw-r--r-- | pkg/sentry/fsimpl/mqfs/BUILD | 33 | ||||
-rw-r--r-- | pkg/sentry/fsimpl/mqfs/inodes.go | 91 |
3 files changed, 125 insertions, 0 deletions
diff --git a/pkg/abi/linux/fs.go b/pkg/abi/linux/fs.go index cad24fcc7..edc90e54c 100644 --- a/pkg/abi/linux/fs.go +++ b/pkg/abi/linux/fs.go @@ -23,6 +23,7 @@ const ( DEVPTS_SUPER_MAGIC = 0x00001cd1 EXT_SUPER_MAGIC = 0xef53 FUSE_SUPER_MAGIC = 0x65735546 + MQUEUE_MAGIC = 0x19800202 OVERLAYFS_SUPER_MAGIC = 0x794c7630 PIPEFS_MAGIC = 0x50495045 PROC_SUPER_MAGIC = 0x9fa0 diff --git a/pkg/sentry/fsimpl/mqfs/BUILD b/pkg/sentry/fsimpl/mqfs/BUILD new file mode 100644 index 000000000..8a5925396 --- /dev/null +++ b/pkg/sentry/fsimpl/mqfs/BUILD @@ -0,0 +1,33 @@ +load("//tools:defs.bzl", "go_library") +load("//tools/go_generics:defs.bzl", "go_template_instance") + +package(licenses = ["notice"]) + +go_template_instance( + name = "root_inode_refs", + out = "root_inode_refs.go", + package = "mqfs", + prefix = "rootInode", + template = "//pkg/refsvfs2:refs_template", + types = { + "T": "rootInode", + }, +) + +go_library( + name = "mqfs", + srcs = [ + "inodes.go", + "root_inode_refs.go", + ], + visibility = ["//pkg/sentry:internal"], + deps = [ + "//pkg/abi/linux", + "//pkg/context", + "//pkg/errors/linuxerr", + "//pkg/refsvfs2", + "//pkg/sentry/fsimpl/kernfs", + "//pkg/sentry/kernel/auth", + "//pkg/sentry/vfs", + ], +) diff --git a/pkg/sentry/fsimpl/mqfs/inodes.go b/pkg/sentry/fsimpl/mqfs/inodes.go new file mode 100644 index 000000000..702db59ee --- /dev/null +++ b/pkg/sentry/fsimpl/mqfs/inodes.go @@ -0,0 +1,91 @@ +// Copyright 2021 The gVisor Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mqfs + +import ( + "bytes" + + "gvisor.dev/gvisor/pkg/abi/linux" + "gvisor.dev/gvisor/pkg/context" + "gvisor.dev/gvisor/pkg/errors/linuxerr" + "gvisor.dev/gvisor/pkg/sentry/fsimpl/kernfs" + "gvisor.dev/gvisor/pkg/sentry/kernel/auth" + "gvisor.dev/gvisor/pkg/sentry/vfs" +) + +// rootInode represents inode for filesystem's root directory (/dev/mqueue). +// +// +stateify savable +type rootInode struct { + rootInodeRefs + kernfs.InodeAlwaysValid + kernfs.InodeAttrs + kernfs.InodeDirectoryNoNewChildren + kernfs.InodeNotSymlink + kernfs.InodeTemporary + kernfs.OrderedChildren + implStatFS + + locks vfs.FileLocks +} + +var _ kernfs.Inode = (*rootInode)(nil) + +// newRootInode returns a new, initialized rootInode. +func (fs *filesystem) newRootInode(ctx context.Context, creds *auth.Credentials) kernfs.Inode { + inode := &rootInode{} + inode.InodeAttrs.Init(ctx, creds, linux.UNNAMED_MAJOR, fs.devMinor, fs.NextIno(), linux.ModeDirectory|linux.FileMode(0555)) + inode.OrderedChildren.Init(kernfs.OrderedChildrenOptions{Writable: true}) + inode.InitRefs() + return inode +} + +// Open implements kernfs.Inode.Open. +func (i *rootInode) Open(ctx context.Context, rp *vfs.ResolvingPath, d *kernfs.Dentry, opts vfs.OpenOptions) (*vfs.FileDescription, error) { + fd, err := kernfs.NewGenericDirectoryFD(rp.Mount(), d, &i.OrderedChildren, &i.locks, &opts, kernfs.GenericDirectoryFDOptions{ + SeekEnd: kernfs.SeekEndZero, + }) + if err != nil { + return nil, err + } + return fd.VFSFileDescription(), nil +} + +// DecRef implements kernfs.Inode.DecRef. +func (i *rootInode) DecRef(ctx context.Context) { + i.rootInodeRefs.DecRef(func() { i.Destroy(ctx) }) +} + +// Rename implements Inode.Rename and overrides OrderedChildren.Rename. mqueue +// filesystem allows files to be unlinked, but not renamed. +func (i *rootInode) Rename(ctx context.Context, oldname, newname string, child, dstDir kernfs.Inode) error { + return linuxerr.EPERM +} + +// SetStat implements kernfs.Inode.SetStat not allowing inode attributes to be changed. +func (*rootInode) SetStat(context.Context, *vfs.Filesystem, *auth.Credentials, vfs.SetStatOptions) error { + return linuxerr.EPERM +} + +// implStatFS provides an implementation of kernfs.Inode.StatFS for message +// queues to be embedded in inodes. +// +// +stateify savable +type implStatFS struct{} + +// StatFS implements kernfs.Inode.StatFS. +func (*implStatFS) StatFS(context.Context, *vfs.Filesystem) (linux.Statfs, error) { + return vfs.GenericStatFS(linux.MQUEUE_MAGIC), nil +} |