diff options
Diffstat (limited to 'pkg/sentry/fs/proc')
| -rw-r--r-- | pkg/sentry/fs/proc/filesystems.go | 3 | ||||
| -rw-r--r-- | pkg/sentry/fs/proc/fs.go | 5 |
2 files changed, 8 insertions, 0 deletions
diff --git a/pkg/sentry/fs/proc/filesystems.go b/pkg/sentry/fs/proc/filesystems.go index aa2c4db10..37db9cf9c 100644 --- a/pkg/sentry/fs/proc/filesystems.go +++ b/pkg/sentry/fs/proc/filesystems.go @@ -43,6 +43,9 @@ func (*filesystemsData) ReadSeqFileData(ctx context.Context, h seqfile.SeqHandle // Generate the file contents. var buf bytes.Buffer for _, sys := range fs.GetFilesystems() { + if !sys.AllowUserList() { + continue + } nodev := "nodev" if sys.Flags()&fs.FilesystemRequiresDev != 0 { nodev = "" diff --git a/pkg/sentry/fs/proc/fs.go b/pkg/sentry/fs/proc/fs.go index 072d00beb..3aadd6ac4 100644 --- a/pkg/sentry/fs/proc/fs.go +++ b/pkg/sentry/fs/proc/fs.go @@ -42,6 +42,11 @@ func (*filesystem) AllowUserMount() bool { return true } +// AllowUserList allows this filesystem to be listed in /proc/filesystems. +func (*filesystem) AllowUserList() bool { + return true +} + // Flags returns that there is nothing special about this file system. // // In Linux, proc returns FS_USERNS_VISIBLE | FS_USERNS_MOUNT, see fs/proc/root.c. |