summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/kernel/auth
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry/kernel/auth')
-rw-r--r--pkg/sentry/kernel/auth/BUILD17
-rw-r--r--pkg/sentry/kernel/auth/credentials.go2
-rw-r--r--pkg/sentry/kernel/auth/id_map.go2
-rw-r--r--pkg/sentry/kernel/auth/user_namespace.go2
4 files changed, 16 insertions, 7 deletions
diff --git a/pkg/sentry/kernel/auth/BUILD b/pkg/sentry/kernel/auth/BUILD
index a81085372..5b7b30557 100644
--- a/pkg/sentry/kernel/auth/BUILD
+++ b/pkg/sentry/kernel/auth/BUILD
@@ -1,7 +1,20 @@
package(licenses = ["notice"]) # Apache 2.0
load("//tools/go_generics:defs.bzl", "go_template_instance")
-load("//tools/go_stateify:defs.bzl", "go_library")
+load("//tools/go_stateify:defs.bzl", "go_library", "go_stateify")
+
+go_stateify(
+ name = "auth_state",
+ srcs = [
+ "credentials.go",
+ "id.go",
+ "id_map_range.go",
+ "id_map_set.go",
+ "user_namespace.go",
+ ],
+ out = "auth_state.go",
+ package = "auth",
+)
go_template_instance(
name = "id_map_range",
@@ -35,6 +48,7 @@ go_library(
name = "auth",
srcs = [
"auth.go",
+ "auth_state.go",
"capability_set.go",
"context.go",
"credentials.go",
@@ -52,6 +66,7 @@ go_library(
"//pkg/bits",
"//pkg/log",
"//pkg/sentry/context",
+ "//pkg/state",
"//pkg/syserror",
],
)
diff --git a/pkg/sentry/kernel/auth/credentials.go b/pkg/sentry/kernel/auth/credentials.go
index f18f7dac9..f6fb05285 100644
--- a/pkg/sentry/kernel/auth/credentials.go
+++ b/pkg/sentry/kernel/auth/credentials.go
@@ -21,8 +21,6 @@ import (
// Credentials contains information required to authorize privileged operations
// in a user namespace.
-//
-// +stateify savable
type Credentials struct {
// Real/effective/saved user/group IDs in the root user namespace. None of
// these should ever be NoID.
diff --git a/pkg/sentry/kernel/auth/id_map.go b/pkg/sentry/kernel/auth/id_map.go
index bd0090e0f..6adb33530 100644
--- a/pkg/sentry/kernel/auth/id_map.go
+++ b/pkg/sentry/kernel/auth/id_map.go
@@ -77,8 +77,6 @@ func (ns *UserNamespace) allIDsMapped(m *idMapSet, start, end uint32) bool {
// An IDMapEntry represents a mapping from a range of contiguous IDs in a user
// namespace to an equally-sized range of contiguous IDs in the namespace's
// parent.
-//
-// +stateify savable
type IDMapEntry struct {
// FirstID is the first ID in the range in the namespace.
FirstID uint32
diff --git a/pkg/sentry/kernel/auth/user_namespace.go b/pkg/sentry/kernel/auth/user_namespace.go
index d359f3f31..0980aeadf 100644
--- a/pkg/sentry/kernel/auth/user_namespace.go
+++ b/pkg/sentry/kernel/auth/user_namespace.go
@@ -23,8 +23,6 @@ import (
// A UserNamespace represents a user namespace. See user_namespaces(7) for
// details.
-//
-// +stateify savable
type UserNamespace struct {
// parent is this namespace's parent. If this is the root namespace, parent
// is nil. The parent pointer is immutable.