summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/syscalls
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry/syscalls')
-rw-r--r--pkg/sentry/syscalls/linux/error.go19
-rw-r--r--pkg/sentry/syscalls/linux/sys_prctl.go18
-rw-r--r--pkg/sentry/syscalls/linux/vfs2/aio.go2
3 files changed, 31 insertions, 8 deletions
diff --git a/pkg/sentry/syscalls/linux/error.go b/pkg/sentry/syscalls/linux/error.go
index d1778d029..5bd526b73 100644
--- a/pkg/sentry/syscalls/linux/error.go
+++ b/pkg/sentry/syscalls/linux/error.go
@@ -18,6 +18,7 @@ import (
"io"
"gvisor.dev/gvisor/pkg/abi/linux"
+ "gvisor.dev/gvisor/pkg/context"
"gvisor.dev/gvisor/pkg/log"
"gvisor.dev/gvisor/pkg/metric"
"gvisor.dev/gvisor/pkg/sentry/fs"
@@ -36,16 +37,16 @@ var (
// errors, we may consume the error and return only the partial read/write.
//
// op and f are used only for panics.
-func HandleIOErrorVFS2(t *kernel.Task, partialResult bool, ioerr, intr error, op string, f *vfs.FileDescription) error {
- known, err := handleIOErrorImpl(t, partialResult, ioerr, intr, op)
+func HandleIOErrorVFS2(ctx context.Context, partialResult bool, ioerr, intr error, op string, f *vfs.FileDescription) error {
+ known, err := handleIOErrorImpl(ctx, partialResult, ioerr, intr, op)
if err != nil {
return err
}
if !known {
// An unknown error is encountered with a partial read/write.
fs := f.Mount().Filesystem().VirtualFilesystem()
- root := vfs.RootFromContext(t)
- name, _ := fs.PathnameWithDeleted(t, root, f.VirtualDentry())
+ root := vfs.RootFromContext(ctx)
+ name, _ := fs.PathnameWithDeleted(ctx, root, f.VirtualDentry())
log.Traceback("Invalid request partialResult %v and err (type %T) %v for %s operation on %q", partialResult, ioerr, ioerr, op, name)
partialResultOnce.Do(partialResultMetric.Increment)
}
@@ -56,8 +57,8 @@ func HandleIOErrorVFS2(t *kernel.Task, partialResult bool, ioerr, intr error, op
// errors, we may consume the error and return only the partial read/write.
//
// op and f are used only for panics.
-func handleIOError(t *kernel.Task, partialResult bool, ioerr, intr error, op string, f *fs.File) error {
- known, err := handleIOErrorImpl(t, partialResult, ioerr, intr, op)
+func handleIOError(ctx context.Context, partialResult bool, ioerr, intr error, op string, f *fs.File) error {
+ known, err := handleIOErrorImpl(ctx, partialResult, ioerr, intr, op)
if err != nil {
return err
}
@@ -74,7 +75,7 @@ func handleIOError(t *kernel.Task, partialResult bool, ioerr, intr error, op str
// errors, we may consume the error and return only the partial read/write.
//
// Returns false if error is unknown.
-func handleIOErrorImpl(t *kernel.Task, partialResult bool, err, intr error, op string) (bool, error) {
+func handleIOErrorImpl(ctx context.Context, partialResult bool, err, intr error, op string) (bool, error) {
switch err {
case nil:
// Typical successful syscall.
@@ -85,6 +86,10 @@ func handleIOErrorImpl(t *kernel.Task, partialResult bool, err, intr error, op s
// they will see 0.
return true, nil
case syserror.ErrExceedsFileSizeLimit:
+ t := kernel.TaskFromContext(ctx)
+ if t == nil {
+ panic("I/O error should only occur from a context associated with a Task")
+ }
// Ignore partialResult because this error only applies to
// normal files, and for those files we cannot accumulate
// write results.
diff --git a/pkg/sentry/syscalls/linux/sys_prctl.go b/pkg/sentry/syscalls/linux/sys_prctl.go
index a892d2c62..9890dd946 100644
--- a/pkg/sentry/syscalls/linux/sys_prctl.go
+++ b/pkg/sentry/syscalls/linux/sys_prctl.go
@@ -172,6 +172,24 @@ func Prctl(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Syscall
}
return 1, nil, nil
+ case linux.PR_SET_PTRACER:
+ pid := args[1].Int()
+ switch pid {
+ case 0:
+ t.ClearYAMAException()
+ return 0, nil, nil
+ case linux.PR_SET_PTRACER_ANY:
+ t.SetYAMAException(nil)
+ return 0, nil, nil
+ default:
+ tracer := t.PIDNamespace().TaskWithID(kernel.ThreadID(pid))
+ if tracer == nil {
+ return 0, nil, syserror.EINVAL
+ }
+ t.SetYAMAException(tracer)
+ return 0, nil, nil
+ }
+
case linux.PR_SET_SECCOMP:
if args[1].Int() != linux.SECCOMP_MODE_FILTER {
// Unsupported mode.
diff --git a/pkg/sentry/syscalls/linux/vfs2/aio.go b/pkg/sentry/syscalls/linux/vfs2/aio.go
index 1365a5a62..de6789a65 100644
--- a/pkg/sentry/syscalls/linux/vfs2/aio.go
+++ b/pkg/sentry/syscalls/linux/vfs2/aio.go
@@ -177,7 +177,7 @@ func getAIOCallback(t *kernel.Task, fd, eventFD *vfs.FileDescription, cbAddr use
// Update the result.
if err != nil {
- err = slinux.HandleIOErrorVFS2(t, ev.Result != 0 /* partial */, err, nil /* never interrupted */, "aio", fd)
+ err = slinux.HandleIOErrorVFS2(ctx, ev.Result != 0 /* partial */, err, nil /* never interrupted */, "aio", fd)
ev.Result = -int64(kernel.ExtractErrno(err, 0))
}