Do not leak non-permission mode bits in mq_open(2).
As caught by syzkaller, we were leaking non-permission bits while passing the user generated mode. DynamicBytesFile panics in this case. Reported-by: syzbot+5abe52d47d56a5a98c89@syzkaller.appspotmail.com PiperOrigin-RevId: 405481392
This commit is contained in:
parent
a8a66d899f
commit
4d07fc952d
|
@ -122,7 +122,7 @@ type OpenOpts struct {
|
|||
|
||||
// FindOrCreate creates a new POSIX message queue or opens an existing queue.
|
||||
// See mq_open(2).
|
||||
func (r *Registry) FindOrCreate(ctx context.Context, opts OpenOpts, perm linux.FileMode, attr *linux.MqAttr) (*vfs.FileDescription, error) {
|
||||
func (r *Registry) FindOrCreate(ctx context.Context, opts OpenOpts, mode linux.FileMode, attr *linux.MqAttr) (*vfs.FileDescription, error) {
|
||||
// mq_overview(7) mentions that: "Each message queue is identified by a name
|
||||
// of the form '/somename'", but the mq_open(3) man pages mention:
|
||||
// "The mq_open() library function is implemented on top of a system call
|
||||
|
@ -182,11 +182,11 @@ func (r *Registry) FindOrCreate(ctx context.Context, opts OpenOpts, perm linux.F
|
|||
return nil, linuxerr.ENOENT
|
||||
}
|
||||
|
||||
q, err := r.newQueueLocked(auth.CredentialsFromContext(ctx), fs.FileOwnerFromContext(ctx), fs.FilePermsFromMode(perm), attr)
|
||||
q, err := r.newQueueLocked(auth.CredentialsFromContext(ctx), fs.FileOwnerFromContext(ctx), fs.FilePermsFromMode(mode), attr)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return r.impl.New(ctx, opts.Name, q, opts.Access, opts.Block, perm, flags)
|
||||
return r.impl.New(ctx, opts.Name, q, opts.Access, opts.Block, mode.Permissions(), flags)
|
||||
}
|
||||
|
||||
// newQueueLocked creates a new queue using the given attributes. If attr is nil
|
||||
|
|
|
@ -34,8 +34,6 @@ namespace gvisor {
|
|||
namespace testing {
|
||||
namespace {
|
||||
|
||||
using ::testing::_;
|
||||
|
||||
// PosixQueue is a RAII class used to automatically clean POSIX message queues.
|
||||
class PosixQueue {
|
||||
public:
|
||||
|
@ -124,8 +122,13 @@ PosixError MqClose(mqd_t fd) {
|
|||
// Test simple opening and closing of a message queue.
|
||||
TEST(MqTest, Open) {
|
||||
SKIP_IF(IsRunningWithVFS1());
|
||||
EXPECT_THAT(MqOpen(O_RDWR | O_CREAT | O_EXCL, 0777, nullptr),
|
||||
IsPosixErrorOkAndHolds(_));
|
||||
ASSERT_NO_ERRNO(MqOpen(O_RDWR | O_CREAT | O_EXCL, 0777, nullptr));
|
||||
}
|
||||
|
||||
TEST(MqTest, ModeWithFileType) {
|
||||
SKIP_IF(IsRunningWithVFS1());
|
||||
// S_IFIFO should be ignored.
|
||||
ASSERT_NO_ERRNO(MqOpen(O_RDWR | O_CREAT | O_EXCL, 0777 | S_IFIFO, nullptr));
|
||||
}
|
||||
|
||||
// Test mq_open(2) after mq_unlink(2).
|
||||
|
|
Loading…
Reference in New Issue