Implement file locks for regular tmpfs files in VFSv2.
Add a file lock implementation that can be embedded into various filesystem implementations. Updates #1480 PiperOrigin-RevId: 292614758
This commit is contained in:
parent
77bf586db7
commit
6c3072243d
|
@ -38,6 +38,7 @@ go_library(
|
|||
"//pkg/sentry/arch",
|
||||
"//pkg/sentry/fs",
|
||||
"//pkg/sentry/fs/fsutil",
|
||||
"//pkg/sentry/fs/lock",
|
||||
"//pkg/sentry/kernel",
|
||||
"//pkg/sentry/kernel/auth",
|
||||
"//pkg/sentry/kernel/pipe",
|
||||
|
@ -47,6 +48,7 @@ go_library(
|
|||
"//pkg/sentry/platform",
|
||||
"//pkg/sentry/usage",
|
||||
"//pkg/sentry/vfs",
|
||||
"//pkg/sentry/vfs/lock",
|
||||
"//pkg/sync",
|
||||
"//pkg/syserror",
|
||||
"//pkg/usermem",
|
||||
|
@ -86,6 +88,7 @@ go_test(
|
|||
"//pkg/context",
|
||||
"//pkg/fspath",
|
||||
"//pkg/sentry/contexttest",
|
||||
"//pkg/sentry/fs/lock",
|
||||
"//pkg/sentry/kernel/auth",
|
||||
"//pkg/sentry/kernel/contexttest",
|
||||
"//pkg/sentry/vfs",
|
||||
|
|
|
@ -23,6 +23,7 @@ import (
|
|||
"gvisor.dev/gvisor/pkg/context"
|
||||
"gvisor.dev/gvisor/pkg/safemem"
|
||||
"gvisor.dev/gvisor/pkg/sentry/fs/fsutil"
|
||||
"gvisor.dev/gvisor/pkg/sentry/fs/lock"
|
||||
"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
|
||||
"gvisor.dev/gvisor/pkg/sentry/memmap"
|
||||
"gvisor.dev/gvisor/pkg/sentry/pgalloc"
|
||||
|
@ -192,6 +193,28 @@ func (fd *regularFileFD) Sync(ctx context.Context) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// LockBSD implements vfs.FileDescriptionImpl.LockBSD.
|
||||
func (fd *regularFileFD) LockBSD(ctx context.Context, uid lock.UniqueID, t lock.LockType, block lock.Blocker) error {
|
||||
return fd.inode().lockBSD(uid, t, block)
|
||||
}
|
||||
|
||||
// UnlockBSD implements vfs.FileDescriptionImpl.UnlockBSD.
|
||||
func (fd *regularFileFD) UnlockBSD(ctx context.Context, uid lock.UniqueID) error {
|
||||
fd.inode().unlockBSD(uid)
|
||||
return nil
|
||||
}
|
||||
|
||||
// LockPOSIX implements vfs.FileDescriptionImpl.LockPOSIX.
|
||||
func (fd *regularFileFD) LockPOSIX(ctx context.Context, uid lock.UniqueID, t lock.LockType, rng lock.LockRange, block lock.Blocker) error {
|
||||
return fd.inode().lockPOSIX(uid, t, rng, block)
|
||||
}
|
||||
|
||||
// UnlockPOSIX implements vfs.FileDescriptionImpl.UnlockPOSIX.
|
||||
func (fd *regularFileFD) UnlockPOSIX(ctx context.Context, uid lock.UniqueID, rng lock.LockRange) error {
|
||||
fd.inode().unlockPOSIX(uid, rng)
|
||||
return nil
|
||||
}
|
||||
|
||||
// regularFileReadWriter implements safemem.Reader and Safemem.Writer.
|
||||
type regularFileReadWriter struct {
|
||||
file *regularFile
|
||||
|
|
|
@ -24,9 +24,11 @@ import (
|
|||
"gvisor.dev/gvisor/pkg/abi/linux"
|
||||
"gvisor.dev/gvisor/pkg/context"
|
||||
"gvisor.dev/gvisor/pkg/fspath"
|
||||
"gvisor.dev/gvisor/pkg/sentry/fs/lock"
|
||||
"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
|
||||
"gvisor.dev/gvisor/pkg/sentry/kernel/contexttest"
|
||||
"gvisor.dev/gvisor/pkg/sentry/vfs"
|
||||
"gvisor.dev/gvisor/pkg/syserror"
|
||||
"gvisor.dev/gvisor/pkg/usermem"
|
||||
)
|
||||
|
||||
|
@ -260,6 +262,60 @@ func TestPWrite(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestLocks(t *testing.T) {
|
||||
ctx := contexttest.Context(t)
|
||||
fd, cleanup, err := newFileFD(ctx, 0644)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer cleanup()
|
||||
|
||||
var (
|
||||
uid1 lock.UniqueID
|
||||
uid2 lock.UniqueID
|
||||
// Non-blocking.
|
||||
block lock.Blocker
|
||||
)
|
||||
|
||||
uid1 = 123
|
||||
uid2 = 456
|
||||
|
||||
if err := fd.Impl().LockBSD(ctx, uid1, lock.ReadLock, block); err != nil {
|
||||
t.Fatalf("fd.Impl().LockBSD failed: err = %v", err)
|
||||
}
|
||||
if err := fd.Impl().LockBSD(ctx, uid2, lock.ReadLock, block); err != nil {
|
||||
t.Fatalf("fd.Impl().LockBSD failed: err = %v", err)
|
||||
}
|
||||
if got, want := fd.Impl().LockBSD(ctx, uid2, lock.WriteLock, block), syserror.ErrWouldBlock; got != want {
|
||||
t.Fatalf("fd.Impl().LockBSD failed: got = %v, want = %v", got, want)
|
||||
}
|
||||
if err := fd.Impl().UnlockBSD(ctx, uid1); err != nil {
|
||||
t.Fatalf("fd.Impl().UnlockBSD failed: err = %v", err)
|
||||
}
|
||||
if err := fd.Impl().LockBSD(ctx, uid2, lock.WriteLock, block); err != nil {
|
||||
t.Fatalf("fd.Impl().LockBSD failed: err = %v", err)
|
||||
}
|
||||
|
||||
rng1 := lock.LockRange{0, 1}
|
||||
rng2 := lock.LockRange{1, 2}
|
||||
|
||||
if err := fd.Impl().LockPOSIX(ctx, uid1, lock.ReadLock, rng1, block); err != nil {
|
||||
t.Fatalf("fd.Impl().LockPOSIX failed: err = %v", err)
|
||||
}
|
||||
if err := fd.Impl().LockPOSIX(ctx, uid2, lock.ReadLock, rng2, block); err != nil {
|
||||
t.Fatalf("fd.Impl().LockPOSIX failed: err = %v", err)
|
||||
}
|
||||
if err := fd.Impl().LockPOSIX(ctx, uid1, lock.WriteLock, rng1, block); err != nil {
|
||||
t.Fatalf("fd.Impl().LockPOSIX failed: err = %v", err)
|
||||
}
|
||||
if got, want := fd.Impl().LockPOSIX(ctx, uid2, lock.ReadLock, rng1, block), syserror.ErrWouldBlock; got != want {
|
||||
t.Fatalf("fd.Impl().LockPOSIX failed: got = %v, want = %v", got, want)
|
||||
}
|
||||
if err := fd.Impl().UnlockPOSIX(ctx, uid1, rng1); err != nil {
|
||||
t.Fatalf("fd.Impl().UnlockPOSIX failed: err = %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestPRead(t *testing.T) {
|
||||
ctx := contexttest.Context(t)
|
||||
fd, cleanup, err := newFileFD(ctx, 0644)
|
||||
|
|
|
@ -30,10 +30,12 @@ import (
|
|||
|
||||
"gvisor.dev/gvisor/pkg/abi/linux"
|
||||
"gvisor.dev/gvisor/pkg/context"
|
||||
fslock "gvisor.dev/gvisor/pkg/sentry/fs/lock"
|
||||
"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
|
||||
"gvisor.dev/gvisor/pkg/sentry/kernel/time"
|
||||
"gvisor.dev/gvisor/pkg/sentry/pgalloc"
|
||||
"gvisor.dev/gvisor/pkg/sentry/vfs"
|
||||
"gvisor.dev/gvisor/pkg/sentry/vfs/lock"
|
||||
"gvisor.dev/gvisor/pkg/sync"
|
||||
"gvisor.dev/gvisor/pkg/syserror"
|
||||
)
|
||||
|
@ -153,6 +155,9 @@ type inode struct {
|
|||
rdevMajor uint32
|
||||
rdevMinor uint32
|
||||
|
||||
// Advisory file locks, which lock at the inode level.
|
||||
locks lock.FileLocks
|
||||
|
||||
impl interface{} // immutable
|
||||
}
|
||||
|
||||
|
@ -352,6 +357,44 @@ func (i *inode) setStat(stat linux.Statx) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// TODO(gvisor.dev/issue/1480): support file locking for file types other than regular.
|
||||
func (i *inode) lockBSD(uid fslock.UniqueID, t fslock.LockType, block fslock.Blocker) error {
|
||||
switch i.impl.(type) {
|
||||
case *regularFile:
|
||||
return i.locks.LockBSD(uid, t, block)
|
||||
}
|
||||
return syserror.EBADF
|
||||
}
|
||||
|
||||
// TODO(gvisor.dev/issue/1480): support file locking for file types other than regular.
|
||||
func (i *inode) unlockBSD(uid fslock.UniqueID) error {
|
||||
switch i.impl.(type) {
|
||||
case *regularFile:
|
||||
i.locks.UnlockBSD(uid)
|
||||
return nil
|
||||
}
|
||||
return syserror.EBADF
|
||||
}
|
||||
|
||||
// TODO(gvisor.dev/issue/1480): support file locking for file types other than regular.
|
||||
func (i *inode) lockPOSIX(uid fslock.UniqueID, t fslock.LockType, rng fslock.LockRange, block fslock.Blocker) error {
|
||||
switch i.impl.(type) {
|
||||
case *regularFile:
|
||||
return i.locks.LockPOSIX(uid, t, rng, block)
|
||||
}
|
||||
return syserror.EBADF
|
||||
}
|
||||
|
||||
// TODO(gvisor.dev/issue/1480): support file locking for file types other than regular.
|
||||
func (i *inode) unlockPOSIX(uid fslock.UniqueID, rng fslock.LockRange) error {
|
||||
switch i.impl.(type) {
|
||||
case *regularFile:
|
||||
i.locks.UnlockPOSIX(uid, rng)
|
||||
return nil
|
||||
}
|
||||
return syserror.EBADF
|
||||
}
|
||||
|
||||
// allocatedBlocksForSize returns the number of 512B blocks needed to
|
||||
// accommodate the given size in bytes, as appropriate for struct
|
||||
// stat::st_blocks and struct statx::stx_blocks. (Note that this 512B block
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
load("//tools:defs.bzl", "go_library")
|
||||
|
||||
package(licenses = ["notice"])
|
||||
|
||||
go_library(
|
||||
name = "lock",
|
||||
srcs = ["lock.go"],
|
||||
visibility = ["//pkg/sentry:internal"],
|
||||
deps = [
|
||||
"//pkg/sentry/fs/lock",
|
||||
"//pkg/syserror",
|
||||
],
|
||||
)
|
|
@ -0,0 +1,72 @@
|
|||
// Copyright 2020 The gVisor Authors.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Package lock provides POSIX and BSD style file locking for VFS2 file
|
||||
// implementations.
|
||||
//
|
||||
// The actual implementations can be found in the lock package under
|
||||
// sentry/fs/lock.
|
||||
package lock
|
||||
|
||||
import (
|
||||
fslock "gvisor.dev/gvisor/pkg/sentry/fs/lock"
|
||||
"gvisor.dev/gvisor/pkg/syserror"
|
||||
)
|
||||
|
||||
// FileLocks supports POSIX and BSD style locks, which correspond to fcntl(2)
|
||||
// and flock(2) respectively in Linux. It can be embedded into various file
|
||||
// implementations for VFS2 that support locking.
|
||||
//
|
||||
// Note that in Linux these two types of locks are _not_ cooperative, because
|
||||
// race and deadlock conditions make merging them prohibitive. We do the same
|
||||
// and keep them oblivious to each other.
|
||||
type FileLocks struct {
|
||||
// bsd is a set of BSD-style advisory file wide locks, see flock(2).
|
||||
bsd fslock.Locks
|
||||
|
||||
// posix is a set of POSIX-style regional advisory locks, see fcntl(2).
|
||||
posix fslock.Locks
|
||||
}
|
||||
|
||||
// LockBSD tries to acquire a BSD-style lock on the entire file.
|
||||
func (fl *FileLocks) LockBSD(uid fslock.UniqueID, t fslock.LockType, block fslock.Blocker) error {
|
||||
if fl.bsd.LockRegion(uid, t, fslock.LockRange{0, fslock.LockEOF}, block) {
|
||||
return nil
|
||||
}
|
||||
return syserror.ErrWouldBlock
|
||||
}
|
||||
|
||||
// UnlockBSD releases a BSD-style lock on the entire file.
|
||||
//
|
||||
// This operation is always successful, even if there did not exist a lock on
|
||||
// the requested region held by uid in the first place.
|
||||
func (fl *FileLocks) UnlockBSD(uid fslock.UniqueID) {
|
||||
fl.bsd.UnlockRegion(uid, fslock.LockRange{0, fslock.LockEOF})
|
||||
}
|
||||
|
||||
// LockPOSIX tries to acquire a POSIX-style lock on a file region.
|
||||
func (fl *FileLocks) LockPOSIX(uid fslock.UniqueID, t fslock.LockType, rng fslock.LockRange, block fslock.Blocker) error {
|
||||
if fl.posix.LockRegion(uid, t, rng, block) {
|
||||
return nil
|
||||
}
|
||||
return syserror.ErrWouldBlock
|
||||
}
|
||||
|
||||
// UnlockPOSIX releases a POSIX-style lock on a file region.
|
||||
//
|
||||
// This operation is always successful, even if there did not exist a lock on
|
||||
// the requested region held by uid in the first place.
|
||||
func (fl *FileLocks) UnlockPOSIX(uid fslock.UniqueID, rng fslock.LockRange) {
|
||||
fl.posix.UnlockRegion(uid, rng)
|
||||
}
|
Loading…
Reference in New Issue