gvisor/pkg/sentry/vfs/anonfs.go

// Copyright 2020 The gVisor Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package vfs

import (
	"fmt"

	"gvisor.dev/gvisor/pkg/abi/linux"
	"gvisor.dev/gvisor/pkg/context"
	"gvisor.dev/gvisor/pkg/fspath"
	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
	"gvisor.dev/gvisor/pkg/sentry/socket/unix/transport"
	"gvisor.dev/gvisor/pkg/syserror"
	"gvisor.dev/gvisor/pkg/usermem"
)

// NewAnonVirtualDentry returns a VirtualDentry with the given synthetic name,
// consistent with Linux's fs/anon_inodes.c:anon_inode_getfile(). References
// are taken on the returned VirtualDentry.
func (vfs *VirtualFilesystem) NewAnonVirtualDentry(name string) VirtualDentry {
	d := anonDentry{
		name: name,
	}
	d.vfsd.Init(&d)
	vfs.anonMount.IncRef()
	// anonDentry no-ops refcounting.
	return VirtualDentry{
		mount:  vfs.anonMount,
		dentry: &d.vfsd,
	}
}

const (
	anonfsBlockSize = usermem.PageSize // via fs/libfs.c:pseudo_fs_fill_super()

	// Mode, UID, and GID for a generic anonfs file.
	anonFileMode = 0600 // no type is correct
	anonFileUID  = auth.RootKUID
	anonFileGID  = auth.RootKGID
)

// anonFilesystemType implements FilesystemType.
type anonFilesystemType struct{}

// GetFilesystem implements FilesystemType.GetFilesystem.
func (anonFilesystemType) GetFilesystem(context.Context, *VirtualFilesystem, *auth.Credentials, string, GetFilesystemOptions) (*Filesystem, *Dentry, error) {
	panic("cannot instaniate an anon filesystem")
}

// Name implemenents FilesystemType.Name.
func (anonFilesystemType) Name() string {
	return "none"
}

// anonFilesystem is the implementation of FilesystemImpl that backs
// VirtualDentries returned by VirtualFilesystem.NewAnonVirtualDentry().
//
// Since all Dentries in anonFilesystem are non-directories, all FilesystemImpl
// methods that would require an anonDentry to be a directory return ENOTDIR.
type anonFilesystem struct {
	vfsfs Filesystem

	devMinor uint32
}

type anonDentry struct {
	vfsd Dentry

	name string
}

// Release implements FilesystemImpl.Release.
func (fs *anonFilesystem) Release() {
}

// Sync implements FilesystemImpl.Sync.
func (fs *anonFilesystem) Sync(ctx context.Context) error {
	return nil
}

// AccessAt implements vfs.Filesystem.Impl.AccessAt.
func (fs *anonFilesystem) AccessAt(ctx context.Context, rp *ResolvingPath, creds *auth.Credentials, ats AccessTypes) error {
	if !rp.Done() {
		return syserror.ENOTDIR
	}
	return GenericCheckPermissions(creds, ats, anonFileMode, anonFileUID, anonFileGID)
}

// GetDentryAt implements FilesystemImpl.GetDentryAt.
func (fs *anonFilesystem) GetDentryAt(ctx context.Context, rp *ResolvingPath, opts GetDentryOptions) (*Dentry, error) {
	if !rp.Done() {
		return nil, syserror.ENOTDIR
	}
	if opts.CheckSearchable {
		return nil, syserror.ENOTDIR
	}
	// anonDentry no-ops refcounting.
	return rp.Start(), nil
}

// GetParentDentryAt implements FilesystemImpl.GetParentDentryAt.
func (fs *anonFilesystem) GetParentDentryAt(ctx context.Context, rp *ResolvingPath) (*Dentry, error) {
	if !rp.Final() {
		return nil, syserror.ENOTDIR
	}
	// anonDentry no-ops refcounting.
	return rp.Start(), nil
}

// LinkAt implements FilesystemImpl.LinkAt.
func (fs *anonFilesystem) LinkAt(ctx context.Context, rp *ResolvingPath, vd VirtualDentry) error {
	if !rp.Final() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// MkdirAt implements FilesystemImpl.MkdirAt.
func (fs *anonFilesystem) MkdirAt(ctx context.Context, rp *ResolvingPath, opts MkdirOptions) error {
	if !rp.Final() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// MknodAt implements FilesystemImpl.MknodAt.
func (fs *anonFilesystem) MknodAt(ctx context.Context, rp *ResolvingPath, opts MknodOptions) error {
	if !rp.Final() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// OpenAt implements FilesystemImpl.OpenAt.
func (fs *anonFilesystem) OpenAt(ctx context.Context, rp *ResolvingPath, opts OpenOptions) (*FileDescription, error) {
	if !rp.Done() {
		return nil, syserror.ENOTDIR
	}
	return nil, syserror.ENODEV
}

// ReadlinkAt implements FilesystemImpl.ReadlinkAt.
func (fs *anonFilesystem) ReadlinkAt(ctx context.Context, rp *ResolvingPath) (string, error) {
	if !rp.Done() {
		return "", syserror.ENOTDIR
	}
	return "", syserror.EINVAL
}

// RenameAt implements FilesystemImpl.RenameAt.
func (fs *anonFilesystem) RenameAt(ctx context.Context, rp *ResolvingPath, oldParentVD VirtualDentry, oldName string, opts RenameOptions) error {
	if !rp.Final() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// RmdirAt implements FilesystemImpl.RmdirAt.
func (fs *anonFilesystem) RmdirAt(ctx context.Context, rp *ResolvingPath) error {
	if !rp.Final() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// SetStatAt implements FilesystemImpl.SetStatAt.
func (fs *anonFilesystem) SetStatAt(ctx context.Context, rp *ResolvingPath, opts SetStatOptions) error {
	if !rp.Done() {
		return syserror.ENOTDIR
	}
	// Linux actually permits anon_inode_inode's metadata to be set, which is
	// visible to all users of anon_inode_inode. We just silently ignore
	// metadata changes.
	return nil
}

// StatAt implements FilesystemImpl.StatAt.
func (fs *anonFilesystem) StatAt(ctx context.Context, rp *ResolvingPath, opts StatOptions) (linux.Statx, error) {
	if !rp.Done() {
		return linux.Statx{}, syserror.ENOTDIR
	}
	// See fs/anon_inodes.c:anon_inode_init() => fs/libfs.c:alloc_anon_inode().
	return linux.Statx{
		Mask:     linux.STATX_TYPE | linux.STATX_MODE | linux.STATX_NLINK | linux.STATX_UID | linux.STATX_GID | linux.STATX_INO | linux.STATX_SIZE | linux.STATX_BLOCKS,
		Blksize:  anonfsBlockSize,
		Nlink:    1,
		UID:      uint32(anonFileUID),
		GID:      uint32(anonFileGID),
		Mode:     anonFileMode,
		Ino:      1,
		Size:     0,
		Blocks:   0,
		DevMajor: linux.UNNAMED_MAJOR,
		DevMinor: fs.devMinor,
	}, nil
}

// StatFSAt implements FilesystemImpl.StatFSAt.
func (fs *anonFilesystem) StatFSAt(ctx context.Context, rp *ResolvingPath) (linux.Statfs, error) {
	if !rp.Done() {
		return linux.Statfs{}, syserror.ENOTDIR
	}
	return linux.Statfs{
		Type:      linux.ANON_INODE_FS_MAGIC,
		BlockSize: anonfsBlockSize,
	}, nil
}

// SymlinkAt implements FilesystemImpl.SymlinkAt.
func (fs *anonFilesystem) SymlinkAt(ctx context.Context, rp *ResolvingPath, target string) error {
	if !rp.Final() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// UnlinkAt implements FilesystemImpl.UnlinkAt.
func (fs *anonFilesystem) UnlinkAt(ctx context.Context, rp *ResolvingPath) error {
	if !rp.Final() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// BoundEndpointAt implements FilesystemImpl.BoundEndpointAt.
func (fs *anonFilesystem) BoundEndpointAt(ctx context.Context, rp *ResolvingPath, opts BoundEndpointOptions) (transport.BoundEndpoint, error) {
	if !rp.Final() {
		return nil, syserror.ENOTDIR
	}
	if err := GenericCheckPermissions(rp.Credentials(), MayWrite, anonFileMode, anonFileUID, anonFileGID); err != nil {
		return nil, err
	}
	return nil, syserror.ECONNREFUSED
}

// ListxattrAt implements FilesystemImpl.ListxattrAt.
func (fs *anonFilesystem) ListxattrAt(ctx context.Context, rp *ResolvingPath, size uint64) ([]string, error) {
	if !rp.Done() {
		return nil, syserror.ENOTDIR
	}
	return nil, nil
}

// GetxattrAt implements FilesystemImpl.GetxattrAt.
func (fs *anonFilesystem) GetxattrAt(ctx context.Context, rp *ResolvingPath, opts GetxattrOptions) (string, error) {
	if !rp.Done() {
		return "", syserror.ENOTDIR
	}
	return "", syserror.ENOTSUP
}

// SetxattrAt implements FilesystemImpl.SetxattrAt.
func (fs *anonFilesystem) SetxattrAt(ctx context.Context, rp *ResolvingPath, opts SetxattrOptions) error {
	if !rp.Done() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// RemovexattrAt implements FilesystemImpl.RemovexattrAt.
func (fs *anonFilesystem) RemovexattrAt(ctx context.Context, rp *ResolvingPath, name string) error {
	if !rp.Done() {
		return syserror.ENOTDIR
	}
	return syserror.EPERM
}

// PrependPath implements FilesystemImpl.PrependPath.
func (fs *anonFilesystem) PrependPath(ctx context.Context, vfsroot, vd VirtualDentry, b *fspath.Builder) error {
	b.PrependComponent(fmt.Sprintf("anon_inode:%s", vd.dentry.impl.(*anonDentry).name))
	return PrependPathSyntheticError{}
}

// IncRef implements DentryImpl.IncRef.
func (d *anonDentry) IncRef() {
	// no-op
}

// TryIncRef implements DentryImpl.TryIncRef.
func (d *anonDentry) TryIncRef() bool {
	return true
}

// DecRef implements DentryImpl.DecRef.
func (d *anonDentry) DecRef() {
	// no-op
}