(t *kernel.Task, dirfd int32, path fspath.Path, emptyPathCheck shouldAllowEmptyPathType, shouldFollowFinalSymlink shouldFollowFinalSymlink)
| 37 | } |
| 38 | |
| 39 | func getTaskPathOperation(t *kernel.Task, dirfd int32, path fspath.Path, emptyPathCheck shouldAllowEmptyPathType, shouldFollowFinalSymlink shouldFollowFinalSymlink) (taskPathOperation, error) { |
| 40 | root := t.FSContext().RootDirectory() |
| 41 | start := root |
| 42 | haveStartRef := false |
| 43 | if !path.Absolute { |
| 44 | if !path.HasComponents() && !emptyPathCheck.allow() { |
| 45 | root.DecRef(t) |
| 46 | return taskPathOperation{}, linuxerr.ENOENT |
| 47 | } |
| 48 | if dirfd == linux.AT_FDCWD { |
| 49 | start = t.FSContext().WorkingDirectory() |
| 50 | haveStartRef = true |
| 51 | } else { |
| 52 | dirfile := t.GetFile(dirfd) |
| 53 | if dirfile == nil { |
| 54 | root.DecRef(t) |
| 55 | return taskPathOperation{}, linuxerr.EBADF |
| 56 | } |
| 57 | defer dirfile.DecRef(t) |
| 58 | |
| 59 | // AT_EMPTY_PATH is allowed only if t's creds are identical to the creds under which the FD was |
| 60 | // opened, or if t has CAP_DAC_READ_SEARCH in those creds' userns. |
| 61 | // Similar to how Linux handles LOOKUP_LINKAT_EMPTY in path_init() in fs/namei.c. |
| 62 | if emptyPathCheck == allowEmptyPathWithCredsCheck { |
| 63 | if dirfile.Credentials() != t.Credentials() && !t.HasCapabilityIn(linux.CAP_DAC_READ_SEARCH, dirfile.Credentials().UserNamespace) { |
| 64 | root.DecRef(t) |
| 65 | return taskPathOperation{}, linuxerr.ENOENT |
| 66 | } |
| 67 | } |
| 68 | |
| 69 | start = dirfile.VirtualDentry() |
| 70 | start.IncRef() |
| 71 | haveStartRef = true |
| 72 | } |
| 73 | } |
| 74 | return taskPathOperation{ |
| 75 | pop: vfs.PathOperation{ |
| 76 | Root: root, |
| 77 | Start: start, |
| 78 | Path: path, |
| 79 | FollowFinalSymlink: bool(shouldFollowFinalSymlink), |
| 80 | }, |
| 81 | haveStartRef: haveStartRef, |
| 82 | }, nil |
| 83 | } |
| 84 | |
| 85 | func (tpop *taskPathOperation) Release(t *kernel.Task) { |
| 86 | tpop.pop.Root.DecRef(t) |
no test coverage detected
searching dependent graphs…