general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Skip the inode permission check if uid is root

Browse Source
This commit is contained in:
LI Qing 2022-08-02 11:18:08 +08:00 committed by volcano
parent fbff05bddb
commit 0513a17e81
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/libos/src/fs/inode_file.rs
View File

@ -1,5 +1,6 @@
use super::*;
use crate::net::PollEventFlags;
use crate::process::do_getuid;
use rcore_fs::vfs::FallocateMode;
use rcore_fs_sefs::dev::SefsMac;
@ -409,12 +410,23 @@ impl INodeExt for dyn INode {
}
fn allow_write(&self) -> Result<bool> {
// TODO: Since Occlum does not support the capability,
// just skip the permission check if uid is root.
if do_getuid().unwrap() == 0 {
return Ok(true);
}
let info = self.metadata()?;
let file_mode = FileMode::from_bits_truncate(info.mode);
Ok(file_mode.is_writable())
}
fn allow_read(&self) -> Result<bool> {
// TODO: See the comments in allow_write
if do_getuid().unwrap() == 0 {
return Ok(true);
}
let info = self.metadata()?;
let file_mode = FileMode::from_bits_truncate(info.mode);
Ok(file_mode.is_readable())