142 lines
3.9 KiB
Go
142 lines
3.9 KiB
Go
// Copyright 2020 The gVisor Authors.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package gofer
|
|
|
|
import (
|
|
"syscall"
|
|
|
|
"gvisor.dev/gvisor/pkg/abi/linux"
|
|
"gvisor.dev/gvisor/pkg/context"
|
|
"gvisor.dev/gvisor/pkg/log"
|
|
"gvisor.dev/gvisor/pkg/p9"
|
|
"gvisor.dev/gvisor/pkg/sentry/fsimpl/host"
|
|
"gvisor.dev/gvisor/pkg/sentry/socket/unix/transport"
|
|
"gvisor.dev/gvisor/pkg/syserr"
|
|
"gvisor.dev/gvisor/pkg/waiter"
|
|
)
|
|
|
|
func (d *dentry) isSocket() bool {
|
|
return d.fileType() == linux.S_IFSOCK
|
|
}
|
|
|
|
// endpoint is a Gofer-backed transport.BoundEndpoint.
|
|
//
|
|
// An endpoint's lifetime is the time between when filesystem.BoundEndpointAt()
|
|
// is called and either BoundEndpoint.BidirectionalConnect or
|
|
// BoundEndpoint.UnidirectionalConnect is called.
|
|
type endpoint struct {
|
|
// dentry is the filesystem dentry which produced this endpoint.
|
|
dentry *dentry
|
|
|
|
// file is the p9 file that contains a single unopened fid.
|
|
file p9.File
|
|
|
|
// path is the sentry path where this endpoint is bound.
|
|
path string
|
|
}
|
|
|
|
func sockTypeToP9(t linux.SockType) (p9.ConnectFlags, bool) {
|
|
switch t {
|
|
case linux.SOCK_STREAM:
|
|
return p9.StreamSocket, true
|
|
case linux.SOCK_SEQPACKET:
|
|
return p9.SeqpacketSocket, true
|
|
case linux.SOCK_DGRAM:
|
|
return p9.DgramSocket, true
|
|
}
|
|
return 0, false
|
|
}
|
|
|
|
// BidirectionalConnect implements ConnectableEndpoint.BidirectionalConnect.
|
|
func (e *endpoint) BidirectionalConnect(ctx context.Context, ce transport.ConnectingEndpoint, returnConnect func(transport.Receiver, transport.ConnectedEndpoint)) *syserr.Error {
|
|
cf, ok := sockTypeToP9(ce.Type())
|
|
if !ok {
|
|
return syserr.ErrConnectionRefused
|
|
}
|
|
|
|
// No lock ordering required as only the ConnectingEndpoint has a mutex.
|
|
ce.Lock()
|
|
|
|
// Check connecting state.
|
|
if ce.Connected() {
|
|
ce.Unlock()
|
|
return syserr.ErrAlreadyConnected
|
|
}
|
|
if ce.Listening() {
|
|
ce.Unlock()
|
|
return syserr.ErrInvalidEndpointState
|
|
}
|
|
|
|
c, err := e.newConnectedEndpoint(ctx, cf, ce.WaiterQueue())
|
|
if err != nil {
|
|
ce.Unlock()
|
|
return err
|
|
}
|
|
|
|
returnConnect(c, c)
|
|
ce.Unlock()
|
|
c.Init()
|
|
|
|
return nil
|
|
}
|
|
|
|
// UnidirectionalConnect implements
|
|
// transport.BoundEndpoint.UnidirectionalConnect.
|
|
func (e *endpoint) UnidirectionalConnect(ctx context.Context) (transport.ConnectedEndpoint, *syserr.Error) {
|
|
c, err := e.newConnectedEndpoint(ctx, p9.DgramSocket, &waiter.Queue{})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
c.Init()
|
|
|
|
// We don't need the receiver.
|
|
c.CloseRecv()
|
|
c.Release()
|
|
|
|
return c, nil
|
|
}
|
|
|
|
func (e *endpoint) newConnectedEndpoint(ctx context.Context, flags p9.ConnectFlags, queue *waiter.Queue) (*host.SCMConnectedEndpoint, *syserr.Error) {
|
|
hostFile, err := e.file.Connect(flags)
|
|
if err != nil {
|
|
return nil, syserr.ErrConnectionRefused
|
|
}
|
|
// Dup the fd so that the new endpoint can manage its lifetime.
|
|
hostFD, err := syscall.Dup(hostFile.FD())
|
|
if err != nil {
|
|
log.Warningf("Could not dup host socket fd %d: %v", hostFile.FD(), err)
|
|
return nil, syserr.FromError(err)
|
|
}
|
|
// After duplicating, we no longer need hostFile.
|
|
hostFile.Close()
|
|
|
|
c, serr := host.NewSCMEndpoint(ctx, hostFD, queue, e.path)
|
|
if serr != nil {
|
|
log.Warningf("Gofer returned invalid host socket for BidirectionalConnect; file %+v flags %+v: %v", e.file, flags, serr)
|
|
return nil, serr
|
|
}
|
|
return c, nil
|
|
}
|
|
|
|
// Release implements transport.BoundEndpoint.Release.
|
|
func (e *endpoint) Release() {
|
|
e.dentry.DecRef()
|
|
}
|
|
|
|
// Passcred implements transport.BoundEndpoint.Passcred.
|
|
func (e *endpoint) Passcred() bool {
|
|
return false
|
|
}
|