diff options
| author | gVisor bot <gvisor-bot@google.com> | 2019-09-27 01:19:41 +0000 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2019-09-27 01:19:41 +0000 |
| commit | 0e2bfa5892e649ebcf3e18325e12db0cd0a16e6f (patch) | |
| tree | 50765d042446b703e563a1dc671778cf5b4289f9 | |
| parent | 6a4603f31a45ed8301b5ec3081c78566b791eb88 (diff) | |
| parent | 8337e4f50955863c6aa3a7df70b1446b9dba66ae (diff) | |
Merge release-20190806.1-198-g8337e4f (automated)
| -rw-r--r-- | runsc/fsgofer/fsgofer.go | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/runsc/fsgofer/fsgofer.go b/runsc/fsgofer/fsgofer.go index a570f1a41..29a82138e 100644 --- a/runsc/fsgofer/fsgofer.go +++ b/runsc/fsgofer/fsgofer.go @@ -136,6 +136,10 @@ func (a *attachPoint) Attach() (p9.File, error) { a.attachedMu.Lock() defer a.attachedMu.Unlock() + if a.attached { + return nil, fmt.Errorf("attach point already attached, prefix: %s", a.prefix) + } + // Hold the file descriptor we are converting into a p9.File. var f *fd.FD @@ -170,12 +174,6 @@ func (a *attachPoint) Attach() (p9.File, error) { } } - // Close the connection if already attached. - if a.attached { - f.Close() - return nil, fmt.Errorf("attach point already attached, prefix: %s", a.prefix) - } - // Return a localFile object to the caller with the UDS FD included. rv, err := newLocalFile(a, f, a.prefix, stat) if err != nil { @@ -330,7 +328,7 @@ func openAnyFile(path string, fn func(mode int) (*fd.FD, error)) (*fd.FD, error) return file, nil } -func getSupportedFileType(stat syscall.Stat_t) (fileType, error) { +func getSupportedFileType(stat syscall.Stat_t, permitSocket bool) (fileType, error) { var ft fileType switch stat.Mode & syscall.S_IFMT { case syscall.S_IFREG: @@ -340,6 +338,9 @@ func getSupportedFileType(stat syscall.Stat_t) (fileType, error) { case syscall.S_IFLNK: ft = symlink case syscall.S_IFSOCK: + if !permitSocket { + return unknown, syscall.EPERM + } ft = socket default: return unknown, syscall.EPERM @@ -348,7 +349,7 @@ func getSupportedFileType(stat syscall.Stat_t) (fileType, error) { } func newLocalFile(a *attachPoint, file *fd.FD, path string, stat syscall.Stat_t) (*localFile, error) { - ft, err := getSupportedFileType(stat) + ft, err := getSupportedFileType(stat, a.conf.HostUDS) if err != nil { return nil, err } @@ -1065,7 +1066,7 @@ func (l *localFile) Flush() error { func (l *localFile) Connect(p9.ConnectFlags) (*fd.FD, error) { // Check to see if the CLI option has been set to allow the UDS mount. if !l.attachPoint.conf.HostUDS { - return nil, errors.New("host UDS support is disabled") + return nil, syscall.ECONNREFUSED } return fd.DialUnix(l.hostPath) } |