diff options
| author | Kevin Krakauer <krakauer@google.com> | 2019-07-17 11:47:59 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2019-07-17 11:49:16 -0700 |
| commit | 9f1189130ed8c9172700a76fd5796b7319fbb8b9 (patch) | |
| tree | 480ed24fdbf599b201048826260a6611c7f87476 | |
| parent | 682fd2d68f78c65beb11437087987c854fc67121 (diff) | |
Add AF_UNIX, SOCK_RAW sockets, which exist for some reason.
tcpdump creates these.
PiperOrigin-RevId: 258611829
| -rw-r--r-- | pkg/sentry/socket/unix/unix.go | 10 | ||||
| -rw-r--r-- | test/syscalls/linux/socket_unix_dgram_local.cc | 6 |
2 files changed, 11 insertions, 5 deletions
diff --git a/pkg/sentry/socket/unix/unix.go b/pkg/sentry/socket/unix/unix.go index 637168714..eb262ecaf 100644 --- a/pkg/sentry/socket/unix/unix.go +++ b/pkg/sentry/socket/unix/unix.go @@ -68,6 +68,12 @@ func New(ctx context.Context, endpoint transport.Endpoint, stype linux.SockType) // NewWithDirent creates a new unix socket using an existing dirent. func NewWithDirent(ctx context.Context, d *fs.Dirent, ep transport.Endpoint, stype linux.SockType, flags fs.FileFlags) *fs.File { + // You can create AF_UNIX, SOCK_RAW sockets. They're the same as + // SOCK_DGRAM and don't require CAP_NET_RAW. + if stype == linux.SOCK_RAW { + stype = linux.SOCK_DGRAM + } + s := SocketOperations{ ep: ep, stype: stype, @@ -639,7 +645,7 @@ func (*provider) Socket(t *kernel.Task, stype linux.SockType, protocol int) (*fs // Create the endpoint and socket. var ep transport.Endpoint switch stype { - case linux.SOCK_DGRAM: + case linux.SOCK_DGRAM, linux.SOCK_RAW: ep = transport.NewConnectionless(t) case linux.SOCK_SEQPACKET, linux.SOCK_STREAM: ep = transport.NewConnectioned(t, stype, t.Kernel()) @@ -658,7 +664,7 @@ func (*provider) Pair(t *kernel.Task, stype linux.SockType, protocol int) (*fs.F } switch stype { - case linux.SOCK_STREAM, linux.SOCK_DGRAM, linux.SOCK_SEQPACKET: + case linux.SOCK_STREAM, linux.SOCK_DGRAM, linux.SOCK_SEQPACKET, linux.SOCK_RAW: // Ok default: return nil, nil, syserr.ErrInvalidArgument diff --git a/test/syscalls/linux/socket_unix_dgram_local.cc b/test/syscalls/linux/socket_unix_dgram_local.cc index 8c5a473bd..9134fcdf7 100644 --- a/test/syscalls/linux/socket_unix_dgram_local.cc +++ b/test/syscalls/linux/socket_unix_dgram_local.cc @@ -28,15 +28,15 @@ std::vector<SocketPairKind> GetSocketPairs() { return VecCat<SocketPairKind>(VecCat<SocketPairKind>( ApplyVec<SocketPairKind>( UnixDomainSocketPair, - AllBitwiseCombinations(List<int>{SOCK_DGRAM}, + AllBitwiseCombinations(List<int>{SOCK_DGRAM, SOCK_RAW}, List<int>{0, SOCK_NONBLOCK})), ApplyVec<SocketPairKind>( FilesystemBoundUnixDomainSocketPair, - AllBitwiseCombinations(List<int>{SOCK_DGRAM}, + AllBitwiseCombinations(List<int>{SOCK_DGRAM, SOCK_RAW}, List<int>{0, SOCK_NONBLOCK})), ApplyVec<SocketPairKind>( AbstractBoundUnixDomainSocketPair, - AllBitwiseCombinations(List<int>{SOCK_DGRAM}, + AllBitwiseCombinations(List<int>{SOCK_DGRAM, SOCK_RAW}, List<int>{0, SOCK_NONBLOCK})))); } |