vfs1: don't allow to open socket files

open() has to return ENXIO in this case. O_PATH isn't supported by vfs1. PiperOrigin-RevId: 348820478
author: Andrei Vagin <avagin@google.com> 2020-12-23 11:08:42 -0800
committer: gVisor bot <gvisor-bot@google.com> 2020-12-23 11:11:07 -0800
commit: d07915987631f4c3c6345275019a5b5b0cf28dbb (patch)
tree: e4fe185b9f066fbdc59581ae4f3c8b907807b2f2 /pkg/sentry/fs/tmpfs
parent: 6d96a2394d3a4b983b1fa046cf605e22404c4948 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/pkg/sentry/fs/tmpfs/inode_file.go b/pkg/sentry/fs/tmpfs/inode_file.go
index e04cd608d..ad4aea282 100644
--- a/pkg/sentry/fs/tmpfs/inode_file.go
+++ b/pkg/sentry/fs/tmpfs/inode_file.go
@@ -148,6 +148,10 @@ func (*fileInodeOperations) Rename(ctx context.Context, inode *fs.Inode, oldPare
 
 // GetFile implements fs.InodeOperations.GetFile.
 func (f *fileInodeOperations) GetFile(ctx context.Context, d *fs.Dirent, flags fs.FileFlags) (*fs.File, error) {
+	if fs.IsSocket(d.Inode.StableAttr) {
+		return nil, syserror.ENXIO
+	}
+
 	if flags.Write {
 		fsmetric.TmpfsOpensW.Increment()
 	} else if flags.Read {
author	Andrei Vagin <avagin@google.com>	2020-12-23 11:08:42 -0800
committer	gVisor bot <gvisor-bot@google.com>	2020-12-23 11:11:07 -0800
commit	d07915987631f4c3c6345275019a5b5b0cf28dbb (patch)
tree	e4fe185b9f066fbdc59581ae4f3c8b907807b2f2 /pkg/sentry/fs/tmpfs
parent	6d96a2394d3a4b983b1fa046cf605e22404c4948 (diff)