diff options
| author | gVisor bot <gvisor-bot@google.com> | 2020-04-01 02:19:52 +0000 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-04-01 02:19:52 +0000 |
| commit | 3fa968f7a5d62f5d667925e5fe579634b38520a4 (patch) | |
| tree | f14ba0202f947e65d4b6ddf9fca75b40f033e17a /pkg/sentry/kernel | |
| parent | 9c54c978542003461dd78804ec347ef50c2adc94 (diff) | |
| parent | 639d94f9f71b43e86320a6e9157c932f5d7936a7 (diff) | |
Merge release-20200323.0-43-g639d94f (automated)
Diffstat (limited to 'pkg/sentry/kernel')
| -rw-r--r-- | pkg/sentry/kernel/kernel.go | 24 | ||||
| -rwxr-xr-x | pkg/sentry/kernel/kernel_state_autogen.go | 2 |
2 files changed, 26 insertions, 0 deletions
diff --git a/pkg/sentry/kernel/kernel.go b/pkg/sentry/kernel/kernel.go index 6feda8fa1..0a448b57c 100644 --- a/pkg/sentry/kernel/kernel.go +++ b/pkg/sentry/kernel/kernel.go @@ -50,6 +50,7 @@ import ( "gvisor.dev/gvisor/pkg/sentry/fs" "gvisor.dev/gvisor/pkg/sentry/fs/timerfd" "gvisor.dev/gvisor/pkg/sentry/fsbridge" + "gvisor.dev/gvisor/pkg/sentry/fsimpl/sockfs" "gvisor.dev/gvisor/pkg/sentry/hostcpu" "gvisor.dev/gvisor/pkg/sentry/inet" "gvisor.dev/gvisor/pkg/sentry/kernel/auth" @@ -225,6 +226,11 @@ type Kernel struct { // by extMu. nextSocketEntry uint64 + // socketMount is a disconnected vfs.Mount, not included in k.vfs, + // representing a sockfs.filesystem. socketMount is used to back + // VirtualDentries representing anonymous sockets. + socketMount *vfs.Mount + // deviceRegistry is used to save/restore device.SimpleDevices. deviceRegistry struct{} `state:".(*device.Registry)"` @@ -348,6 +354,19 @@ func (k *Kernel) Init(args InitKernelArgs) error { k.monotonicClock = &timekeeperClock{tk: args.Timekeeper, c: sentrytime.Monotonic} k.futexes = futex.NewManager() k.netlinkPorts = port.New() + if VFS2Enabled { + if err := k.vfs.Init(); err != nil { + return fmt.Errorf("failed to initialize VFS: %v", err) + } + fs := sockfs.NewFilesystem(&k.vfs) + // NewDisconnectedMount will take an additional reference on fs. + defer fs.DecRef() + sm, err := k.vfs.NewDisconnectedMount(fs, nil, &vfs.MountOptions{}) + if err != nil { + return fmt.Errorf("failed to initialize socket mount: %v", err) + } + k.socketMount = sm + } return nil } @@ -1452,6 +1471,11 @@ func (k *Kernel) ListSockets() []*SocketEntry { return socks } +// SocketMount returns the global socket mount. +func (k *Kernel) SocketMount() *vfs.Mount { + return k.socketMount +} + // supervisorContext is a privileged context. type supervisorContext struct { context.NoopSleeper diff --git a/pkg/sentry/kernel/kernel_state_autogen.go b/pkg/sentry/kernel/kernel_state_autogen.go index 57a261086..9c39a9108 100755 --- a/pkg/sentry/kernel/kernel_state_autogen.go +++ b/pkg/sentry/kernel/kernel_state_autogen.go @@ -155,6 +155,7 @@ func (x *Kernel) save(m state.Map) { m.Save("netlinkPorts", &x.netlinkPorts) m.Save("sockets", &x.sockets) m.Save("nextSocketEntry", &x.nextSocketEntry) + m.Save("socketMount", &x.socketMount) m.Save("DirentCacheLimiter", &x.DirentCacheLimiter) m.Save("SpecialOpts", &x.SpecialOpts) m.Save("vfs", &x.vfs) @@ -190,6 +191,7 @@ func (x *Kernel) load(m state.Map) { m.Load("netlinkPorts", &x.netlinkPorts) m.Load("sockets", &x.sockets) m.Load("nextSocketEntry", &x.nextSocketEntry) + m.Load("socketMount", &x.socketMount) m.Load("DirentCacheLimiter", &x.DirentCacheLimiter) m.Load("SpecialOpts", &x.SpecialOpts) m.Load("vfs", &x.vfs) |