diff options
author | Andrei Vagin <avagin@google.com> | 2019-06-03 21:47:09 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2019-06-03 21:48:19 -0700 |
commit | 90a116890fcea9fd39911bae854e4e67608a141d (patch) | |
tree | b187c89a7c3b1188347b2fb7684b84a1bc44630e /pkg/sentry/socket/control | |
parent | 00f8663887cbf9057d93e8848eb9538cf1c0cff4 (diff) |
gvisor/sock/unix: pass creds when a message is sent between unconnected sockets
and don't report a sender address if it doesn't have one
PiperOrigin-RevId: 251371284
Diffstat (limited to 'pkg/sentry/socket/control')
-rw-r--r-- | pkg/sentry/socket/control/control.go | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/pkg/sentry/socket/control/control.go b/pkg/sentry/socket/control/control.go index c0238691d..434d7ca2e 100644 --- a/pkg/sentry/socket/control/control.go +++ b/pkg/sentry/socket/control/control.go @@ -406,12 +406,20 @@ func makeCreds(t *kernel.Task, socketOrEndpoint interface{}) SCMCredentials { return nil } if cr, ok := socketOrEndpoint.(transport.Credentialer); ok && (cr.Passcred() || cr.ConnectedPasscred()) { - tcred := t.Credentials() - return &scmCredentials{t, tcred.EffectiveKUID, tcred.EffectiveKGID} + return MakeCreds(t) } return nil } +// MakeCreds creates default SCMCredentials. +func MakeCreds(t *kernel.Task) SCMCredentials { + if t == nil { + return nil + } + tcred := t.Credentials() + return &scmCredentials{t, tcred.EffectiveKUID, tcred.EffectiveKGID} +} + // New creates default control messages if needed. func New(t *kernel.Task, socketOrEndpoint interface{}, rights SCMRights) transport.ControlMessages { return transport.ControlMessages{ |