diff options
author | Dean Deng <deandeng@google.com> | 2020-10-26 14:13:55 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-10-26 14:15:55 -0700 |
commit | 0bdcee38bdfa5c4585d28a0edd0c46e170cdc9b5 (patch) | |
tree | ae46b77e64a7a3f917a13a060b89482b83f749e6 /pkg/sentry/socket/unix/transport | |
parent | 7926a9e28da8852954961af2aea0a280b6bbd210 (diff) |
Fix SCM Rights S/R reference leak.
Control messages collected when peeking into a socket were being leaked.
PiperOrigin-RevId: 339114961
Diffstat (limited to 'pkg/sentry/socket/unix/transport')
-rw-r--r-- | pkg/sentry/socket/unix/transport/unix.go | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/pkg/sentry/socket/unix/transport/unix.go b/pkg/sentry/socket/unix/transport/unix.go index a7d1068a6..b648273a4 100644 --- a/pkg/sentry/socket/unix/transport/unix.go +++ b/pkg/sentry/socket/unix/transport/unix.go @@ -32,6 +32,8 @@ import ( const initialLimit = 16 * 1024 // A RightsControlMessage is a control message containing FDs. +// +// +stateify savable type RightsControlMessage interface { // Clone returns a copy of the RightsControlMessage. Clone() RightsControlMessage @@ -336,7 +338,7 @@ type Receiver interface { RecvMaxQueueSize() int64 // Release releases any resources owned by the Receiver. It should be - // called before droping all references to a Receiver. + // called before dropping all references to a Receiver. Release(ctx context.Context) } @@ -572,6 +574,12 @@ func (q *streamQueueReceiver) Recv(ctx context.Context, data [][]byte, wantCreds return copied, copied, c, cmTruncated, q.addr, notify, nil } +// Release implements Receiver.Release. +func (q *streamQueueReceiver) Release(ctx context.Context) { + q.queueReceiver.Release(ctx) + q.control.Release(ctx) +} + // A ConnectedEndpoint is an Endpoint that can be used to send Messages. type ConnectedEndpoint interface { // Passcred implements Endpoint.Passcred. @@ -619,7 +627,7 @@ type ConnectedEndpoint interface { SendMaxQueueSize() int64 // Release releases any resources owned by the ConnectedEndpoint. It should - // be called before droping all references to a ConnectedEndpoint. + // be called before dropping all references to a ConnectedEndpoint. Release(ctx context.Context) // CloseUnread sets the fact that this end is closed with unread data to |