Fix SCM Rights reference leaks.

Control messages should be released on Read (which ignores the control message) or zero-byte Send. Otherwise, open fds sent through the control messages will be leaked. PiperOrigin-RevId: 337110774
author: Dean Deng <deandeng@google.com> 2020-10-14 09:52:05 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-10-14 09:54:05 -0700
commit: fc1e653973c97a857582b8f3651399673343589a (patch)
tree: 0c66c65ddce71cadcdf4fe8940bad5d12fc139e7 /pkg/sentry/socket/unix/unix.go
parent: a7b7b7b9804e9968c1fed5f7b3849233f585a88b (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/pkg/sentry/socket/unix/unix.go b/pkg/sentry/socket/unix/unix.go
index f80011ce4..a4a76d0a3 100644
--- a/pkg/sentry/socket/unix/unix.go
+++ b/pkg/sentry/socket/unix/unix.go
@@ -573,13 +573,17 @@ func (s *SocketOperations) Read(ctx context.Context, _ *fs.File, dst usermem.IOS
 	if dst.NumBytes() == 0 {
 		return 0, nil
 	}
-	return dst.CopyOutFrom(ctx, &EndpointReader{
+	r := &EndpointReader{
 		Ctx:       ctx,
 		Endpoint:  s.ep,
 		NumRights: 0,
 		Peek:      false,
 		From:      nil,
-	})
+	}
+	n, err := dst.CopyOutFrom(ctx, r)
+	// Drop control messages.
+	r.Control.Release(ctx)
+	return n, err
 }
 
 // RecvMsg implements the linux syscall recvmsg(2) for sockets backed by
author	Dean Deng <deandeng@google.com>	2020-10-14 09:52:05 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-10-14 09:54:05 -0700
commit	fc1e653973c97a857582b8f3651399673343589a (patch)
tree	0c66c65ddce71cadcdf4fe8940bad5d12fc139e7 /pkg/sentry/socket/unix/unix.go
parent	a7b7b7b9804e9968c1fed5f7b3849233f585a88b (diff)