Merge release-20201109.0-71-gfc342fb43 (automated)

4 files changed, 14 insertions, 41 deletions

diff --git a/pkg/sentry/socket/unix/transport/transport_state_autogen.go b/pkg/sentry/socket/unix/transport/transport_state_autogen.go
index e20168bb3..4235ff488 100644
--- a/pkg/sentry/socket/unix/transport/transport_state_autogen.go
+++ b/pkg/sentry/socket/unix/transport/transport_state_autogen.go
@@ -329,7 +329,6 @@ func (e *baseEndpoint) StateTypeName() string {
 func (e *baseEndpoint) StateFields() []string {
 	return []string{
 		"Queue",
-		"passcred",
 		"receiver",
 		"connected",
 		"path",
@@ -343,24 +342,22 @@ func (e *baseEndpoint) beforeSave() {}
 func (e *baseEndpoint) StateSave(stateSinkObject state.Sink) {
 	e.beforeSave()
 	stateSinkObject.Save(0, &e.Queue)
-	stateSinkObject.Save(1, &e.passcred)
-	stateSinkObject.Save(2, &e.receiver)
-	stateSinkObject.Save(3, &e.connected)
-	stateSinkObject.Save(4, &e.path)
-	stateSinkObject.Save(5, &e.linger)
-	stateSinkObject.Save(6, &e.ops)
+	stateSinkObject.Save(1, &e.receiver)
+	stateSinkObject.Save(2, &e.connected)
+	stateSinkObject.Save(3, &e.path)
+	stateSinkObject.Save(4, &e.linger)
+	stateSinkObject.Save(5, &e.ops)
 }
 
 func (e *baseEndpoint) afterLoad() {}
 
 func (e *baseEndpoint) StateLoad(stateSourceObject state.Source) {
 	stateSourceObject.Load(0, &e.Queue)
-	stateSourceObject.Load(1, &e.passcred)
-	stateSourceObject.Load(2, &e.receiver)
-	stateSourceObject.Load(3, &e.connected)
-	stateSourceObject.Load(4, &e.path)
-	stateSourceObject.Load(5, &e.linger)
-	stateSourceObject.Load(6, &e.ops)
+	stateSourceObject.Load(1, &e.receiver)
+	stateSourceObject.Load(2, &e.connected)
+	stateSourceObject.Load(3, &e.path)
+	stateSourceObject.Load(4, &e.linger)
+	stateSourceObject.Load(5, &e.ops)
 }
 
 func init() {
diff --git a/pkg/sentry/socket/unix/transport/unix.go b/pkg/sentry/socket/unix/transport/unix.go
index 18a50e9f8..0324dcd93 100644
--- a/pkg/sentry/socket/unix/transport/unix.go
+++ b/pkg/sentry/socket/unix/transport/unix.go
@@ -16,8 +16,6 @@
 package transport
 
 import (
-	"sync/atomic"
-
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/context"
 	"gvisor.dev/gvisor/pkg/log"
@@ -203,10 +201,11 @@ type Endpoint interface {
 	// procfs.
 	State() uint32
 
-	// LastError implements tcpip.Endpoint.LastError.
+	// LastError clears and returns the last error reported by the endpoint.
 	LastError() *tcpip.Error
 
-	// SocketOptions implements tcpip.Endpoint.SocketOptions.
+	// SocketOptions returns the structure which contains all the socket
+	// level options.
 	SocketOptions() *tcpip.SocketOptions
 }
 
@@ -740,10 +739,6 @@ func (e *connectedEndpoint) CloseUnread() {
 type baseEndpoint struct {
 	*waiter.Queue
 
-	// passcred specifies whether SCM_CREDENTIALS socket control messages are
-	// enabled on this endpoint. Must be accessed atomically.
-	passcred int32
-
 	// Mutex protects the below fields.
 	sync.Mutex `state:"nosave"`
 
@@ -786,7 +781,7 @@ func (e *baseEndpoint) EventUnregister(we *waiter.Entry) {
 
 // Passcred implements Credentialer.Passcred.
 func (e *baseEndpoint) Passcred() bool {
-	return atomic.LoadInt32(&e.passcred) != 0
+	return e.SocketOptions().GetPassCred()
 }
 
 // ConnectedPasscred implements Credentialer.ConnectedPasscred.
@@ -796,14 +791,6 @@ func (e *baseEndpoint) ConnectedPasscred() bool {
 	return e.connected != nil && e.connected.Passcred()
 }
 
-func (e *baseEndpoint) setPasscred(pc bool) {
-	if pc {
-		atomic.StoreInt32(&e.passcred, 1)
-	} else {
-		atomic.StoreInt32(&e.passcred, 0)
-	}
-}
-
 // Connected implements ConnectingEndpoint.Connected.
 func (e *baseEndpoint) Connected() bool {
 	return e.receiver != nil && e.connected != nil
@@ -870,8 +857,6 @@ func (e *baseEndpoint) SetSockOpt(opt tcpip.SettableSocketOption) *tcpip.Error {
 
 func (e *baseEndpoint) SetSockOptBool(opt tcpip.SockOptBool, v bool) *tcpip.Error {
 	switch opt {
-	case tcpip.PasscredOption:
-		e.setPasscred(v)
 	case tcpip.ReuseAddressOption:
 	default:
 		log.Warningf("Unsupported socket option: %d", opt)
@@ -894,9 +879,6 @@ func (e *baseEndpoint) GetSockOptBool(opt tcpip.SockOptBool) (bool, *tcpip.Error
 	case tcpip.KeepaliveEnabledOption, tcpip.AcceptConnOption:
 		return false, nil
 
-	case tcpip.PasscredOption:
-		return e.Passcred(), nil
-
 	default:
 		log.Warningf("Unsupported socket option: %d", opt)
 		return false, tcpip.ErrUnknownProtocolOption
diff --git a/pkg/sentry/socket/unix/unix.go b/pkg/sentry/socket/unix/unix.go
index 3e520d2ee..b32bb7ba8 100644
--- a/pkg/sentry/socket/unix/unix.go
+++ b/pkg/sentry/socket/unix/unix.go
@@ -115,9 +115,6 @@ type socketOpsCommon struct {
 	// bound, they cannot be modified.
 	abstractName      string
 	abstractNamespace *kernel.AbstractSocketNamespace
-
-	// ops is used to get socket level options.
-	ops tcpip.SocketOptions
 }
 
 func (s *socketOpsCommon) isPacket() bool {
diff --git a/pkg/sentry/socket/unix/unix_state_autogen.go b/pkg/sentry/socket/unix/unix_state_autogen.go
index 9e9055b79..fba990d9a 100644
--- a/pkg/sentry/socket/unix/unix_state_autogen.go
+++ b/pkg/sentry/socket/unix/unix_state_autogen.go
@@ -87,7 +87,6 @@ func (s *socketOpsCommon) StateFields() []string {
 		"stype",
 		"abstractName",
 		"abstractNamespace",
-		"ops",
 	}
 }
 
@@ -100,7 +99,6 @@ func (s *socketOpsCommon) StateSave(stateSinkObject state.Sink) {
 	stateSinkObject.Save(2, &s.stype)
 	stateSinkObject.Save(3, &s.abstractName)
 	stateSinkObject.Save(4, &s.abstractNamespace)
-	stateSinkObject.Save(5, &s.ops)
 }
 
 func (s *socketOpsCommon) afterLoad() {}
@@ -111,7 +109,6 @@ func (s *socketOpsCommon) StateLoad(stateSourceObject state.Source) {
 	stateSourceObject.Load(2, &s.stype)
 	stateSourceObject.Load(3, &s.abstractName)
 	stateSourceObject.Load(4, &s.abstractNamespace)
-	stateSourceObject.Load(5, &s.ops)
 }
 
 func (s *SocketVFS2) StateTypeName() string {