diff options
author | gVisor bot <gvisor-bot@google.com> | 2020-02-06 06:49:12 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-02-06 06:49:12 +0000 |
commit | 971856a97882eee6fc216b12e8e20bba0f14c231 (patch) | |
tree | 9a71fe33a8c62ffd2bfa29bc27d59722b9412f60 /pkg/sentry/socket | |
parent | b3a9b1da3837ba2636e621467bb56aad942caf5c (diff) | |
parent | 1b6a12a768216a99a5e0428c42ea4faf79cf3b50 (diff) |
Merge release-20200127.0-85-g1b6a12a (automated)
Diffstat (limited to 'pkg/sentry/socket')
6 files changed, 34 insertions, 5 deletions
diff --git a/pkg/sentry/socket/control/control_state_autogen.go b/pkg/sentry/socket/control/control_state_autogen.go index c5ecfe700..6271abd8c 100755 --- a/pkg/sentry/socket/control/control_state_autogen.go +++ b/pkg/sentry/socket/control/control_state_autogen.go @@ -3,8 +3,8 @@ package control import ( - "gvisor.dev/gvisor/pkg/state" "gvisor.dev/gvisor/pkg/sentry/fs" + "gvisor.dev/gvisor/pkg/state" ) func (x *RightsFiles) save(m state.Map) { diff --git a/pkg/sentry/socket/hostinet/hostinet_impl_state_autogen.go b/pkg/sentry/socket/hostinet/hostinet_impl_state_autogen.go new file mode 100755 index 000000000..b0a59ba93 --- /dev/null +++ b/pkg/sentry/socket/hostinet/hostinet_impl_state_autogen.go @@ -0,0 +1,3 @@ +// automatically generated by stateify. + +package hostinet diff --git a/pkg/sentry/socket/hostinet/hostinet_state_autogen.go b/pkg/sentry/socket/hostinet/hostinet_state_autogen.go index 0a5c7cdf3..b0a59ba93 100755 --- a/pkg/sentry/socket/hostinet/hostinet_state_autogen.go +++ b/pkg/sentry/socket/hostinet/hostinet_state_autogen.go @@ -1,4 +1,3 @@ // automatically generated by stateify. package hostinet - diff --git a/pkg/sentry/socket/hostinet/socket.go b/pkg/sentry/socket/hostinet/socket.go index 34f63986f..de76388ac 100644 --- a/pkg/sentry/socket/hostinet/socket.go +++ b/pkg/sentry/socket/hostinet/socket.go @@ -285,7 +285,7 @@ func (s *socketOperations) GetSockOpt(t *kernel.Task, level int, name int, outPt } // Whitelist options and constrain option length. - var optlen int + optlen := getSockOptLen(t, level, name) switch level { case linux.SOL_IP: switch name { @@ -330,7 +330,7 @@ func (s *socketOperations) GetSockOpt(t *kernel.Task, level int, name int, outPt // SetSockOpt implements socket.Socket.SetSockOpt. func (s *socketOperations) SetSockOpt(t *kernel.Task, level int, name int, opt []byte) *syserr.Error { // Whitelist options and constrain option length. - var optlen int + optlen := setSockOptLen(t, level, name) switch level { case linux.SOL_IP: switch name { @@ -353,6 +353,7 @@ func (s *socketOperations) SetSockOpt(t *kernel.Task, level int, name int, opt [ optlen = sizeofInt32 } } + if optlen == 0 { // Pretend to accept socket options we don't understand. This seems // dangerous, but it's what netstack does... diff --git a/pkg/sentry/socket/hostinet/sockopt_impl.go b/pkg/sentry/socket/hostinet/sockopt_impl.go new file mode 100755 index 000000000..8a783712e --- /dev/null +++ b/pkg/sentry/socket/hostinet/sockopt_impl.go @@ -0,0 +1,27 @@ +// Copyright 2020 The gVisor Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package hostinet + +import ( + "gvisor.dev/gvisor/pkg/sentry/kernel" +) + +func getSockOptLen(t *kernel.Task, level, name int) int { + return 0 // No custom options. +} + +func setSockOptLen(t *kernel.Task, level, name int) int { + return 0 // No custom options. +} diff --git a/pkg/sentry/socket/netfilter/netfilter_state_autogen.go b/pkg/sentry/socket/netfilter/netfilter_state_autogen.go index f3d68dd64..6e95d89a4 100755 --- a/pkg/sentry/socket/netfilter/netfilter_state_autogen.go +++ b/pkg/sentry/socket/netfilter/netfilter_state_autogen.go @@ -1,4 +1,3 @@ // automatically generated by stateify. package netfilter - |