summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/socket
diff options
context:
space:
mode:
authorAyush Ranjan <ayushranjan@google.com>2021-03-03 10:23:55 -0800
committergVisor bot <gvisor-bot@google.com>2021-03-03 10:25:58 -0800
commita9441aea2780da8c93da1c73da860219f98438de (patch)
tree8b12915756f5bfb926218214cd7bc0b3281605fd /pkg/sentry/socket
parentb8a5420f49a2afd622ec08b5019e1bf537f7da82 (diff)
[op] Replace syscall package usage with golang.org/x/sys/unix in pkg/.
The syscall package has been deprecated in favor of golang.org/x/sys. Note that syscall is still used in the following places: - pkg/sentry/socket/hostinet/stack.go: some netlink related functionalities are not yet available in golang.org/x/sys. - syscall.Stat_t is still used in some places because os.FileInfo.Sys() still returns it and not unix.Stat_t. Updates #214 PiperOrigin-RevId: 360701387
Diffstat (limited to 'pkg/sentry/socket')
-rw-r--r--pkg/sentry/socket/BUILD1
-rw-r--r--pkg/sentry/socket/hostinet/socket.go97
-rw-r--r--pkg/sentry/socket/hostinet/socket_unsafe.go32
-rw-r--r--pkg/sentry/socket/hostinet/socket_vfs2.go15
-rw-r--r--pkg/sentry/socket/hostinet/stack.go47
-rw-r--r--pkg/sentry/socket/netlink/route/BUILD1
-rw-r--r--pkg/sentry/socket/netlink/route/protocol.go4
-rw-r--r--pkg/sentry/socket/netstack/netstack.go9
-rw-r--r--pkg/sentry/socket/netstack/provider.go21
-rw-r--r--pkg/sentry/socket/socket.go40
-rw-r--r--pkg/sentry/socket/unix/BUILD1
-rw-r--r--pkg/sentry/socket/unix/unix.go6
12 files changed, 137 insertions, 137 deletions
diff --git a/pkg/sentry/socket/BUILD b/pkg/sentry/socket/BUILD
index cc1f6bfcc..0ce42b6cc 100644
--- a/pkg/sentry/socket/BUILD
+++ b/pkg/sentry/socket/BUILD
@@ -22,5 +22,6 @@ go_library(
"//pkg/tcpip",
"//pkg/tcpip/header",
"//pkg/usermem",
+ "@org_golang_x_sys//unix:go_default_library",
],
)
diff --git a/pkg/sentry/socket/hostinet/socket.go b/pkg/sentry/socket/hostinet/socket.go
index 17f59ba1f..c711d0684 100644
--- a/pkg/sentry/socket/hostinet/socket.go
+++ b/pkg/sentry/socket/hostinet/socket.go
@@ -16,7 +16,6 @@ package hostinet
import (
"fmt"
- "syscall"
"golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
@@ -45,10 +44,10 @@ const (
// sizeofSockaddr is the size in bytes of the largest sockaddr type
// supported by this package.
- sizeofSockaddr = syscall.SizeofSockaddrInet6 // sizeof(sockaddr_in6) > sizeof(sockaddr_in)
+ sizeofSockaddr = unix.SizeofSockaddrInet6 // sizeof(sockaddr_in6) > sizeof(sockaddr_in)
// maxControlLen is the maximum size of a control message buffer used in a
- // recvmsg or sendmsg syscall.
+ // recvmsg or sendmsg unix.
maxControlLen = 1024
)
@@ -107,7 +106,7 @@ func newSocketFile(ctx context.Context, family int, stype linux.SockType, protoc
// Release implements fs.FileOperations.Release.
func (s *socketOpsCommon) Release(context.Context) {
fdnotifier.RemoveFD(int32(s.fd))
- syscall.Close(s.fd)
+ unix.Close(s.fd)
}
// Readiness implements waiter.Waitable.Readiness.
@@ -143,8 +142,8 @@ func (s *socketOperations) Read(ctx context.Context, _ *fs.File, dst usermem.IOS
return 0, nil
}
if dsts.NumBlocks() == 1 {
- // Skip allocating []syscall.Iovec.
- n, err := syscall.Read(s.fd, dsts.Head().ToSlice())
+ // Skip allocating []unix.Iovec.
+ n, err := unix.Read(s.fd, dsts.Head().ToSlice())
if err != nil {
return 0, translateIOSyscallError(err)
}
@@ -166,8 +165,8 @@ func (s *socketOperations) Write(ctx context.Context, _ *fs.File, src usermem.IO
return 0, nil
}
if srcs.NumBlocks() == 1 {
- // Skip allocating []syscall.Iovec.
- n, err := syscall.Write(s.fd, srcs.Head().ToSlice())
+ // Skip allocating []unix.Iovec.
+ n, err := unix.Write(s.fd, srcs.Head().ToSlice())
if err != nil {
return 0, translateIOSyscallError(err)
}
@@ -184,12 +183,12 @@ func (s *socketOpsCommon) Connect(t *kernel.Task, sockaddr []byte, blocking bool
sockaddr = sockaddr[:sizeofSockaddr]
}
- _, _, errno := syscall.Syscall(syscall.SYS_CONNECT, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
+ _, _, errno := unix.Syscall(unix.SYS_CONNECT, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
if errno == 0 {
return nil
}
- if errno != syscall.EINPROGRESS || !blocking {
+ if errno != unix.EINPROGRESS || !blocking {
return syserr.FromError(translateIOSyscallError(errno))
}
@@ -208,12 +207,12 @@ func (s *socketOpsCommon) Connect(t *kernel.Task, sockaddr []byte, blocking bool
return syserr.FromError(err)
}
}
- val, err := syscall.GetsockoptInt(s.fd, syscall.SOL_SOCKET, syscall.SO_ERROR)
+ val, err := unix.GetsockoptInt(s.fd, unix.SOL_SOCKET, unix.SO_ERROR)
if err != nil {
return syserr.FromError(err)
}
if val != 0 {
- return syserr.FromError(syscall.Errno(uintptr(val)))
+ return syserr.FromError(unix.Errno(uintptr(val)))
}
return nil
}
@@ -234,7 +233,7 @@ func (s *socketOpsCommon) Accept(t *kernel.Task, peerRequested bool, flags int,
// Conservatively ignore all flags specified by the application and add
// SOCK_NONBLOCK since socketOpsCommon requires it.
- fd, syscallErr := accept4(s.fd, peerAddrPtr, peerAddrlenPtr, syscall.SOCK_NONBLOCK|syscall.SOCK_CLOEXEC)
+ fd, syscallErr := accept4(s.fd, peerAddrPtr, peerAddrlenPtr, unix.SOCK_NONBLOCK|unix.SOCK_CLOEXEC)
if blocking {
var ch chan struct{}
for syscallErr == syserror.ErrWouldBlock {
@@ -248,7 +247,7 @@ func (s *socketOpsCommon) Accept(t *kernel.Task, peerRequested bool, flags int,
s.EventRegister(&e, waiter.EventIn)
defer s.EventUnregister(&e)
}
- fd, syscallErr = accept4(s.fd, peerAddrPtr, peerAddrlenPtr, syscall.SOCK_NONBLOCK|syscall.SOCK_CLOEXEC)
+ fd, syscallErr = accept4(s.fd, peerAddrPtr, peerAddrlenPtr, unix.SOCK_NONBLOCK|unix.SOCK_CLOEXEC)
}
}
@@ -264,27 +263,27 @@ func (s *socketOpsCommon) Accept(t *kernel.Task, peerRequested bool, flags int,
kerr error
)
if kernel.VFS2Enabled {
- f, err := newVFS2Socket(t, s.family, s.stype, s.protocol, fd, uint32(flags&syscall.SOCK_NONBLOCK))
+ f, err := newVFS2Socket(t, s.family, s.stype, s.protocol, fd, uint32(flags&unix.SOCK_NONBLOCK))
if err != nil {
- syscall.Close(fd)
+ unix.Close(fd)
return 0, nil, 0, err
}
defer f.DecRef(t)
kfd, kerr = t.NewFDFromVFS2(0, f, kernel.FDFlags{
- CloseOnExec: flags&syscall.SOCK_CLOEXEC != 0,
+ CloseOnExec: flags&unix.SOCK_CLOEXEC != 0,
})
t.Kernel().RecordSocketVFS2(f)
} else {
- f, err := newSocketFile(t, s.family, s.stype, s.protocol, fd, flags&syscall.SOCK_NONBLOCK != 0)
+ f, err := newSocketFile(t, s.family, s.stype, s.protocol, fd, flags&unix.SOCK_NONBLOCK != 0)
if err != nil {
- syscall.Close(fd)
+ unix.Close(fd)
return 0, nil, 0, err
}
defer f.DecRef(t)
kfd, kerr = t.NewFDFrom(0, f, kernel.FDFlags{
- CloseOnExec: flags&syscall.SOCK_CLOEXEC != 0,
+ CloseOnExec: flags&unix.SOCK_CLOEXEC != 0,
})
t.Kernel().RecordSocket(f)
}
@@ -298,7 +297,7 @@ func (s *socketOpsCommon) Bind(t *kernel.Task, sockaddr []byte) *syserr.Error {
sockaddr = sockaddr[:sizeofSockaddr]
}
- _, _, errno := syscall.Syscall(syscall.SYS_BIND, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
+ _, _, errno := unix.Syscall(unix.SYS_BIND, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
if errno != 0 {
return syserr.FromError(errno)
}
@@ -307,14 +306,14 @@ func (s *socketOpsCommon) Bind(t *kernel.Task, sockaddr []byte) *syserr.Error {
// Listen implements socket.Socket.Listen.
func (s *socketOpsCommon) Listen(t *kernel.Task, backlog int) *syserr.Error {
- return syserr.FromError(syscall.Listen(s.fd, backlog))
+ return syserr.FromError(unix.Listen(s.fd, backlog))
}
// Shutdown implements socket.Socket.Shutdown.
func (s *socketOpsCommon) Shutdown(t *kernel.Task, how int) *syserr.Error {
switch how {
- case syscall.SHUT_RD, syscall.SHUT_WR, syscall.SHUT_RDWR:
- return syserr.FromError(syscall.Shutdown(s.fd, how))
+ case unix.SHUT_RD, unix.SHUT_WR, unix.SHUT_RDWR:
+ return syserr.FromError(unix.Shutdown(s.fd, how))
default:
return syserr.ErrInvalidArgument
}
@@ -344,7 +343,7 @@ func (s *socketOpsCommon) GetSockOpt(t *kernel.Task, level int, name int, outPtr
case linux.SO_ERROR, linux.SO_KEEPALIVE, linux.SO_SNDBUF, linux.SO_RCVBUF, linux.SO_REUSEADDR, linux.SO_TIMESTAMP:
optlen = sizeofInt32
case linux.SO_LINGER:
- optlen = syscall.SizeofLinger
+ optlen = unix.SizeofLinger
}
case linux.SOL_TCP:
switch name {
@@ -407,18 +406,18 @@ func (s *socketOpsCommon) SetSockOpt(t *kernel.Task, level int, name int, opt []
}
opt = opt[:optlen]
- _, _, errno := syscall.Syscall6(syscall.SYS_SETSOCKOPT, uintptr(s.fd), uintptr(level), uintptr(name), uintptr(firstBytePtr(opt)), uintptr(len(opt)), 0)
+ _, _, errno := unix.Syscall6(unix.SYS_SETSOCKOPT, uintptr(s.fd), uintptr(level), uintptr(name), uintptr(firstBytePtr(opt)), uintptr(len(opt)), 0)
if errno != 0 {
return syserr.FromError(errno)
}
return nil
}
-func (s *socketOpsCommon) recvMsgFromHost(iovs []syscall.Iovec, flags int, senderRequested bool, controlLen uint64) (uint64, int, []byte, []byte, error) {
+func (s *socketOpsCommon) recvMsgFromHost(iovs []unix.Iovec, flags int, senderRequested bool, controlLen uint64) (uint64, int, []byte, []byte, error) {
// We always do a non-blocking recv*().
- sysflags := flags | syscall.MSG_DONTWAIT
+ sysflags := flags | unix.MSG_DONTWAIT
- msg := syscall.Msghdr{}
+ msg := unix.Msghdr{}
if len(iovs) > 0 {
msg.Iov = &iovs[0]
msg.Iovlen = uint64(len(iovs))
@@ -448,7 +447,7 @@ func (s *socketOpsCommon) recvMsgFromHost(iovs []syscall.Iovec, flags int, sende
// RecvMsg implements socket.Socket.RecvMsg.
func (s *socketOpsCommon) RecvMsg(t *kernel.Task, dst usermem.IOSequence, flags int, haveDeadline bool, deadline ktime.Time, senderRequested bool, controlLen uint64) (int, int, linux.SockAddr, uint32, socket.ControlMessages, *syserr.Error) {
// Only allow known and safe flags.
- if flags&^(syscall.MSG_DONTWAIT|syscall.MSG_PEEK|syscall.MSG_TRUNC|syscall.MSG_ERRQUEUE) != 0 {
+ if flags&^(unix.MSG_DONTWAIT|unix.MSG_PEEK|unix.MSG_TRUNC|unix.MSG_ERRQUEUE) != 0 {
return 0, 0, nil, 0, socket.ControlMessages{}, syserr.ErrInvalidArgument
}
@@ -483,7 +482,7 @@ func (s *socketOpsCommon) RecvMsg(t *kernel.Task, dst usermem.IOSequence, flags
var ch chan struct{}
n, err := copyToDst()
// recv*(MSG_ERRQUEUE) never blocks, even without MSG_DONTWAIT.
- if flags&(syscall.MSG_DONTWAIT|syscall.MSG_ERRQUEUE) == 0 {
+ if flags&(unix.MSG_DONTWAIT|unix.MSG_ERRQUEUE) == 0 {
for err == syserror.ErrWouldBlock {
// We only expect blocking to come from the actual syscall, in which
// case it can't have returned any data.
@@ -547,7 +546,7 @@ func parseUnixControlMessages(unixControlMessages []unix.SocketControlMessage) s
binary.Unmarshal(unixCmsg.Data[:addr.SizeBytes()], usermem.ByteOrder, &addr)
controlMessages.IP.OriginalDstAddress = &addr
- case syscall.IP_RECVERR:
+ case unix.IP_RECVERR:
var errCmsg linux.SockErrCMsgIPv4
errCmsg.UnmarshalBytes(unixCmsg.Data)
controlMessages.IP.SockErr = &errCmsg
@@ -564,7 +563,7 @@ func parseUnixControlMessages(unixControlMessages []unix.SocketControlMessage) s
binary.Unmarshal(unixCmsg.Data[:addr.SizeBytes()], usermem.ByteOrder, &addr)
controlMessages.IP.OriginalDstAddress = &addr
- case syscall.IPV6_RECVERR:
+ case unix.IPV6_RECVERR:
var errCmsg linux.SockErrCMsgIPv6
errCmsg.UnmarshalBytes(unixCmsg.Data)
controlMessages.IP.SockErr = &errCmsg
@@ -584,7 +583,7 @@ func parseUnixControlMessages(unixControlMessages []unix.SocketControlMessage) s
// SendMsg implements socket.Socket.SendMsg.
func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []byte, flags int, haveDeadline bool, deadline ktime.Time, controlMessages socket.ControlMessages) (int, *syserr.Error) {
// Only allow known and safe flags.
- if flags&^(syscall.MSG_DONTWAIT|syscall.MSG_EOR|syscall.MSG_FASTOPEN|syscall.MSG_MORE|syscall.MSG_NOSIGNAL) != 0 {
+ if flags&^(unix.MSG_DONTWAIT|unix.MSG_EOR|unix.MSG_FASTOPEN|unix.MSG_MORE|unix.MSG_NOSIGNAL) != 0 {
return 0, syserr.ErrInvalidArgument
}
@@ -606,12 +605,12 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
}
// We always do a non-blocking send*().
- sysflags := flags | syscall.MSG_DONTWAIT
+ sysflags := flags | unix.MSG_DONTWAIT
if srcs.NumBlocks() == 1 && len(controlBuf) == 0 {
- // Skip allocating []syscall.Iovec.
+ // Skip allocating []unix.Iovec.
src := srcs.Head()
- n, _, errno := syscall.Syscall6(syscall.SYS_SENDTO, uintptr(s.fd), src.Addr(), uintptr(src.Len()), uintptr(sysflags), uintptr(firstBytePtr(to)), uintptr(len(to)))
+ n, _, errno := unix.Syscall6(unix.SYS_SENDTO, uintptr(s.fd), src.Addr(), uintptr(src.Len()), uintptr(sysflags), uintptr(firstBytePtr(to)), uintptr(len(to)))
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
@@ -619,7 +618,7 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
}
iovs := safemem.IovecsFromBlockSeq(srcs)
- msg := syscall.Msghdr{
+ msg := unix.Msghdr{
Iov: &iovs[0],
Iovlen: uint64(len(iovs)),
}
@@ -636,7 +635,7 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
var ch chan struct{}
n, err := src.CopyInTo(t, sendmsgFromBlocks)
- if flags&syscall.MSG_DONTWAIT == 0 {
+ if flags&unix.MSG_DONTWAIT == 0 {
for err == syserror.ErrWouldBlock {
// We only expect blocking to come from the actual syscall, in which
// case it can't have returned any data.
@@ -664,7 +663,7 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
}
func translateIOSyscallError(err error) error {
- if err == syscall.EAGAIN || err == syscall.EWOULDBLOCK {
+ if err == unix.EAGAIN || err == unix.EWOULDBLOCK {
return syserror.ErrWouldBlock
}
return err
@@ -673,9 +672,9 @@ func translateIOSyscallError(err error) error {
// State implements socket.Socket.State.
func (s *socketOpsCommon) State() uint32 {
info := linux.TCPInfo{}
- buf, err := getsockopt(s.fd, syscall.SOL_TCP, syscall.TCP_INFO, linux.SizeOfTCPInfo)
+ buf, err := getsockopt(s.fd, unix.SOL_TCP, unix.TCP_INFO, linux.SizeOfTCPInfo)
if err != nil {
- if err != syscall.ENOPROTOOPT {
+ if err != unix.ENOPROTOOPT {
log.Warningf("Failed to get TCP socket info from %+v: %v", s, err)
}
// For non-TCP sockets, silently ignore the failure.
@@ -715,16 +714,16 @@ func (p *socketProvider) Socket(t *kernel.Task, stypeflags linux.SockType, proto
// Only accept TCP and UDP.
stype := stypeflags & linux.SOCK_TYPE_MASK
switch stype {
- case syscall.SOCK_STREAM:
+ case unix.SOCK_STREAM:
switch protocol {
- case 0, syscall.IPPROTO_TCP:
+ case 0, unix.IPPROTO_TCP:
// ok
default:
return nil, nil
}
- case syscall.SOCK_DGRAM:
+ case unix.SOCK_DGRAM:
switch protocol {
- case 0, syscall.IPPROTO_UDP:
+ case 0, unix.IPPROTO_UDP:
// ok
default:
return nil, nil
@@ -736,11 +735,11 @@ func (p *socketProvider) Socket(t *kernel.Task, stypeflags linux.SockType, proto
// Conservatively ignore all flags specified by the application and add
// SOCK_NONBLOCK since socketOperations requires it. Pass a protocol of 0
// to simplify the syscall filters, since 0 and IPPROTO_* are equivalent.
- fd, err := syscall.Socket(p.family, int(stype)|syscall.SOCK_NONBLOCK|syscall.SOCK_CLOEXEC, 0)
+ fd, err := unix.Socket(p.family, int(stype)|unix.SOCK_NONBLOCK|unix.SOCK_CLOEXEC, 0)
if err != nil {
return nil, syserr.FromError(err)
}
- return newSocketFile(t, p.family, stype, protocol, fd, stypeflags&syscall.SOCK_NONBLOCK != 0)
+ return newSocketFile(t, p.family, stype, protocol, fd, stypeflags&unix.SOCK_NONBLOCK != 0)
}
// Pair implements socket.Provider.Pair.
@@ -752,7 +751,7 @@ func (p *socketProvider) Pair(t *kernel.Task, stype linux.SockType, protocol int
// LINT.ThenChange(./socket_vfs2.go)
func init() {
- for _, family := range []int{syscall.AF_INET, syscall.AF_INET6} {
+ for _, family := range []int{unix.AF_INET, unix.AF_INET6} {
socket.RegisterProvider(family, &socketProvider{family})
socket.RegisterProviderVFS2(family, &socketProviderVFS2{family})
}
diff --git a/pkg/sentry/socket/hostinet/socket_unsafe.go b/pkg/sentry/socket/hostinet/socket_unsafe.go
index 3f420c2ec..2890e640d 100644
--- a/pkg/sentry/socket/hostinet/socket_unsafe.go
+++ b/pkg/sentry/socket/hostinet/socket_unsafe.go
@@ -15,9 +15,9 @@
package hostinet
import (
- "syscall"
"unsafe"
+ "golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
"gvisor.dev/gvisor/pkg/context"
"gvisor.dev/gvisor/pkg/sentry/arch"
@@ -36,8 +36,8 @@ func firstBytePtr(bs []byte) unsafe.Pointer {
}
// Preconditions: len(dsts) != 0.
-func readv(fd int, dsts []syscall.Iovec) (uint64, error) {
- n, _, errno := syscall.Syscall(syscall.SYS_READV, uintptr(fd), uintptr(unsafe.Pointer(&dsts[0])), uintptr(len(dsts)))
+func readv(fd int, dsts []unix.Iovec) (uint64, error) {
+ n, _, errno := unix.Syscall(unix.SYS_READV, uintptr(fd), uintptr(unsafe.Pointer(&dsts[0])), uintptr(len(dsts)))
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
@@ -45,8 +45,8 @@ func readv(fd int, dsts []syscall.Iovec) (uint64, error) {
}
// Preconditions: len(srcs) != 0.
-func writev(fd int, srcs []syscall.Iovec) (uint64, error) {
- n, _, errno := syscall.Syscall(syscall.SYS_WRITEV, uintptr(fd), uintptr(unsafe.Pointer(&srcs[0])), uintptr(len(srcs)))
+func writev(fd int, srcs []unix.Iovec) (uint64, error) {
+ n, _, errno := unix.Syscall(unix.SYS_WRITEV, uintptr(fd), uintptr(unsafe.Pointer(&srcs[0])), uintptr(len(srcs)))
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
@@ -55,9 +55,9 @@ func writev(fd int, srcs []syscall.Iovec) (uint64, error) {
func ioctl(ctx context.Context, fd int, io usermem.IO, args arch.SyscallArguments) (uintptr, error) {
switch cmd := uintptr(args[1].Int()); cmd {
- case syscall.TIOCINQ, syscall.TIOCOUTQ:
+ case unix.TIOCINQ, unix.TIOCOUTQ:
var val int32
- if _, _, errno := syscall.Syscall(syscall.SYS_IOCTL, uintptr(fd), cmd, uintptr(unsafe.Pointer(&val))); errno != 0 {
+ if _, _, errno := unix.Syscall(unix.SYS_IOCTL, uintptr(fd), cmd, uintptr(unsafe.Pointer(&val))); errno != 0 {
return 0, translateIOSyscallError(errno)
}
var buf [4]byte
@@ -73,7 +73,7 @@ func ioctl(ctx context.Context, fd int, io usermem.IO, args arch.SyscallArgument
}
func accept4(fd int, addr *byte, addrlen *uint32, flags int) (int, error) {
- afd, _, errno := syscall.Syscall6(syscall.SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(addr)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
+ afd, _, errno := unix.Syscall6(unix.SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(addr)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
@@ -83,7 +83,7 @@ func accept4(fd int, addr *byte, addrlen *uint32, flags int) (int, error) {
func getsockopt(fd int, level, name int, optlen int) ([]byte, error) {
opt := make([]byte, optlen)
optlen32 := int32(len(opt))
- _, _, errno := syscall.Syscall6(syscall.SYS_GETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(firstBytePtr(opt)), uintptr(unsafe.Pointer(&optlen32)), 0)
+ _, _, errno := unix.Syscall6(unix.SYS_GETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(firstBytePtr(opt)), uintptr(unsafe.Pointer(&optlen32)), 0)
if errno != 0 {
return nil, errno
}
@@ -94,7 +94,7 @@ func getsockopt(fd int, level, name int, optlen int) ([]byte, error) {
func (s *socketOpsCommon) GetSockName(t *kernel.Task) (linux.SockAddr, uint32, *syserr.Error) {
addr := make([]byte, sizeofSockaddr)
addrlen := uint32(len(addr))
- _, _, errno := syscall.Syscall(syscall.SYS_GETSOCKNAME, uintptr(s.fd), uintptr(unsafe.Pointer(&addr[0])), uintptr(unsafe.Pointer(&addrlen)))
+ _, _, errno := unix.Syscall(unix.SYS_GETSOCKNAME, uintptr(s.fd), uintptr(unsafe.Pointer(&addr[0])), uintptr(unsafe.Pointer(&addrlen)))
if errno != 0 {
return nil, 0, syserr.FromError(errno)
}
@@ -105,7 +105,7 @@ func (s *socketOpsCommon) GetSockName(t *kernel.Task) (linux.SockAddr, uint32, *
func (s *socketOpsCommon) GetPeerName(t *kernel.Task) (linux.SockAddr, uint32, *syserr.Error) {
addr := make([]byte, sizeofSockaddr)
addrlen := uint32(len(addr))
- _, _, errno := syscall.Syscall(syscall.SYS_GETPEERNAME, uintptr(s.fd), uintptr(unsafe.Pointer(&addr[0])), uintptr(unsafe.Pointer(&addrlen)))
+ _, _, errno := unix.Syscall(unix.SYS_GETPEERNAME, uintptr(s.fd), uintptr(unsafe.Pointer(&addr[0])), uintptr(unsafe.Pointer(&addrlen)))
if errno != 0 {
return nil, 0, syserr.FromError(errno)
}
@@ -114,7 +114,7 @@ func (s *socketOpsCommon) GetPeerName(t *kernel.Task) (linux.SockAddr, uint32, *
func recvfrom(fd int, dst []byte, flags int, from *[]byte) (uint64, error) {
fromLen := uint32(len(*from))
- n, _, errno := syscall.Syscall6(syscall.SYS_RECVFROM, uintptr(fd), uintptr(firstBytePtr(dst)), uintptr(len(dst)), uintptr(flags), uintptr(firstBytePtr(*from)), uintptr(unsafe.Pointer(&fromLen)))
+ n, _, errno := unix.Syscall6(unix.SYS_RECVFROM, uintptr(fd), uintptr(firstBytePtr(dst)), uintptr(len(dst)), uintptr(flags), uintptr(firstBytePtr(*from)), uintptr(unsafe.Pointer(&fromLen)))
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
@@ -122,16 +122,16 @@ func recvfrom(fd int, dst []byte, flags int, from *[]byte) (uint64, error) {
return uint64(n), nil
}
-func recvmsg(fd int, msg *syscall.Msghdr, flags int) (uint64, error) {
- n, _, errno := syscall.Syscall(syscall.SYS_RECVMSG, uintptr(fd), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+func recvmsg(fd int, msg *unix.Msghdr, flags int) (uint64, error) {
+ n, _, errno := unix.Syscall(unix.SYS_RECVMSG, uintptr(fd), uintptr(unsafe.Pointer(msg)), uintptr(flags))
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
return uint64(n), nil
}
-func sendmsg(fd int, msg *syscall.Msghdr, flags int) (uint64, error) {
- n, _, errno := syscall.Syscall(syscall.SYS_SENDMSG, uintptr(fd), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+func sendmsg(fd int, msg *unix.Msghdr, flags int) (uint64, error) {
+ n, _, errno := unix.Syscall(unix.SYS_SENDMSG, uintptr(fd), uintptr(unsafe.Pointer(msg)), uintptr(flags))
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
diff --git a/pkg/sentry/socket/hostinet/socket_vfs2.go b/pkg/sentry/socket/hostinet/socket_vfs2.go
index dc03ccb47..5d55cc64d 100644
--- a/pkg/sentry/socket/hostinet/socket_vfs2.go
+++ b/pkg/sentry/socket/hostinet/socket_vfs2.go
@@ -15,8 +15,7 @@
package hostinet
import (
- "syscall"
-
+ "golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
"gvisor.dev/gvisor/pkg/context"
"gvisor.dev/gvisor/pkg/fdnotifier"
@@ -160,16 +159,16 @@ func (p *socketProviderVFS2) Socket(t *kernel.Task, stypeflags linux.SockType, p
// Only accept TCP and UDP.
stype := stypeflags & linux.SOCK_TYPE_MASK
switch stype {
- case syscall.SOCK_STREAM:
+ case unix.SOCK_STREAM:
switch protocol {
- case 0, syscall.IPPROTO_TCP:
+ case 0, unix.IPPROTO_TCP:
// ok
default:
return nil, nil
}
- case syscall.SOCK_DGRAM:
+ case unix.SOCK_DGRAM:
switch protocol {
- case 0, syscall.IPPROTO_UDP:
+ case 0, unix.IPPROTO_UDP:
// ok
default:
return nil, nil
@@ -181,11 +180,11 @@ func (p *socketProviderVFS2) Socket(t *kernel.Task, stypeflags linux.SockType, p
// Conservatively ignore all flags specified by the application and add
// SOCK_NONBLOCK since socketOperations requires it. Pass a protocol of 0
// to simplify the syscall filters, since 0 and IPPROTO_* are equivalent.
- fd, err := syscall.Socket(p.family, int(stype)|syscall.SOCK_NONBLOCK|syscall.SOCK_CLOEXEC, 0)
+ fd, err := unix.Socket(p.family, int(stype)|unix.SOCK_NONBLOCK|unix.SOCK_CLOEXEC, 0)
if err != nil {
return nil, syserr.FromError(err)
}
- return newVFS2Socket(t, p.family, stype, protocol, fd, uint32(stypeflags&syscall.SOCK_NONBLOCK))
+ return newVFS2Socket(t, p.family, stype, protocol, fd, uint32(stypeflags&unix.SOCK_NONBLOCK))
}
// Pair implements socket.Provider.Pair.
diff --git a/pkg/sentry/socket/hostinet/stack.go b/pkg/sentry/socket/hostinet/stack.go
index 7e7857ac3..e6323244c 100644
--- a/pkg/sentry/socket/hostinet/stack.go
+++ b/pkg/sentry/socket/hostinet/stack.go
@@ -24,6 +24,7 @@ import (
"strings"
"syscall"
+ "golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/binary"
"gvisor.dev/gvisor/pkg/context"
"gvisor.dev/gvisor/pkg/log"
@@ -138,14 +139,14 @@ func (s *Stack) Configure() error {
// netlink messages.
func ExtractHostInterfaces(links []syscall.NetlinkMessage, addrs []syscall.NetlinkMessage, interfaces map[int32]inet.Interface, interfaceAddrs map[int32][]inet.InterfaceAddr) error {
for _, link := range links {
- if link.Header.Type != syscall.RTM_NEWLINK {
+ if link.Header.Type != unix.RTM_NEWLINK {
continue
}
- if len(link.Data) < syscall.SizeofIfInfomsg {
- return fmt.Errorf("RTM_GETLINK returned RTM_NEWLINK message with invalid data length (%d bytes, expected at least %d bytes)", len(link.Data), syscall.SizeofIfInfomsg)
+ if len(link.Data) < unix.SizeofIfInfomsg {
+ return fmt.Errorf("RTM_GETLINK returned RTM_NEWLINK message with invalid data length (%d bytes, expected at least %d bytes)", len(link.Data), unix.SizeofIfInfomsg)
}
- var ifinfo syscall.IfInfomsg
- binary.Unmarshal(link.Data[:syscall.SizeofIfInfomsg], usermem.ByteOrder, &ifinfo)
+ var ifinfo unix.IfInfomsg
+ binary.Unmarshal(link.Data[:unix.SizeofIfInfomsg], usermem.ByteOrder, &ifinfo)
inetIF := inet.Interface{
DeviceType: ifinfo.Type,
Flags: ifinfo.Flags,
@@ -159,9 +160,9 @@ func ExtractHostInterfaces(links []syscall.NetlinkMessage, addrs []syscall.Netli
}
for _, attr := range attrs {
switch attr.Attr.Type {
- case syscall.IFLA_ADDRESS:
+ case unix.IFLA_ADDRESS:
inetIF.Addr = attr.Value
- case syscall.IFLA_IFNAME:
+ case unix.IFLA_IFNAME:
inetIF.Name = string(attr.Value[:len(attr.Value)-1])
}
}
@@ -169,14 +170,14 @@ func ExtractHostInterfaces(links []syscall.NetlinkMessage, addrs []syscall.Netli
}
for _, addr := range addrs {
- if addr.Header.Type != syscall.RTM_NEWADDR {
+ if addr.Header.Type != unix.RTM_NEWADDR {
continue
}
- if len(addr.Data) < syscall.SizeofIfAddrmsg {
- return fmt.Errorf("RTM_GETADDR returned RTM_NEWADDR message with invalid data length (%d bytes, expected at least %d bytes)", len(addr.Data), syscall.SizeofIfAddrmsg)
+ if len(addr.Data) < unix.SizeofIfAddrmsg {
+ return fmt.Errorf("RTM_GETADDR returned RTM_NEWADDR message with invalid data length (%d bytes, expected at least %d bytes)", len(addr.Data), unix.SizeofIfAddrmsg)
}
- var ifaddr syscall.IfAddrmsg
- binary.Unmarshal(addr.Data[:syscall.SizeofIfAddrmsg], usermem.ByteOrder, &ifaddr)
+ var ifaddr unix.IfAddrmsg
+ binary.Unmarshal(addr.Data[:unix.SizeofIfAddrmsg], usermem.ByteOrder, &ifaddr)
inetAddr := inet.InterfaceAddr{
Family: ifaddr.Family,
PrefixLen: ifaddr.Prefixlen,
@@ -188,7 +189,7 @@ func ExtractHostInterfaces(links []syscall.NetlinkMessage, addrs []syscall.Netli
}
for _, attr := range attrs {
switch attr.Attr.Type {
- case syscall.IFA_ADDRESS:
+ case unix.IFA_ADDRESS:
inetAddr.Addr = attr.Value
}
}
@@ -203,12 +204,12 @@ func ExtractHostInterfaces(links []syscall.NetlinkMessage, addrs []syscall.Netli
func ExtractHostRoutes(routeMsgs []syscall.NetlinkMessage) ([]inet.Route, error) {
var routes []inet.Route
for _, routeMsg := range routeMsgs {
- if routeMsg.Header.Type != syscall.RTM_NEWROUTE {
+ if routeMsg.Header.Type != unix.RTM_NEWROUTE {
continue
}
- var ifRoute syscall.RtMsg
- binary.Unmarshal(routeMsg.Data[:syscall.SizeofRtMsg], usermem.ByteOrder, &ifRoute)
+ var ifRoute unix.RtMsg
+ binary.Unmarshal(routeMsg.Data[:unix.SizeofRtMsg], usermem.ByteOrder, &ifRoute)
inetRoute := inet.Route{
Family: ifRoute.Family,
DstLen: ifRoute.Dst_len,
@@ -231,13 +232,13 @@ func ExtractHostRoutes(routeMsgs []syscall.NetlinkMessage) ([]inet.Route, error)
for _, attr := range attrs {
switch attr.Attr.Type {
- case syscall.RTA_DST:
+ case unix.RTA_DST:
inetRoute.DstAddr = attr.Value
- case syscall.RTA_SRC:
+ case unix.RTA_SRC:
inetRoute.SrcAddr = attr.Value
- case syscall.RTA_GATEWAY:
+ case unix.RTA_GATEWAY:
inetRoute.GatewayAddr = attr.Value
- case syscall.RTA_OIF:
+ case unix.RTA_OIF:
expected := int(binary.Size(inetRoute.OutputInterface))
if len(attr.Value) != expected {
return nil, fmt.Errorf("RTM_GETROUTE returned RTM_NEWROUTE message with invalid attribute data length (%d bytes, expected %d bytes)", len(attr.Value), expected)
@@ -253,12 +254,12 @@ func ExtractHostRoutes(routeMsgs []syscall.NetlinkMessage) ([]inet.Route, error)
}
func addHostInterfaces(s *Stack) error {
- links, err := doNetlinkRouteRequest(syscall.RTM_GETLINK)
+ links, err := doNetlinkRouteRequest(unix.RTM_GETLINK)
if err != nil {
return fmt.Errorf("RTM_GETLINK failed: %v", err)
}
- addrs, err := doNetlinkRouteRequest(syscall.RTM_GETADDR)
+ addrs, err := doNetlinkRouteRequest(unix.RTM_GETADDR)
if err != nil {
return fmt.Errorf("RTM_GETADDR failed: %v", err)
}
@@ -267,7 +268,7 @@ func addHostInterfaces(s *Stack) error {
}
func addHostRoutes(s *Stack) error {
- routes, err := doNetlinkRouteRequest(syscall.RTM_GETROUTE)
+ routes, err := doNetlinkRouteRequest(unix.RTM_GETROUTE)
if err != nil {
return fmt.Errorf("RTM_GETROUTE failed: %v", err)
}
diff --git a/pkg/sentry/socket/netlink/route/BUILD b/pkg/sentry/socket/netlink/route/BUILD
index 93127398d..744fc74f4 100644
--- a/pkg/sentry/socket/netlink/route/BUILD
+++ b/pkg/sentry/socket/netlink/route/BUILD
@@ -16,5 +16,6 @@ go_library(
"//pkg/sentry/kernel/auth",
"//pkg/sentry/socket/netlink",
"//pkg/syserr",
+ "@org_golang_x_sys//unix:go_default_library",
],
)
diff --git a/pkg/sentry/socket/netlink/route/protocol.go b/pkg/sentry/socket/netlink/route/protocol.go
index f4d034c13..5a2255db3 100644
--- a/pkg/sentry/socket/netlink/route/protocol.go
+++ b/pkg/sentry/socket/netlink/route/protocol.go
@@ -17,8 +17,8 @@ package route
import (
"bytes"
- "syscall"
+ "golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
"gvisor.dev/gvisor/pkg/context"
"gvisor.dev/gvisor/pkg/sentry/inet"
@@ -436,7 +436,7 @@ func (p *Protocol) newAddr(ctx context.Context, msg *netlink.Message, ms *netlin
Flags: ifa.Flags,
Addr: value,
})
- if err == syscall.EEXIST {
+ if err == unix.EEXIST {
flags := msg.Header().Flags
if flags&linux.NLM_F_EXCL != 0 {
return syserr.ErrExists
diff --git a/pkg/sentry/socket/netstack/netstack.go b/pkg/sentry/socket/netstack/netstack.go
index f77a867f1..f2dc7c90b 100644
--- a/pkg/sentry/socket/netstack/netstack.go
+++ b/pkg/sentry/socket/netstack/netstack.go
@@ -31,7 +31,6 @@ import (
"io/ioutil"
"math"
"reflect"
- "syscall"
"time"
"golang.org/x/sys/unix"
@@ -835,7 +834,7 @@ func getSockOptSocket(t *kernel.Task, s socket.SocketOps, ep commonEndpoint, fam
return &optP, nil
case linux.SO_PEERCRED:
- if family != linux.AF_UNIX || outLen < syscall.SizeofUcred {
+ if family != linux.AF_UNIX || outLen < unix.SizeofUcred {
return nil, syserr.ErrInvalidArgument
}
@@ -3199,15 +3198,15 @@ func nicStateFlagsToLinux(f stack.NICStateFlags) uint32 {
}
func isTCPSocket(skType linux.SockType, skProto int) bool {
- return skType == linux.SOCK_STREAM && (skProto == 0 || skProto == syscall.IPPROTO_TCP)
+ return skType == linux.SOCK_STREAM && (skProto == 0 || skProto == unix.IPPROTO_TCP)
}
func isUDPSocket(skType linux.SockType, skProto int) bool {
- return skType == linux.SOCK_DGRAM && (skProto == 0 || skProto == syscall.IPPROTO_UDP)
+ return skType == linux.SOCK_DGRAM && (skProto == 0 || skProto == unix.IPPROTO_UDP)
}
func isICMPSocket(skType linux.SockType, skProto int) bool {
- return skType == linux.SOCK_DGRAM && (skProto == syscall.IPPROTO_ICMP || skProto == syscall.IPPROTO_ICMPV6)
+ return skType == linux.SOCK_DGRAM && (skProto == unix.IPPROTO_ICMP || skProto == unix.IPPROTO_ICMPV6)
}
// State implements socket.Socket.State. State translates the internal state
diff --git a/pkg/sentry/socket/netstack/provider.go b/pkg/sentry/socket/netstack/provider.go
index 2515dda80..8605ad507 100644
--- a/pkg/sentry/socket/netstack/provider.go
+++ b/pkg/sentry/socket/netstack/provider.go
@@ -15,8 +15,7 @@
package netstack
import (
- "syscall"
-
+ "golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
"gvisor.dev/gvisor/pkg/context"
"gvisor.dev/gvisor/pkg/sentry/fs"
@@ -48,18 +47,18 @@ type provider struct {
func getTransportProtocol(ctx context.Context, stype linux.SockType, protocol int) (tcpip.TransportProtocolNumber, bool, *syserr.Error) {
switch stype {
case linux.SOCK_STREAM:
- if protocol != 0 && protocol != syscall.IPPROTO_TCP {
+ if protocol != 0 && protocol != unix.IPPROTO_TCP {
return 0, true, syserr.ErrInvalidArgument
}
return tcp.ProtocolNumber, true, nil
case linux.SOCK_DGRAM:
switch protocol {
- case 0, syscall.IPPROTO_UDP:
+ case 0, unix.IPPROTO_UDP:
return udp.ProtocolNumber, true, nil
- case syscall.IPPROTO_ICMP:
+ case unix.IPPROTO_ICMP:
return header.ICMPv4ProtocolNumber, true, nil
- case syscall.IPPROTO_ICMPV6:
+ case unix.IPPROTO_ICMPV6:
return header.ICMPv6ProtocolNumber, true, nil
}
@@ -71,18 +70,18 @@ func getTransportProtocol(ctx context.Context, stype linux.SockType, protocol in
}
switch protocol {
- case syscall.IPPROTO_ICMP:
+ case unix.IPPROTO_ICMP:
return header.ICMPv4ProtocolNumber, true, nil
- case syscall.IPPROTO_ICMPV6:
+ case unix.IPPROTO_ICMPV6:
return header.ICMPv6ProtocolNumber, true, nil
- case syscall.IPPROTO_UDP:
+ case unix.IPPROTO_UDP:
return header.UDPProtocolNumber, true, nil
- case syscall.IPPROTO_TCP:
+ case unix.IPPROTO_TCP:
return header.TCPProtocolNumber, true, nil
// IPPROTO_RAW signifies that the raw socket isn't assigned to
// a transport protocol. Users will be able to write packets'
// IP headers and won't receive anything.
- case syscall.IPPROTO_RAW:
+ case unix.IPPROTO_RAW:
return tcpip.TransportProtocolNumber(0), false, nil
}
}
diff --git a/pkg/sentry/socket/socket.go b/pkg/sentry/socket/socket.go
index cc535d794..909341dcf 100644
--- a/pkg/sentry/socket/socket.go
+++ b/pkg/sentry/socket/socket.go
@@ -21,8 +21,8 @@ import (
"bytes"
"fmt"
"sync/atomic"
- "syscall"
+ "golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
"gvisor.dev/gvisor/pkg/binary"
"gvisor.dev/gvisor/pkg/context"
@@ -198,42 +198,42 @@ type SocketVFS2 interface {
//
// It is implemented by both Socket and SocketVFS2.
type SocketOps interface {
- // Connect implements the connect(2) linux syscall.
+ // Connect implements the connect(2) linux unix.
Connect(t *kernel.Task, sockaddr []byte, blocking bool) *syserr.Error
- // Accept implements the accept4(2) linux syscall.
+ // Accept implements the accept4(2) linux unix.
// Returns fd, real peer address length and error. Real peer address
// length is only set if len(peer) > 0.
Accept(t *kernel.Task, peerRequested bool, flags int, blocking bool) (int32, linux.SockAddr, uint32, *syserr.Error)
- // Bind implements the bind(2) linux syscall.
+ // Bind implements the bind(2) linux unix.
Bind(t *kernel.Task, sockaddr []byte) *syserr.Error
- // Listen implements the listen(2) linux syscall.
+ // Listen implements the listen(2) linux unix.
Listen(t *kernel.Task, backlog int) *syserr.Error
- // Shutdown implements the shutdown(2) linux syscall.
+ // Shutdown implements the shutdown(2) linux unix.
Shutdown(t *kernel.Task, how int) *syserr.Error
- // GetSockOpt implements the getsockopt(2) linux syscall.
+ // GetSockOpt implements the getsockopt(2) linux unix.
GetSockOpt(t *kernel.Task, level int, name int, outPtr usermem.Addr, outLen int) (marshal.Marshallable, *syserr.Error)
- // SetSockOpt implements the setsockopt(2) linux syscall.
+ // SetSockOpt implements the setsockopt(2) linux unix.
SetSockOpt(t *kernel.Task, level int, name int, opt []byte) *syserr.Error
- // GetSockName implements the getsockname(2) linux syscall.
+ // GetSockName implements the getsockname(2) linux unix.
//
// addrLen is the address length to be returned to the application, not
// necessarily the actual length of the address.
GetSockName(t *kernel.Task) (addr linux.SockAddr, addrLen uint32, err *syserr.Error)
- // GetPeerName implements the getpeername(2) linux syscall.
+ // GetPeerName implements the getpeername(2) linux unix.
//
// addrLen is the address length to be returned to the application, not
// necessarily the actual length of the address.
GetPeerName(t *kernel.Task) (addr linux.SockAddr, addrLen uint32, err *syserr.Error)
- // RecvMsg implements the recvmsg(2) linux syscall.
+ // RecvMsg implements the recvmsg(2) linux unix.
//
// senderAddrLen is the address length to be returned to the application,
// not necessarily the actual length of the address.
@@ -246,7 +246,7 @@ type SocketOps interface {
// If err != nil, the recv was not successful.
RecvMsg(t *kernel.Task, dst usermem.IOSequence, flags int, haveDeadline bool, deadline ktime.Time, senderRequested bool, controlDataLen uint64) (n int, msgFlags int, senderAddr linux.SockAddr, senderAddrLen uint32, controlMessages ControlMessages, err *syserr.Error)
- // SendMsg implements the sendmsg(2) linux syscall. SendMsg does not take
+ // SendMsg implements the sendmsg(2) linux unix. SendMsg does not take
// ownership of the ControlMessage on error.
//
// If n > 0, err will either be nil or an error from t.Block.
@@ -569,21 +569,21 @@ func emitUnimplementedEvent(t *kernel.Task, name int) {
// given family.
func UnmarshalSockAddr(family int, data []byte) linux.SockAddr {
switch family {
- case syscall.AF_INET:
+ case unix.AF_INET:
var addr linux.SockAddrInet
- binary.Unmarshal(data[:syscall.SizeofSockaddrInet4], usermem.ByteOrder, &addr)
+ binary.Unmarshal(data[:unix.SizeofSockaddrInet4], usermem.ByteOrder, &addr)
return &addr
- case syscall.AF_INET6:
+ case unix.AF_INET6:
var addr linux.SockAddrInet6
- binary.Unmarshal(data[:syscall.SizeofSockaddrInet6], usermem.ByteOrder, &addr)
+ binary.Unmarshal(data[:unix.SizeofSockaddrInet6], usermem.ByteOrder, &addr)
return &addr
- case syscall.AF_UNIX:
+ case unix.AF_UNIX:
var addr linux.SockAddrUnix
- binary.Unmarshal(data[:syscall.SizeofSockaddrUnix], usermem.ByteOrder, &addr)
+ binary.Unmarshal(data[:unix.SizeofSockaddrUnix], usermem.ByteOrder, &addr)
return &addr
- case syscall.AF_NETLINK:
+ case unix.AF_NETLINK:
var addr linux.SockAddrNetlink
- binary.Unmarshal(data[:syscall.SizeofSockaddrNetlink], usermem.ByteOrder, &addr)
+ binary.Unmarshal(data[:unix.SizeofSockaddrNetlink], usermem.ByteOrder, &addr)
return &addr
default:
panic(fmt.Sprintf("Unsupported socket family %v", family))
diff --git a/pkg/sentry/socket/unix/BUILD b/pkg/sentry/socket/unix/BUILD
index acf2ab8e7..ff53a26b7 100644
--- a/pkg/sentry/socket/unix/BUILD
+++ b/pkg/sentry/socket/unix/BUILD
@@ -64,5 +64,6 @@ go_library(
"//pkg/tcpip",
"//pkg/usermem",
"//pkg/waiter",
+ "@org_golang_x_sys//unix:go_default_library",
],
)
diff --git a/pkg/sentry/socket/unix/unix.go b/pkg/sentry/socket/unix/unix.go
index 32e5d2304..63165e1d4 100644
--- a/pkg/sentry/socket/unix/unix.go
+++ b/pkg/sentry/socket/unix/unix.go
@@ -19,8 +19,8 @@ package unix
import (
"fmt"
"strings"
- "syscall"
+ "golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
"gvisor.dev/gvisor/pkg/context"
"gvisor.dev/gvisor/pkg/fspath"
@@ -600,14 +600,14 @@ func (s *socketOpsCommon) RecvMsg(t *kernel.Task, dst usermem.IOSequence, flags
// Calculate the number of FDs for which we have space and if we are
// requesting credentials.
var wantCreds bool
- rightsLen := int(controlDataLen) - syscall.SizeofCmsghdr
+ rightsLen := int(controlDataLen) - unix.SizeofCmsghdr
if s.Passcred() {
// Credentials take priority if they are enabled and there is space.
wantCreds = rightsLen > 0
if !wantCreds {
msgFlags |= linux.MSG_CTRUNC
}
- credLen := syscall.CmsgSpace(syscall.SizeofUcred)
+ credLen := unix.CmsgSpace(unix.SizeofUcred)
rightsLen -= credLen
}
// FDs are 32 bit (4 byte) ints.