vfs1: don't allow to open socket files

open() has to return ENXIO in this case. O_PATH isn't supported by vfs1. PiperOrigin-RevId: 348820478
author: Andrei Vagin <avagin@google.com> 2020-12-23 11:08:42 -0800
committer: gVisor bot <gvisor-bot@google.com> 2020-12-23 11:11:07 -0800
commit: d07915987631f4c3c6345275019a5b5b0cf28dbb (patch)
tree: e4fe185b9f066fbdc59581ae4f3c8b907807b2f2 /pkg/sentry/syscalls
parent: 6d96a2394d3a4b983b1fa046cf605e22404c4948 (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/pkg/sentry/syscalls/linux/sys_file.go b/pkg/sentry/syscalls/linux/sys_file.go
index 8db587401..c33571f43 100644
--- a/pkg/sentry/syscalls/linux/sys_file.go
+++ b/pkg/sentry/syscalls/linux/sys_file.go
@@ -175,6 +175,12 @@ func openAt(t *kernel.Task, dirFD int32, addr usermem.Addr, flags uint) (fd uint
 			}
 		}
 
+		file, err := d.Inode.GetFile(t, d, fileFlags)
+		if err != nil {
+			return syserror.ConvertIntr(err, syserror.ERESTARTSYS)
+		}
+		defer file.DecRef(t)
+
 		// Truncate is called when O_TRUNC is specified for any kind of
 		// existing Dirent. Behavior is delegated to the entry's Truncate
 		// implementation.
@@ -184,12 +190,6 @@ func openAt(t *kernel.Task, dirFD int32, addr usermem.Addr, flags uint) (fd uint
 			}
 		}
 
-		file, err := d.Inode.GetFile(t, d, fileFlags)
-		if err != nil {
-			return syserror.ConvertIntr(err, syserror.ERESTARTSYS)
-		}
-		defer file.DecRef(t)
-
 		// Success.
 		newFD, err := t.NewFDFrom(0, file, kernel.FDFlags{
 			CloseOnExec: flags&linux.O_CLOEXEC != 0,
author	Andrei Vagin <avagin@google.com>	2020-12-23 11:08:42 -0800
committer	gVisor bot <gvisor-bot@google.com>	2020-12-23 11:11:07 -0800
commit	d07915987631f4c3c6345275019a5b5b0cf28dbb (patch)
tree	e4fe185b9f066fbdc59581ae4f3c8b907807b2f2 /pkg/sentry/syscalls
parent	6d96a2394d3a4b983b1fa046cf605e22404c4948 (diff)