Refactor SOL_SOCKET options

Store all the socket level options in a struct and call {Get/Set}SockOpt on
this struct. This will avoid implementing socket level options on all
endpoints. This CL contains implementing one socket level option for tcp and
udp endpoints.

PiperOrigin-RevId: 342203981

14 files changed, 119 insertions, 56 deletions

diff --git a/pkg/sentry/socket/netstack/netstack.go b/pkg/sentry/socket/netstack/netstack.go
index 86c634715..7d0ae15ca 100644
--- a/pkg/sentry/socket/netstack/netstack.go
+++ b/pkg/sentry/socket/netstack/netstack.go
@@ -262,6 +262,9 @@ type commonEndpoint interface {
 
 	// LastError implements tcpip.Endpoint.LastError.
 	LastError() *tcpip.Error
+
+	// SocketOptions implements tcpip.Endpoint.SocketOptions.
+	SocketOptions() *tcpip.SocketOptions
 }
 
 // LINT.IfChange
@@ -1163,13 +1166,8 @@ func getSockOptSocket(t *kernel.Task, s socket.SocketOps, ep commonEndpoint, fam
 			return nil, syserr.ErrInvalidArgument
 		}
 
-		v, err := ep.GetSockOptBool(tcpip.BroadcastOption)
-		if err != nil {
-			return nil, syserr.TranslateNetstackError(err)
-		}
-
-		vP := primitive.Int32(boolToInt32(v))
-		return &vP, nil
+		v := primitive.Int32(boolToInt32(ep.SocketOptions().GetBroadcast()))
+		return &v, nil
 
 	case linux.SO_KEEPALIVE:
 		if outLen < sizeOfInt32 {
@@ -1916,7 +1914,8 @@ func setSockOptSocket(t *kernel.Task, s socket.SocketOps, ep commonEndpoint, nam
 		}
 
 		v := usermem.ByteOrder.Uint32(optVal)
-		return syserr.TranslateNetstackError(ep.SetSockOptBool(tcpip.BroadcastOption, v != 0))
+		ep.SocketOptions().SetBroadcast(v != 0)
+		return nil
 
 	case linux.SO_PASSCRED:
 		if len(optVal) < sizeOfInt32 {
diff --git a/pkg/sentry/socket/unix/transport/unix.go b/pkg/sentry/socket/unix/transport/unix.go
index b648273a4..18a50e9f8 100644
--- a/pkg/sentry/socket/unix/transport/unix.go
+++ b/pkg/sentry/socket/unix/transport/unix.go
@@ -205,6 +205,9 @@ type Endpoint interface {
 
 	// LastError implements tcpip.Endpoint.LastError.
 	LastError() *tcpip.Error
+
+	// SocketOptions implements tcpip.Endpoint.SocketOptions.
+	SocketOptions() *tcpip.SocketOptions
 }
 
 // A Credentialer is a socket or endpoint that supports the SO_PASSCRED socket
@@ -757,6 +760,8 @@ type baseEndpoint struct {
 
 	// linger is used for SO_LINGER socket option.
 	linger tcpip.LingerOption
+
+	ops tcpip.SocketOptions
 }
 
 // EventRegister implements waiter.Waitable.EventRegister.
@@ -865,7 +870,6 @@ func (e *baseEndpoint) SetSockOpt(opt tcpip.SettableSocketOption) *tcpip.Error {
 
 func (e *baseEndpoint) SetSockOptBool(opt tcpip.SockOptBool, v bool) *tcpip.Error {
 	switch opt {
-	case tcpip.BroadcastOption:
 	case tcpip.PasscredOption:
 		e.setPasscred(v)
 	case tcpip.ReuseAddressOption:
@@ -980,6 +984,11 @@ func (*baseEndpoint) LastError() *tcpip.Error {
 	return nil
 }
 
+// SocketOptions implements Endpoint.SocketOptions.
+func (e *baseEndpoint) SocketOptions() *tcpip.SocketOptions {
+	return &e.ops
+}
+
 // Shutdown closes the read and/or write end of the endpoint connection to its
 // peer.
 func (e *baseEndpoint) Shutdown(flags tcpip.ShutdownFlags) *syserr.Error {
diff --git a/pkg/sentry/socket/unix/unix.go b/pkg/sentry/socket/unix/unix.go
index b32bb7ba8..3e520d2ee 100644
--- a/pkg/sentry/socket/unix/unix.go
+++ b/pkg/sentry/socket/unix/unix.go
@@ -115,6 +115,9 @@ type socketOpsCommon struct {
 	// bound, they cannot be modified.
 	abstractName      string
 	abstractNamespace *kernel.AbstractSocketNamespace
+
+	// ops is used to get socket level options.
+	ops tcpip.SocketOptions
 }
 
 func (s *socketOpsCommon) isPacket() bool {
diff --git a/pkg/tcpip/BUILD b/pkg/tcpip/BUILD
index 454e07662..27f96a3ac 100644
--- a/pkg/tcpip/BUILD
+++ b/pkg/tcpip/BUILD
@@ -5,6 +5,7 @@ package(licenses = ["notice"])
 go_library(
     name = "tcpip",
     srcs = [
+        "socketops.go",
         "tcpip.go",
         "time_unsafe.go",
         "timer.go",
diff --git a/pkg/tcpip/socketops.go b/pkg/tcpip/socketops.go
new file mode 100644
index 000000000..2a6c7c7c0
--- /dev/null
+++ b/pkg/tcpip/socketops.go
@@ -0,0 +1,45 @@
+// Copyright 2020 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package tcpip
+
+import (
+	"gvisor.dev/gvisor/pkg/sync"
+)
+
+// SocketOptions contains all the variables which store values for socket
+// level options.
+//
+// +stateify savable
+type SocketOptions struct {
+	// mu protects fields below.
+	mu               sync.Mutex `state:"nosave"`
+	broadcastEnabled bool
+}
+
+// GetBroadcast gets value for SO_BROADCAST option.
+func (so *SocketOptions) GetBroadcast() bool {
+	so.mu.Lock()
+	defer so.mu.Unlock()
+
+	return so.broadcastEnabled
+}
+
+// SetBroadcast sets value for SO_BROADCAST option.
+func (so *SocketOptions) SetBroadcast(v bool) {
+	so.mu.Lock()
+	defer so.mu.Unlock()
+
+	so.broadcastEnabled = v
+}
diff --git a/pkg/tcpip/stack/transport_test.go b/pkg/tcpip/stack/transport_test.go
index c1c3d8541..5b9043d85 100644
--- a/pkg/tcpip/stack/transport_test.go
+++ b/pkg/tcpip/stack/transport_test.go
@@ -46,6 +46,9 @@ type fakeTransportEndpoint struct {
 
 	// acceptQueue is non-nil iff bound.
 	acceptQueue []fakeTransportEndpoint
+
+	// ops is used to set and get socket options.
+	ops tcpip.SocketOptions
 }
 
 func (f *fakeTransportEndpoint) Info() tcpip.EndpointInfo {
@@ -58,6 +61,9 @@ func (*fakeTransportEndpoint) Stats() tcpip.EndpointStats {
 
 func (*fakeTransportEndpoint) SetOwner(owner tcpip.PacketOwner) {}
 
+func (f *fakeTransportEndpoint) SocketOptions() *tcpip.SocketOptions {
+	return &f.ops
+}
 func newFakeTransportEndpoint(proto *fakeTransportProtocol, netProto tcpip.NetworkProtocolNumber, uniqueID uint64) tcpip.Endpoint {
 	return &fakeTransportEndpoint{TransportEndpointInfo: stack.TransportEndpointInfo{NetProto: netProto}, proto: proto, uniqueID: uniqueID}
 }
@@ -183,9 +189,9 @@ func (f *fakeTransportEndpoint) Accept(*tcpip.FullAddress) (tcpip.Endpoint, *wai
 	if len(f.acceptQueue) == 0 {
 		return nil, nil, nil
 	}
-	a := f.acceptQueue[0]
+	a := &f.acceptQueue[0]
 	f.acceptQueue = f.acceptQueue[1:]
-	return &a, nil, nil
+	return a, nil, nil
 }
 
 func (f *fakeTransportEndpoint) Bind(a tcpip.FullAddress) *tcpip.Error {
diff --git a/pkg/tcpip/tcpip.go b/pkg/tcpip/tcpip.go
index 9a0c63ae4..f9e83dd1c 100644
--- a/pkg/tcpip/tcpip.go
+++ b/pkg/tcpip/tcpip.go
@@ -634,6 +634,10 @@ type Endpoint interface {
 
 	// LastError clears and returns the last error reported by the endpoint.
 	LastError() *Error
+
+	// SocketOptions returns the structure which contains all the socket
+	// level options.
+	SocketOptions() *SocketOptions
 }
 
 // LinkPacketInfo holds Link layer information for a received packet.
@@ -694,15 +698,10 @@ type WriteOptions struct {
 type SockOptBool int
 
 const (
-	// BroadcastOption is used by SetSockOptBool/GetSockOptBool to specify
-	// whether datagram sockets are allowed to send packets to a broadcast
-	// address.
-	BroadcastOption SockOptBool = iota
-
 	// CorkOption is used by SetSockOptBool/GetSockOptBool to specify if
 	// data should be held until segments are full by the TCP transport
 	// protocol.
-	CorkOption
+	CorkOption SockOptBool = iota
 
 	// DelayOption is used by SetSockOptBool/GetSockOptBool to specify if
 	// data should be sent out immediately by the transport protocol. For
diff --git a/pkg/tcpip/tests/integration/multicast_broadcast_test.go b/pkg/tcpip/tests/integration/multicast_broadcast_test.go
index 1eecd7957..9d30329f5 100644
--- a/pkg/tcpip/tests/integration/multicast_broadcast_test.go
+++ b/pkg/tcpip/tests/integration/multicast_broadcast_test.go
@@ -514,9 +514,7 @@ func TestReuseAddrAndBroadcast(t *testing.T) {
 						t.Fatalf("eps[%d].SetSockOptBool(tcpip.ReuseAddressOption, true): %s", len(eps), err)
 					}
 
-					if err := ep.SetSockOptBool(tcpip.BroadcastOption, true); err != nil {
-						t.Fatalf("eps[%d].SetSockOptBool(tcpip.BroadcastOption, true): %s", len(eps), err)
-					}
+					ep.SocketOptions().SetBroadcast(true)
 
 					bindAddr := tcpip.FullAddress{Port: localPort}
 					if bindWildcard {
diff --git a/pkg/tcpip/transport/icmp/endpoint.go b/pkg/tcpip/transport/icmp/endpoint.go
index 763cd8f84..440cb0352 100644
--- a/pkg/tcpip/transport/icmp/endpoint.go
+++ b/pkg/tcpip/transport/icmp/endpoint.go
@@ -79,6 +79,9 @@ type endpoint struct {
 
 	// owner is used to get uid and gid of the packet.
 	owner tcpip.PacketOwner
+
+	// ops is used to get socket level options.
+	ops tcpip.SocketOptions
 }
 
 func newEndpoint(s *stack.Stack, netProto tcpip.NetworkProtocolNumber, transProto tcpip.TransportProtocolNumber, waiterQueue *waiter.Queue) (tcpip.Endpoint, *tcpip.Error) {
@@ -853,3 +856,7 @@ func (*endpoint) Wait() {}
 func (*endpoint) LastError() *tcpip.Error {
 	return nil
 }
+
+func (e *endpoint) SocketOptions() *tcpip.SocketOptions {
+	return &e.ops
+}
diff --git a/pkg/tcpip/transport/packet/endpoint.go b/pkg/tcpip/transport/packet/endpoint.go
index 31831a6d8..3bff3755a 100644
--- a/pkg/tcpip/transport/packet/endpoint.go
+++ b/pkg/tcpip/transport/packet/endpoint.go
@@ -89,6 +89,9 @@ type endpoint struct {
 	// lastErrorMu protects lastError.
 	lastErrorMu sync.Mutex   `state:"nosave"`
 	lastError   *tcpip.Error `state:".(string)"`
+
+	// ops is used to get socket level options.
+	ops tcpip.SocketOptions
 }
 
 // NewEndpoint returns a new packet endpoint.
@@ -549,3 +552,7 @@ func (ep *endpoint) Stats() tcpip.EndpointStats {
 }
 
 func (ep *endpoint) SetOwner(owner tcpip.PacketOwner) {}
+
+func (ep *endpoint) SocketOptions() *tcpip.SocketOptions {
+	return &ep.ops
+}
diff --git a/pkg/tcpip/transport/raw/endpoint.go b/pkg/tcpip/transport/raw/endpoint.go
index 7b6a87ba9..4ae1f92ab 100644
--- a/pkg/tcpip/transport/raw/endpoint.go
+++ b/pkg/tcpip/transport/raw/endpoint.go
@@ -89,6 +89,9 @@ type endpoint struct {
 
 	// owner is used to get uid and gid of the packet.
 	owner tcpip.PacketOwner
+
+	// ops is used to get socket level options.
+	ops tcpip.SocketOptions
 }
 
 // NewEndpoint returns a raw  endpoint for the given protocols.
@@ -756,3 +759,7 @@ func (*endpoint) Wait() {}
 func (*endpoint) LastError() *tcpip.Error {
 	return nil
 }
+
+func (e *endpoint) SocketOptions() *tcpip.SocketOptions {
+	return &e.ops
+}
diff --git a/pkg/tcpip/transport/tcp/endpoint.go b/pkg/tcpip/transport/tcp/endpoint.go
index 23b9de8c5..194d3a8a4 100644
--- a/pkg/tcpip/transport/tcp/endpoint.go
+++ b/pkg/tcpip/transport/tcp/endpoint.go
@@ -440,9 +440,6 @@ type endpoint struct {
 	ttl               uint8
 	v6only            bool
 	isConnectNotified bool
-	// TCP should never broadcast but Linux nevertheless supports enabling/
-	// disabling SO_BROADCAST, albeit as a NOOP.
-	broadcast bool
 
 	// portFlags stores the current values of port related flags.
 	portFlags ports.Flags
@@ -685,6 +682,9 @@ type endpoint struct {
 
 	// linger is used for SO_LINGER socket option.
 	linger tcpip.LingerOption
+
+	// ops is used to get socket level options.
+	ops tcpip.SocketOptions
 }
 
 // UniqueID implements stack.TransportEndpoint.UniqueID.
@@ -1599,11 +1599,6 @@ func (e *endpoint) windowCrossedACKThresholdLocked(deltaBefore int) (crossed boo
 func (e *endpoint) SetSockOptBool(opt tcpip.SockOptBool, v bool) *tcpip.Error {
 	switch opt {
 
-	case tcpip.BroadcastOption:
-		e.LockUser()
-		e.broadcast = v
-		e.UnlockUser()
-
 	case tcpip.CorkOption:
 		e.LockUser()
 		if !v {
@@ -1950,11 +1945,6 @@ func (e *endpoint) readyReceiveSize() (int, *tcpip.Error) {
 // GetSockOptBool implements tcpip.Endpoint.GetSockOptBool.
 func (e *endpoint) GetSockOptBool(opt tcpip.SockOptBool) (bool, *tcpip.Error) {
 	switch opt {
-	case tcpip.BroadcastOption:
-		e.LockUser()
-		v := e.broadcast
-		e.UnlockUser()
-		return v, nil
 
 	case tcpip.CorkOption:
 		return atomic.LoadUint32(&e.cork) != 0, nil
@@ -3130,3 +3120,7 @@ func (e *endpoint) Wait() {
 		<-notifyCh
 	}
 }
+
+func (e *endpoint) SocketOptions() *tcpip.SocketOptions {
+	return &e.ops
+}
diff --git a/pkg/tcpip/transport/udp/endpoint.go b/pkg/tcpip/transport/udp/endpoint.go
index 9bcb918bb..57976d4e3 100644
--- a/pkg/tcpip/transport/udp/endpoint.go
+++ b/pkg/tcpip/transport/udp/endpoint.go
@@ -108,7 +108,6 @@ type endpoint struct {
 	multicastLoop  bool
 	portFlags      ports.Flags
 	bindToDevice   tcpip.NICID
-	broadcast      bool
 	noChecksum     bool
 
 	lastErrorMu sync.Mutex   `state:"nosave"`
@@ -157,6 +156,9 @@ type endpoint struct {
 
 	// linger is used for SO_LINGER socket option.
 	linger tcpip.LingerOption
+
+	// ops is used to get socket level options.
+	ops tcpip.SocketOptions
 }
 
 // +stateify savable
@@ -508,7 +510,7 @@ func (e *endpoint) write(p tcpip.Payloader, opts tcpip.WriteOptions) (int64, <-c
 		resolve = route.Resolve
 	}
 
-	if !e.broadcast && route.IsOutboundBroadcast() {
+	if !e.ops.GetBroadcast() && route.IsOutboundBroadcast() {
 		return 0, nil, tcpip.ErrBroadcastDisabled
 	}
 
@@ -553,11 +555,6 @@ func (e *endpoint) Peek([][]byte) (int64, tcpip.ControlMessages, *tcpip.Error) {
 // SetSockOptBool implements tcpip.Endpoint.SetSockOptBool.
 func (e *endpoint) SetSockOptBool(opt tcpip.SockOptBool, v bool) *tcpip.Error {
 	switch opt {
-	case tcpip.BroadcastOption:
-		e.mu.Lock()
-		e.broadcast = v
-		e.mu.Unlock()
-
 	case tcpip.MulticastLoopOption:
 		e.mu.Lock()
 		e.multicastLoop = v
@@ -614,7 +611,6 @@ func (e *endpoint) SetSockOptBool(opt tcpip.SockOptBool, v bool) *tcpip.Error {
 
 		e.v6only = v
 	}
-
 	return nil
 }
 
@@ -830,12 +826,6 @@ func (e *endpoint) SetSockOpt(opt tcpip.SettableSocketOption) *tcpip.Error {
 // GetSockOptBool implements tcpip.Endpoint.GetSockOptBool.
 func (e *endpoint) GetSockOptBool(opt tcpip.SockOptBool) (bool, *tcpip.Error) {
 	switch opt {
-	case tcpip.BroadcastOption:
-		e.mu.RLock()
-		v := e.broadcast
-		e.mu.RUnlock()
-		return v, nil
-
 	case tcpip.KeepaliveEnabledOption:
 		return false, nil
 
@@ -1525,3 +1515,7 @@ func isBroadcastOrMulticast(a tcpip.Address) bool {
 func (e *endpoint) SetOwner(owner tcpip.PacketOwner) {
 	e.owner = owner
 }
+
+func (e *endpoint) SocketOptions() *tcpip.SocketOptions {
+	return &e.ops
+}
diff --git a/pkg/tcpip/transport/udp/udp_test.go b/pkg/tcpip/transport/udp/udp_test.go
index df62177cd..764ad0857 100644
--- a/pkg/tcpip/transport/udp/udp_test.go
+++ b/pkg/tcpip/transport/udp/udp_test.go
@@ -364,9 +364,7 @@ func (c *testContext) createEndpointForFlow(flow testFlow) {
 			c.t.Fatalf("SetSockOptBool failed: %s", err)
 		}
 	} else if flow.isBroadcast() {
-		if err := c.ep.SetSockOptBool(tcpip.BroadcastOption, true); err != nil {
-			c.t.Fatalf("SetSockOptBool failed: %s", err)
-		}
+		c.ep.SocketOptions().SetBroadcast(true)
 	}
 }
 
@@ -2397,17 +2395,13 @@ func TestOutgoingSubnetBroadcast(t *testing.T) {
 				t.Fatalf("got ep.Write(_, _) = (%d, _, %v), want = (_, _, %v)", n, err, expectedErrWithoutBcastOpt)
 			}
 
-			if err := ep.SetSockOptBool(tcpip.BroadcastOption, true); err != nil {
-				t.Fatalf("got SetSockOptBool(BroadcastOption, true): %s", err)
-			}
+			ep.SocketOptions().SetBroadcast(true)
 
 			if n, _, err := ep.Write(data, opts); err != nil {
 				t.Fatalf("got ep.Write(_, _) = (%d, _, %s), want = (_, _, nil)", n, err)
 			}
 
-			if err := ep.SetSockOptBool(tcpip.BroadcastOption, false); err != nil {
-				t.Fatalf("got SetSockOptBool(BroadcastOption, false): %s", err)
-			}
+			ep.SocketOptions().SetBroadcast(false)
 
 			if n, _, err := ep.Write(data, opts); err != expectedErrWithoutBcastOpt {
 				t.Fatalf("got ep.Write(_, _) = (%d, _, %v), want = (_, _, %v)", n, err, expectedErrWithoutBcastOpt)