summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/socket/hostinet/socket.go
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry/socket/hostinet/socket.go')
-rw-r--r--pkg/sentry/socket/hostinet/socket.go97
1 files changed, 48 insertions, 49 deletions
diff --git a/pkg/sentry/socket/hostinet/socket.go b/pkg/sentry/socket/hostinet/socket.go
index 17f59ba1f..c711d0684 100644
--- a/pkg/sentry/socket/hostinet/socket.go
+++ b/pkg/sentry/socket/hostinet/socket.go
@@ -16,7 +16,6 @@ package hostinet
import (
"fmt"
- "syscall"
"golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/abi/linux"
@@ -45,10 +44,10 @@ const (
// sizeofSockaddr is the size in bytes of the largest sockaddr type
// supported by this package.
- sizeofSockaddr = syscall.SizeofSockaddrInet6 // sizeof(sockaddr_in6) > sizeof(sockaddr_in)
+ sizeofSockaddr = unix.SizeofSockaddrInet6 // sizeof(sockaddr_in6) > sizeof(sockaddr_in)
// maxControlLen is the maximum size of a control message buffer used in a
- // recvmsg or sendmsg syscall.
+ // recvmsg or sendmsg unix.
maxControlLen = 1024
)
@@ -107,7 +106,7 @@ func newSocketFile(ctx context.Context, family int, stype linux.SockType, protoc
// Release implements fs.FileOperations.Release.
func (s *socketOpsCommon) Release(context.Context) {
fdnotifier.RemoveFD(int32(s.fd))
- syscall.Close(s.fd)
+ unix.Close(s.fd)
}
// Readiness implements waiter.Waitable.Readiness.
@@ -143,8 +142,8 @@ func (s *socketOperations) Read(ctx context.Context, _ *fs.File, dst usermem.IOS
return 0, nil
}
if dsts.NumBlocks() == 1 {
- // Skip allocating []syscall.Iovec.
- n, err := syscall.Read(s.fd, dsts.Head().ToSlice())
+ // Skip allocating []unix.Iovec.
+ n, err := unix.Read(s.fd, dsts.Head().ToSlice())
if err != nil {
return 0, translateIOSyscallError(err)
}
@@ -166,8 +165,8 @@ func (s *socketOperations) Write(ctx context.Context, _ *fs.File, src usermem.IO
return 0, nil
}
if srcs.NumBlocks() == 1 {
- // Skip allocating []syscall.Iovec.
- n, err := syscall.Write(s.fd, srcs.Head().ToSlice())
+ // Skip allocating []unix.Iovec.
+ n, err := unix.Write(s.fd, srcs.Head().ToSlice())
if err != nil {
return 0, translateIOSyscallError(err)
}
@@ -184,12 +183,12 @@ func (s *socketOpsCommon) Connect(t *kernel.Task, sockaddr []byte, blocking bool
sockaddr = sockaddr[:sizeofSockaddr]
}
- _, _, errno := syscall.Syscall(syscall.SYS_CONNECT, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
+ _, _, errno := unix.Syscall(unix.SYS_CONNECT, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
if errno == 0 {
return nil
}
- if errno != syscall.EINPROGRESS || !blocking {
+ if errno != unix.EINPROGRESS || !blocking {
return syserr.FromError(translateIOSyscallError(errno))
}
@@ -208,12 +207,12 @@ func (s *socketOpsCommon) Connect(t *kernel.Task, sockaddr []byte, blocking bool
return syserr.FromError(err)
}
}
- val, err := syscall.GetsockoptInt(s.fd, syscall.SOL_SOCKET, syscall.SO_ERROR)
+ val, err := unix.GetsockoptInt(s.fd, unix.SOL_SOCKET, unix.SO_ERROR)
if err != nil {
return syserr.FromError(err)
}
if val != 0 {
- return syserr.FromError(syscall.Errno(uintptr(val)))
+ return syserr.FromError(unix.Errno(uintptr(val)))
}
return nil
}
@@ -234,7 +233,7 @@ func (s *socketOpsCommon) Accept(t *kernel.Task, peerRequested bool, flags int,
// Conservatively ignore all flags specified by the application and add
// SOCK_NONBLOCK since socketOpsCommon requires it.
- fd, syscallErr := accept4(s.fd, peerAddrPtr, peerAddrlenPtr, syscall.SOCK_NONBLOCK|syscall.SOCK_CLOEXEC)
+ fd, syscallErr := accept4(s.fd, peerAddrPtr, peerAddrlenPtr, unix.SOCK_NONBLOCK|unix.SOCK_CLOEXEC)
if blocking {
var ch chan struct{}
for syscallErr == syserror.ErrWouldBlock {
@@ -248,7 +247,7 @@ func (s *socketOpsCommon) Accept(t *kernel.Task, peerRequested bool, flags int,
s.EventRegister(&e, waiter.EventIn)
defer s.EventUnregister(&e)
}
- fd, syscallErr = accept4(s.fd, peerAddrPtr, peerAddrlenPtr, syscall.SOCK_NONBLOCK|syscall.SOCK_CLOEXEC)
+ fd, syscallErr = accept4(s.fd, peerAddrPtr, peerAddrlenPtr, unix.SOCK_NONBLOCK|unix.SOCK_CLOEXEC)
}
}
@@ -264,27 +263,27 @@ func (s *socketOpsCommon) Accept(t *kernel.Task, peerRequested bool, flags int,
kerr error
)
if kernel.VFS2Enabled {
- f, err := newVFS2Socket(t, s.family, s.stype, s.protocol, fd, uint32(flags&syscall.SOCK_NONBLOCK))
+ f, err := newVFS2Socket(t, s.family, s.stype, s.protocol, fd, uint32(flags&unix.SOCK_NONBLOCK))
if err != nil {
- syscall.Close(fd)
+ unix.Close(fd)
return 0, nil, 0, err
}
defer f.DecRef(t)
kfd, kerr = t.NewFDFromVFS2(0, f, kernel.FDFlags{
- CloseOnExec: flags&syscall.SOCK_CLOEXEC != 0,
+ CloseOnExec: flags&unix.SOCK_CLOEXEC != 0,
})
t.Kernel().RecordSocketVFS2(f)
} else {
- f, err := newSocketFile(t, s.family, s.stype, s.protocol, fd, flags&syscall.SOCK_NONBLOCK != 0)
+ f, err := newSocketFile(t, s.family, s.stype, s.protocol, fd, flags&unix.SOCK_NONBLOCK != 0)
if err != nil {
- syscall.Close(fd)
+ unix.Close(fd)
return 0, nil, 0, err
}
defer f.DecRef(t)
kfd, kerr = t.NewFDFrom(0, f, kernel.FDFlags{
- CloseOnExec: flags&syscall.SOCK_CLOEXEC != 0,
+ CloseOnExec: flags&unix.SOCK_CLOEXEC != 0,
})
t.Kernel().RecordSocket(f)
}
@@ -298,7 +297,7 @@ func (s *socketOpsCommon) Bind(t *kernel.Task, sockaddr []byte) *syserr.Error {
sockaddr = sockaddr[:sizeofSockaddr]
}
- _, _, errno := syscall.Syscall(syscall.SYS_BIND, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
+ _, _, errno := unix.Syscall(unix.SYS_BIND, uintptr(s.fd), uintptr(firstBytePtr(sockaddr)), uintptr(len(sockaddr)))
if errno != 0 {
return syserr.FromError(errno)
}
@@ -307,14 +306,14 @@ func (s *socketOpsCommon) Bind(t *kernel.Task, sockaddr []byte) *syserr.Error {
// Listen implements socket.Socket.Listen.
func (s *socketOpsCommon) Listen(t *kernel.Task, backlog int) *syserr.Error {
- return syserr.FromError(syscall.Listen(s.fd, backlog))
+ return syserr.FromError(unix.Listen(s.fd, backlog))
}
// Shutdown implements socket.Socket.Shutdown.
func (s *socketOpsCommon) Shutdown(t *kernel.Task, how int) *syserr.Error {
switch how {
- case syscall.SHUT_RD, syscall.SHUT_WR, syscall.SHUT_RDWR:
- return syserr.FromError(syscall.Shutdown(s.fd, how))
+ case unix.SHUT_RD, unix.SHUT_WR, unix.SHUT_RDWR:
+ return syserr.FromError(unix.Shutdown(s.fd, how))
default:
return syserr.ErrInvalidArgument
}
@@ -344,7 +343,7 @@ func (s *socketOpsCommon) GetSockOpt(t *kernel.Task, level int, name int, outPtr
case linux.SO_ERROR, linux.SO_KEEPALIVE, linux.SO_SNDBUF, linux.SO_RCVBUF, linux.SO_REUSEADDR, linux.SO_TIMESTAMP:
optlen = sizeofInt32
case linux.SO_LINGER:
- optlen = syscall.SizeofLinger
+ optlen = unix.SizeofLinger
}
case linux.SOL_TCP:
switch name {
@@ -407,18 +406,18 @@ func (s *socketOpsCommon) SetSockOpt(t *kernel.Task, level int, name int, opt []
}
opt = opt[:optlen]
- _, _, errno := syscall.Syscall6(syscall.SYS_SETSOCKOPT, uintptr(s.fd), uintptr(level), uintptr(name), uintptr(firstBytePtr(opt)), uintptr(len(opt)), 0)
+ _, _, errno := unix.Syscall6(unix.SYS_SETSOCKOPT, uintptr(s.fd), uintptr(level), uintptr(name), uintptr(firstBytePtr(opt)), uintptr(len(opt)), 0)
if errno != 0 {
return syserr.FromError(errno)
}
return nil
}
-func (s *socketOpsCommon) recvMsgFromHost(iovs []syscall.Iovec, flags int, senderRequested bool, controlLen uint64) (uint64, int, []byte, []byte, error) {
+func (s *socketOpsCommon) recvMsgFromHost(iovs []unix.Iovec, flags int, senderRequested bool, controlLen uint64) (uint64, int, []byte, []byte, error) {
// We always do a non-blocking recv*().
- sysflags := flags | syscall.MSG_DONTWAIT
+ sysflags := flags | unix.MSG_DONTWAIT
- msg := syscall.Msghdr{}
+ msg := unix.Msghdr{}
if len(iovs) > 0 {
msg.Iov = &iovs[0]
msg.Iovlen = uint64(len(iovs))
@@ -448,7 +447,7 @@ func (s *socketOpsCommon) recvMsgFromHost(iovs []syscall.Iovec, flags int, sende
// RecvMsg implements socket.Socket.RecvMsg.
func (s *socketOpsCommon) RecvMsg(t *kernel.Task, dst usermem.IOSequence, flags int, haveDeadline bool, deadline ktime.Time, senderRequested bool, controlLen uint64) (int, int, linux.SockAddr, uint32, socket.ControlMessages, *syserr.Error) {
// Only allow known and safe flags.
- if flags&^(syscall.MSG_DONTWAIT|syscall.MSG_PEEK|syscall.MSG_TRUNC|syscall.MSG_ERRQUEUE) != 0 {
+ if flags&^(unix.MSG_DONTWAIT|unix.MSG_PEEK|unix.MSG_TRUNC|unix.MSG_ERRQUEUE) != 0 {
return 0, 0, nil, 0, socket.ControlMessages{}, syserr.ErrInvalidArgument
}
@@ -483,7 +482,7 @@ func (s *socketOpsCommon) RecvMsg(t *kernel.Task, dst usermem.IOSequence, flags
var ch chan struct{}
n, err := copyToDst()
// recv*(MSG_ERRQUEUE) never blocks, even without MSG_DONTWAIT.
- if flags&(syscall.MSG_DONTWAIT|syscall.MSG_ERRQUEUE) == 0 {
+ if flags&(unix.MSG_DONTWAIT|unix.MSG_ERRQUEUE) == 0 {
for err == syserror.ErrWouldBlock {
// We only expect blocking to come from the actual syscall, in which
// case it can't have returned any data.
@@ -547,7 +546,7 @@ func parseUnixControlMessages(unixControlMessages []unix.SocketControlMessage) s
binary.Unmarshal(unixCmsg.Data[:addr.SizeBytes()], usermem.ByteOrder, &addr)
controlMessages.IP.OriginalDstAddress = &addr
- case syscall.IP_RECVERR:
+ case unix.IP_RECVERR:
var errCmsg linux.SockErrCMsgIPv4
errCmsg.UnmarshalBytes(unixCmsg.Data)
controlMessages.IP.SockErr = &errCmsg
@@ -564,7 +563,7 @@ func parseUnixControlMessages(unixControlMessages []unix.SocketControlMessage) s
binary.Unmarshal(unixCmsg.Data[:addr.SizeBytes()], usermem.ByteOrder, &addr)
controlMessages.IP.OriginalDstAddress = &addr
- case syscall.IPV6_RECVERR:
+ case unix.IPV6_RECVERR:
var errCmsg linux.SockErrCMsgIPv6
errCmsg.UnmarshalBytes(unixCmsg.Data)
controlMessages.IP.SockErr = &errCmsg
@@ -584,7 +583,7 @@ func parseUnixControlMessages(unixControlMessages []unix.SocketControlMessage) s
// SendMsg implements socket.Socket.SendMsg.
func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []byte, flags int, haveDeadline bool, deadline ktime.Time, controlMessages socket.ControlMessages) (int, *syserr.Error) {
// Only allow known and safe flags.
- if flags&^(syscall.MSG_DONTWAIT|syscall.MSG_EOR|syscall.MSG_FASTOPEN|syscall.MSG_MORE|syscall.MSG_NOSIGNAL) != 0 {
+ if flags&^(unix.MSG_DONTWAIT|unix.MSG_EOR|unix.MSG_FASTOPEN|unix.MSG_MORE|unix.MSG_NOSIGNAL) != 0 {
return 0, syserr.ErrInvalidArgument
}
@@ -606,12 +605,12 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
}
// We always do a non-blocking send*().
- sysflags := flags | syscall.MSG_DONTWAIT
+ sysflags := flags | unix.MSG_DONTWAIT
if srcs.NumBlocks() == 1 && len(controlBuf) == 0 {
- // Skip allocating []syscall.Iovec.
+ // Skip allocating []unix.Iovec.
src := srcs.Head()
- n, _, errno := syscall.Syscall6(syscall.SYS_SENDTO, uintptr(s.fd), src.Addr(), uintptr(src.Len()), uintptr(sysflags), uintptr(firstBytePtr(to)), uintptr(len(to)))
+ n, _, errno := unix.Syscall6(unix.SYS_SENDTO, uintptr(s.fd), src.Addr(), uintptr(src.Len()), uintptr(sysflags), uintptr(firstBytePtr(to)), uintptr(len(to)))
if errno != 0 {
return 0, translateIOSyscallError(errno)
}
@@ -619,7 +618,7 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
}
iovs := safemem.IovecsFromBlockSeq(srcs)
- msg := syscall.Msghdr{
+ msg := unix.Msghdr{
Iov: &iovs[0],
Iovlen: uint64(len(iovs)),
}
@@ -636,7 +635,7 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
var ch chan struct{}
n, err := src.CopyInTo(t, sendmsgFromBlocks)
- if flags&syscall.MSG_DONTWAIT == 0 {
+ if flags&unix.MSG_DONTWAIT == 0 {
for err == syserror.ErrWouldBlock {
// We only expect blocking to come from the actual syscall, in which
// case it can't have returned any data.
@@ -664,7 +663,7 @@ func (s *socketOpsCommon) SendMsg(t *kernel.Task, src usermem.IOSequence, to []b
}
func translateIOSyscallError(err error) error {
- if err == syscall.EAGAIN || err == syscall.EWOULDBLOCK {
+ if err == unix.EAGAIN || err == unix.EWOULDBLOCK {
return syserror.ErrWouldBlock
}
return err
@@ -673,9 +672,9 @@ func translateIOSyscallError(err error) error {
// State implements socket.Socket.State.
func (s *socketOpsCommon) State() uint32 {
info := linux.TCPInfo{}
- buf, err := getsockopt(s.fd, syscall.SOL_TCP, syscall.TCP_INFO, linux.SizeOfTCPInfo)
+ buf, err := getsockopt(s.fd, unix.SOL_TCP, unix.TCP_INFO, linux.SizeOfTCPInfo)
if err != nil {
- if err != syscall.ENOPROTOOPT {
+ if err != unix.ENOPROTOOPT {
log.Warningf("Failed to get TCP socket info from %+v: %v", s, err)
}
// For non-TCP sockets, silently ignore the failure.
@@ -715,16 +714,16 @@ func (p *socketProvider) Socket(t *kernel.Task, stypeflags linux.SockType, proto
// Only accept TCP and UDP.
stype := stypeflags & linux.SOCK_TYPE_MASK
switch stype {
- case syscall.SOCK_STREAM:
+ case unix.SOCK_STREAM:
switch protocol {
- case 0, syscall.IPPROTO_TCP:
+ case 0, unix.IPPROTO_TCP:
// ok
default:
return nil, nil
}
- case syscall.SOCK_DGRAM:
+ case unix.SOCK_DGRAM:
switch protocol {
- case 0, syscall.IPPROTO_UDP:
+ case 0, unix.IPPROTO_UDP:
// ok
default:
return nil, nil
@@ -736,11 +735,11 @@ func (p *socketProvider) Socket(t *kernel.Task, stypeflags linux.SockType, proto
// Conservatively ignore all flags specified by the application and add
// SOCK_NONBLOCK since socketOperations requires it. Pass a protocol of 0
// to simplify the syscall filters, since 0 and IPPROTO_* are equivalent.
- fd, err := syscall.Socket(p.family, int(stype)|syscall.SOCK_NONBLOCK|syscall.SOCK_CLOEXEC, 0)
+ fd, err := unix.Socket(p.family, int(stype)|unix.SOCK_NONBLOCK|unix.SOCK_CLOEXEC, 0)
if err != nil {
return nil, syserr.FromError(err)
}
- return newSocketFile(t, p.family, stype, protocol, fd, stypeflags&syscall.SOCK_NONBLOCK != 0)
+ return newSocketFile(t, p.family, stype, protocol, fd, stypeflags&unix.SOCK_NONBLOCK != 0)
}
// Pair implements socket.Provider.Pair.
@@ -752,7 +751,7 @@ func (p *socketProvider) Pair(t *kernel.Task, stype linux.SockType, protocol int
// LINT.ThenChange(./socket_vfs2.go)
func init() {
- for _, family := range []int{syscall.AF_INET, syscall.AF_INET6} {
+ for _, family := range []int{unix.AF_INET, unix.AF_INET6} {
socket.RegisterProvider(family, &socketProvider{family})
socket.RegisterProviderVFS2(family, &socketProviderVFS2{family})
}