From 9b1170123d323e1f1e49bf5cf792070629d7ae09 Mon Sep 17 00:00:00 2001 From: Ian Gudger Date: Thu, 4 Mar 2021 02:34:51 -0800 Subject: Fix race in unix socket transport. transport.baseEndpoint.receiver and transport.baseEndpoint.connected are protected by transport.baseEndpoint.Mutex. In order to access them without holding the mutex, we must make a copy. Notifications must be sent without holding the mutex, so we need the values without holding the mutex. --- pkg/sentry/socket/unix/transport/unix.go | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/pkg/sentry/socket/unix/transport/unix.go b/pkg/sentry/socket/unix/transport/unix.go index 359a5995b..089a0a647 100644 --- a/pkg/sentry/socket/unix/transport/unix.go +++ b/pkg/sentry/socket/unix/transport/unix.go @@ -816,19 +816,20 @@ func (e *baseEndpoint) Connected() bool { func (e *baseEndpoint) RecvMsg(ctx context.Context, data [][]byte, creds bool, numRights int, peek bool, addr *tcpip.FullAddress) (int64, int64, ControlMessages, bool, *syserr.Error) { e.Lock() - if e.receiver == nil { + receiver := e.receiver + if receiver == nil { e.Unlock() return 0, 0, ControlMessages{}, false, syserr.ErrNotConnected } - recvLen, msgLen, cms, cmt, a, notify, err := e.receiver.Recv(ctx, data, creds, numRights, peek) + recvLen, msgLen, cms, cmt, a, notify, err := receiver.Recv(ctx, data, creds, numRights, peek) e.Unlock() if err != nil { return 0, 0, ControlMessages{}, false, err } if notify { - e.receiver.RecvNotify() + receiver.RecvNotify() } if addr != nil { @@ -850,11 +851,12 @@ func (e *baseEndpoint) SendMsg(ctx context.Context, data [][]byte, c ControlMess return 0, syserr.ErrAlreadyConnected } - n, notify, err := e.connected.Send(ctx, data, c, tcpip.FullAddress{Addr: tcpip.Address(e.path)}) + connected := e.connected + n, notify, err := connected.Send(ctx, data, c, tcpip.FullAddress{Addr: tcpip.Address(e.path)}) e.Unlock() if notify { - e.connected.SendNotify() + connected.SendNotify() } return n, err -- cgit v1.2.3