transport

package
v0.0.0-...-ba09d25 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 29, 2021 License: Apache-2.0, MIT Imports: 17 Imported by: 0

Documentation

Overview

Package transport contains the implementation of Unix endpoints.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewPair

func NewPair(ctx context.Context, stype linux.SockType, uid uniqueid.Provider) (Endpoint, Endpoint)

NewPair allocates a new pair of connected unix-domain connectionedEndpoints.

Types

type BoundEndpoint

type BoundEndpoint interface {
	// BidirectionalConnect establishes a bi-directional connection between two
	// unix endpoints in an all-or-nothing manner. If an error occurs during
	// connecting, the state of neither endpoint should be modified.
	//
	// In order for an endpoint to establish such a bidirectional connection
	// with a BoundEndpoint, the endpoint calls the BidirectionalConnect method
	// on the BoundEndpoint and sends a representation of itself (the
	// ConnectingEndpoint) and a callback (returnConnect) to receive the
	// connection information (Receiver and ConnectedEndpoint) upon a
	// successful connect. The callback should only be called on a successful
	// connect.
	//
	// For a connection attempt to be successful, the ConnectingEndpoint must
	// be unconnected and not listening and the BoundEndpoint whose
	// BidirectionalConnect method is being called must be listening.
	//
	// This method will return syserr.ErrConnectionRefused on endpoints with a
	// type that isn't SockStream or SockSeqpacket.
	BidirectionalConnect(ctx context.Context, ep ConnectingEndpoint, returnConnect func(Receiver, ConnectedEndpoint)) *syserr.Error

	// UnidirectionalConnect establishes a write-only connection to a unix
	// endpoint.
	//
	// An endpoint which calls UnidirectionalConnect and supports it itself must
	// not hold its own lock when calling UnidirectionalConnect.
	//
	// This method will return syserr.ErrConnectionRefused on a non-SockDgram
	// endpoint.
	UnidirectionalConnect(ctx context.Context) (ConnectedEndpoint, *syserr.Error)

	// Passcred returns whether or not the SO_PASSCRED socket option is
	// enabled on this end.
	Passcred() bool

	// Release releases any resources held by the BoundEndpoint. It must be
	// called before dropping all references to a BoundEndpoint returned by a
	// function.
	Release(ctx context.Context)
}

A BoundEndpoint is a unix endpoint that can be connected to.

type ConnectedEndpoint

type ConnectedEndpoint interface {
	// Passcred implements Endpoint.Passcred.
	Passcred() bool

	// GetLocalAddress implements Endpoint.GetLocalAddress.
	GetLocalAddress() (tcpip.FullAddress, tcpip.Error)

	// Send sends a single message. This method does not block.
	//
	// notify indicates if SendNotify should be called.
	//
	// syserr.ErrWouldBlock can be returned along with a partial write if
	// the caller should block to send the rest of the data.
	Send(ctx context.Context, data [][]byte, c ControlMessages, from tcpip.FullAddress) (n int64, notify bool, err *syserr.Error)

	// SendNotify notifies the ConnectedEndpoint of a successful Send. This
	// must not be called while holding any endpoint locks.
	SendNotify()

	// CloseSend prevents the sending of additional Messages.
	//
	// After CloseSend is call, CloseNotify must also be called.
	CloseSend()

	// CloseNotify notifies the ConnectedEndpoint of send being closed. This
	// must not be called while holding any endpoint locks.
	CloseNotify()

	// Writable returns if messages should be attempted to be sent. This
	// includes when write has been shutdown.
	Writable() bool

	// EventUpdate lets the ConnectedEndpoint know that event registrations
	// have changed.
	EventUpdate() error

	// SendQueuedSize returns the total amount of data currently queued for
	// sending. SendQueuedSize should return -1 if the operation isn't
	// supported.
	SendQueuedSize() int64

	// SendMaxQueueSize returns maximum value for SendQueuedSize.
	// SendMaxQueueSize should return -1 if the operation isn't supported.
	SendMaxQueueSize() int64

	// Release releases any resources owned by the ConnectedEndpoint. It should
	// be called before dropping all references to a ConnectedEndpoint.
	Release(ctx context.Context)

	// CloseUnread sets the fact that this end is closed with unread data to
	// the peer socket.
	CloseUnread()

	// SetSendBufferSize is called when the endpoint's send buffer size is
	// changed.
	SetSendBufferSize(v int64) (newSz int64)
}

A ConnectedEndpoint is an Endpoint that can be used to send Messages.

type ConnectingEndpoint

type ConnectingEndpoint interface {
	// ID returns the endpoint's globally unique identifier. This identifier
	// must be used to determine locking order if more than one endpoint is
	// to be locked in the same codepath. The endpoint with the smaller
	// identifier must be locked before endpoints with larger identifiers.
	ID() uint64

	// Passcred implements socket.Credentialer.Passcred.
	Passcred() bool

	// Type returns the socket type, typically either SockStream or
	// SockSeqpacket. The connection attempt must be aborted if this
	// value doesn't match the BoundEndpoint's type.
	Type() linux.SockType

	// GetLocalAddress returns the bound path.
	GetLocalAddress() (tcpip.FullAddress, tcpip.Error)

	// Locker protects the following methods. While locked, only the holder of
	// the lock can change the return value of the protected methods.
	sync.Locker

	// Connected returns true iff the ConnectingEndpoint is in the connected
	// state. ConnectingEndpoints can only be connected to a single endpoint,
	// so the connection attempt must be aborted if this returns true.
	Connected() bool

	// Listening returns true iff the ConnectingEndpoint is in the listening
	// state. ConnectingEndpoints cannot make connections while listening, so
	// the connection attempt must be aborted if this returns true.
	Listening() bool

	// WaiterQueue returns a pointer to the endpoint's waiter queue.
	WaiterQueue() *waiter.Queue
}

A ConnectingEndpoint is a connectioned unix endpoint that is attempting to establish a bidirectional connection with a BoundEndpoint.

type ControlMessages

type ControlMessages struct {
	// Rights is a control message containing FDs.
	Rights RightsControlMessage

	// Credentials is a control message containing Unix credentials.
	Credentials CredentialsControlMessage
}

A ControlMessages represents a collection of socket control messages.

+stateify savable

func (*ControlMessages) Clone

func (c *ControlMessages) Clone() ControlMessages

Clone clones both the credentials and the rights.

func (*ControlMessages) Empty

func (c *ControlMessages) Empty() bool

Empty returns true iff the ControlMessages does not contain either credentials or rights.

func (*ControlMessages) Release

func (c *ControlMessages) Release(ctx context.Context)

Release releases both the credentials and the rights.

type Credentialer

type Credentialer interface {
	// Passcred returns whether or not the SO_PASSCRED socket option is
	// enabled on this end.
	Passcred() bool

	// ConnectedPasscred returns whether or not the SO_PASSCRED socket option
	// is enabled on the connected end.
	ConnectedPasscred() bool
}

A Credentialer is a socket or endpoint that supports the SO_PASSCRED socket option.

type CredentialsControlMessage

type CredentialsControlMessage interface {
	// Equals returns true iff the two messages are equal.
	Equals(CredentialsControlMessage) bool
}

A CredentialsControlMessage is a control message containing Unix credentials.

type Endpoint

type Endpoint interface {
	Credentialer
	waiter.Waitable

	// Close puts the endpoint in a closed state and frees all resources
	// associated with it.
	Close(ctx context.Context)

	// RecvMsg reads data and a control message from the endpoint. This method
	// does not block if there is no data pending.
	//
	// creds indicates if credential control messages are requested by the
	// caller. This is useful for determining if control messages can be
	// coalesced. creds is a hint and can be safely ignored by the
	// implementation if no coalescing is possible. It is fine to return
	// credential control messages when none were requested or to not return
	// credential control messages when they were requested.
	//
	// numRights is the number of SCM_RIGHTS FDs requested by the caller. This
	// is useful if one must allocate a buffer to receive a SCM_RIGHTS message
	// or determine if control messages can be coalesced. numRights is a hint
	// and can be safely ignored by the implementation if the number of
	// available SCM_RIGHTS FDs is known and no coalescing is possible. It is
	// fine for the returned number of SCM_RIGHTS FDs to be either higher or
	// lower than the requested number.
	//
	// If peek is true, no data should be consumed from the Endpoint. Any and
	// all data returned from a peek should be available in the next call to
	// RecvMsg.
	//
	// recvLen is the number of bytes copied into data.
	//
	// msgLen is the length of the read message consumed for datagram Endpoints.
	// msgLen is always the same as recvLen for stream Endpoints.
	//
	// CMTruncated indicates that the numRights hint was used to receive fewer
	// than the total available SCM_RIGHTS FDs. Additional truncation may be
	// required by the caller.
	RecvMsg(ctx context.Context, data [][]byte, creds bool, numRights int, peek bool, addr *tcpip.FullAddress) (recvLen, msgLen int64, cm ControlMessages, CMTruncated bool, err *syserr.Error)

	// SendMsg writes data and a control message to the endpoint's peer.
	// This method does not block if the data cannot be written.
	//
	// SendMsg does not take ownership of any of its arguments on error.
	SendMsg(context.Context, [][]byte, ControlMessages, BoundEndpoint) (int64, *syserr.Error)

	// Connect connects this endpoint directly to another.
	//
	// This should be called on the client endpoint, and the (bound)
	// endpoint passed in as a parameter.
	//
	// The error codes are the same as Connect.
	Connect(ctx context.Context, server BoundEndpoint) *syserr.Error

	// Shutdown closes the read and/or write end of the endpoint connection
	// to its peer.
	Shutdown(flags tcpip.ShutdownFlags) *syserr.Error

	// Listen puts the endpoint in "listen" mode, which allows it to accept
	// new connections.
	Listen(backlog int) *syserr.Error

	// Accept returns a new endpoint if a peer has established a connection
	// to an endpoint previously set to listen mode. This method does not
	// block if no new connections are available.
	//
	// The returned Queue is the wait queue for the newly created endpoint.
	//
	// peerAddr if not nil will be populated with the address of the connected
	// peer on a successful accept.
	Accept(peerAddr *tcpip.FullAddress) (Endpoint, *syserr.Error)

	// Bind binds the endpoint to a specific local address and port.
	// Specifying a NIC is optional.
	//
	// An optional commit function will be executed atomically with respect
	// to binding the endpoint. If this returns an error, the bind will not
	// occur and the error will be propagated back to the caller.
	Bind(address tcpip.FullAddress, commit func() *syserr.Error) *syserr.Error

	// Type return the socket type, typically either SockStream, SockDgram
	// or SockSeqpacket.
	Type() linux.SockType

	// GetLocalAddress returns the address to which the endpoint is bound.
	GetLocalAddress() (tcpip.FullAddress, tcpip.Error)

	// GetRemoteAddress returns the address to which the endpoint is
	// connected.
	GetRemoteAddress() (tcpip.FullAddress, tcpip.Error)

	// SetSockOpt sets a socket option.
	SetSockOpt(opt tcpip.SettableSocketOption) tcpip.Error

	// SetSockOptInt sets a socket option for simple cases when a value has
	// the int type.
	SetSockOptInt(opt tcpip.SockOptInt, v int) tcpip.Error

	// GetSockOpt gets a socket option.
	GetSockOpt(opt tcpip.GettableSocketOption) tcpip.Error

	// GetSockOptInt gets a socket option for simple cases when a return
	// value has the int type.
	GetSockOptInt(opt tcpip.SockOptInt) (int, tcpip.Error)

	// State returns the current state of the socket, as represented by Linux in
	// procfs.
	State() uint32

	// LastError clears and returns the last error reported by the endpoint.
	LastError() tcpip.Error

	// SocketOptions returns the structure which contains all the socket
	// level options.
	SocketOptions() *tcpip.SocketOptions
}

Endpoint is the interface implemented by Unix transport protocol implementations that expose functionality like sendmsg, recvmsg, connect, etc. to Unix socket implementations.

func NewConnectioned

func NewConnectioned(ctx context.Context, stype linux.SockType, uid uniqueid.Provider) Endpoint

NewConnectioned creates a new unbound connectionedEndpoint.

func NewConnectionless

func NewConnectionless(ctx context.Context) Endpoint

NewConnectionless creates a new unbound dgram endpoint.

func NewExternal

func NewExternal(stype linux.SockType, uid uniqueid.Provider, queue *waiter.Queue, receiver Receiver, connected ConnectedEndpoint) Endpoint

NewExternal creates a new externally backed Endpoint. It behaves like a socketpair.

type HostConnectedEndpoint

type HostConnectedEndpoint struct {
	HostConnectedEndpointRefs
	// contains filtered or unexported fields
}

HostConnectedEndpoint is an implementation of ConnectedEndpoint and Receiver. It is backed by a host fd that was imported at sentry startup. This fd is shared with a hostfs inode, which retains ownership of it.

HostConnectedEndpoint is saveable, since we expect that the host will provide the same fd upon restore.

As of this writing, we only allow Unix sockets to be imported.

+stateify savable

func NewHostConnectedEndpoint

func NewHostConnectedEndpoint(hostFD int, addr string) (*HostConnectedEndpoint, *syserr.Error)

NewHostConnectedEndpoint creates a new HostConnectedEndpoint backed by a host fd imported at sentry startup.

The caller is responsible for calling Init(). Additionally, Release needs to be called twice because HostConnectedEndpoint is both a Receiver and HostConnectedEndpoint.

func (*HostConnectedEndpoint) CloseNotify

func (c *HostConnectedEndpoint) CloseNotify()

CloseNotify implements ConnectedEndpoint.CloseNotify.

func (*HostConnectedEndpoint) CloseRecv

func (c *HostConnectedEndpoint) CloseRecv()

CloseRecv implements Receiver.CloseRecv.

func (*HostConnectedEndpoint) CloseSend

func (c *HostConnectedEndpoint) CloseSend()

CloseSend implements ConnectedEndpoint.CloseSend.

func (*HostConnectedEndpoint) CloseUnread

func (c *HostConnectedEndpoint) CloseUnread()

CloseUnread implements ConnectedEndpoint.CloseUnread.

func (*HostConnectedEndpoint) EventUpdate

func (c *HostConnectedEndpoint) EventUpdate() error

EventUpdate implements ConnectedEndpoint.EventUpdate.

func (*HostConnectedEndpoint) GetLocalAddress

func (c *HostConnectedEndpoint) GetLocalAddress() (tcpip.FullAddress, tcpip.Error)

GetLocalAddress implements ConnectedEndpoint.GetLocalAddress.

func (*HostConnectedEndpoint) Passcred

func (c *HostConnectedEndpoint) Passcred() bool

Passcred implements ConnectedEndpoint.Passcred.

func (*HostConnectedEndpoint) Readable

func (c *HostConnectedEndpoint) Readable() bool

Readable implements Receiver.Readable.

func (*HostConnectedEndpoint) Recv

func (c *HostConnectedEndpoint) Recv(ctx context.Context, data [][]byte, creds bool, numRights int, peek bool) (int64, int64, ControlMessages, bool, tcpip.FullAddress, bool, *syserr.Error)

Recv implements Receiver.Recv.

func (*HostConnectedEndpoint) RecvMaxQueueSize

func (c *HostConnectedEndpoint) RecvMaxQueueSize() int64

RecvMaxQueueSize implements Receiver.RecvMaxQueueSize.

func (*HostConnectedEndpoint) RecvNotify

func (c *HostConnectedEndpoint) RecvNotify()

RecvNotify implements Receiver.RecvNotify.

func (*HostConnectedEndpoint) RecvQueuedSize

func (c *HostConnectedEndpoint) RecvQueuedSize() int64

RecvQueuedSize implements Receiver.RecvQueuedSize.

func (*HostConnectedEndpoint) Release

func (c *HostConnectedEndpoint) Release(ctx context.Context)

Release implements ConnectedEndpoint.Release and Receiver.Release.

func (*HostConnectedEndpoint) Send

func (c *HostConnectedEndpoint) Send(ctx context.Context, data [][]byte, controlMessages ControlMessages, from tcpip.FullAddress) (int64, bool, *syserr.Error)

Send implements ConnectedEndpoint.Send.

func (*HostConnectedEndpoint) SendMaxQueueSize

func (c *HostConnectedEndpoint) SendMaxQueueSize() int64

SendMaxQueueSize implements Receiver.SendMaxQueueSize.

func (*HostConnectedEndpoint) SendNotify

func (c *HostConnectedEndpoint) SendNotify()

SendNotify implements ConnectedEndpoint.SendNotify.

func (*HostConnectedEndpoint) SendQueuedSize

func (c *HostConnectedEndpoint) SendQueuedSize() int64

SendQueuedSize implements Receiver.SendQueuedSize.

func (*HostConnectedEndpoint) SetReceiveBufferSize

func (c *HostConnectedEndpoint) SetReceiveBufferSize(v int64) (newSz int64)

SetReceiveBufferSize implements ConnectedEndpoint.SetReceiveBufferSize.

func (*HostConnectedEndpoint) SetSendBufferSize

func (c *HostConnectedEndpoint) SetSendBufferSize(v int64) (newSz int64)

SetSendBufferSize implements ConnectedEndpoint.SetSendBufferSize.

func (*HostConnectedEndpoint) SockType

func (c *HostConnectedEndpoint) SockType() linux.SockType

SockType returns the underlying socket type.

func (*HostConnectedEndpoint) Writable

func (c *HostConnectedEndpoint) Writable() bool

Writable implements ConnectedEndpoint.Writable.

type Receiver

type Receiver interface {
	// Recv receives a single message. This method does not block.
	//
	// See Endpoint.RecvMsg for documentation on shared arguments.
	//
	// notify indicates if RecvNotify should be called.
	Recv(ctx context.Context, data [][]byte, creds bool, numRights int, peek bool) (recvLen, msgLen int64, cm ControlMessages, CMTruncated bool, source tcpip.FullAddress, notify bool, err *syserr.Error)

	// RecvNotify notifies the Receiver of a successful Recv. This must not be
	// called while holding any endpoint locks.
	RecvNotify()

	// CloseRecv prevents the receiving of additional Messages.
	//
	// After CloseRecv is called, CloseNotify must also be called.
	CloseRecv()

	// CloseNotify notifies the Receiver of recv being closed. This must not be
	// called while holding any endpoint locks.
	CloseNotify()

	// Readable returns if messages should be attempted to be received. This
	// includes when read has been shutdown.
	Readable() bool

	// RecvQueuedSize returns the total amount of data currently receivable.
	// RecvQueuedSize should return -1 if the operation isn't supported.
	RecvQueuedSize() int64

	// RecvMaxQueueSize returns maximum value for RecvQueuedSize.
	// RecvMaxQueueSize should return -1 if the operation isn't supported.
	RecvMaxQueueSize() int64

	// Release releases any resources owned by the Receiver. It should be
	// called before dropping all references to a Receiver.
	Release(ctx context.Context)
}

A Receiver can be used to receive Messages.

type RightsControlMessage

type RightsControlMessage interface {
	// Clone returns a copy of the RightsControlMessage.
	Clone() RightsControlMessage

	// Release releases any resources owned by the RightsControlMessage.
	Release(ctx context.Context)
}

A RightsControlMessage is a control message containing FDs.

+stateify savable

type SCMConnectedEndpoint

type SCMConnectedEndpoint struct {
	HostConnectedEndpoint
	// contains filtered or unexported fields
}

SCMConnectedEndpoint represents an endpoint backed by a host fd that was passed through a gofer Unix socket. It resembles HostConnectedEndpoint, with the following differences: - SCMConnectedEndpoint is not saveable, because the host cannot guarantee the same descriptor number across S/R. - SCMConnectedEndpoint holds ownership of its fd and notification queue.

func NewSCMEndpoint

func NewSCMEndpoint(hostFD int, queue *waiter.Queue, addr string) (*SCMConnectedEndpoint, *syserr.Error)

NewSCMEndpoint creates a new SCMConnectedEndpoint backed by a host fd that was passed through a Unix socket.

The caller is responsible for calling Init(). Additionaly, Release needs to be called twice because ConnectedEndpoint is both a Receiver and ConnectedEndpoint.

func (*SCMConnectedEndpoint) Init

func (e *SCMConnectedEndpoint) Init() error

Init will do the initialization required without holding other locks.

func (*SCMConnectedEndpoint) Release

func (e *SCMConnectedEndpoint) Release(ctx context.Context)

Release implements ConnectedEndpoint.Release and Receiver.Release.

type SCMRights

type SCMRights struct {
	FDs []int
}

SCMRights implements RightsControlMessage with host FDs.

func (*SCMRights) Clone

func (c *SCMRights) Clone() RightsControlMessage

Clone implements RightsControlMessage.Clone.

func (*SCMRights) Release

func (c *SCMRights) Release(ctx context.Context)

Release implements RightsControlMessage.Release.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL