Automated rollback of changelist 407638912

PiperOrigin-RevId: 410665707
google · Nov 18, 2021 · ce194f2 · ce194f2
1 parent 4ab52f3
commit ce194f2
Show file tree

Hide file tree

Showing 29 changed files with 303 additions and 322 deletions.
diff --git a/pkg/sentry/fs/gofer/BUILD b/pkg/sentry/fs/gofer/BUILD
@@ -49,7 +49,6 @@ go_library(
         "//pkg/sentry/socket/unix/transport",
         "//pkg/sync",
         "//pkg/syserr",
-        "//pkg/tcpip",
         "//pkg/unet",
         "//pkg/usermem",
         "//pkg/waiter",

diff --git a/pkg/sentry/fs/gofer/socket.go b/pkg/sentry/fs/gofer/socket.go
@@ -23,7 +23,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/fs/host"
 	"gvisor.dev/gvisor/pkg/sentry/socket/unix/transport"
 	"gvisor.dev/gvisor/pkg/syserr"
-	"gvisor.dev/gvisor/pkg/tcpip"
 	"gvisor.dev/gvisor/pkg/waiter"
 )
 
@@ -96,7 +95,7 @@ func (e *endpoint) BidirectionalConnect(ctx context.Context, ce transport.Connec
 	}
 	if ce.Listening() {
 		ce.Unlock()
-		return tcpip.SyserrInvalidEndpointState
+		return syserr.ErrInvalidEndpointState
 	}
 
 	hostFile, err := e.file.Connect(cf)

diff --git a/pkg/sentry/fs/host/BUILD b/pkg/sentry/fs/host/BUILD
@@ -77,6 +77,7 @@ go_test(
         "//pkg/sentry/kernel/time",
         "//pkg/sentry/socket",
         "//pkg/sentry/socket/unix/transport",
+        "//pkg/syserr",
         "//pkg/tcpip",
         "//pkg/usermem",
         "//pkg/waiter",

diff --git a/pkg/sentry/fs/host/socket.go b/pkg/sentry/fs/host/socket.go
@@ -82,7 +82,7 @@ func (c *ConnectedEndpoint) init() *syserr.Error {
 
 	if family != unix.AF_UNIX {
 		// We only allow Unix sockets.
-		return tcpip.SyserrInvalidEndpointState
+		return syserr.ErrInvalidEndpointState
 	}
 
 	stype, err := unix.GetsockoptInt(c.file.FD(), unix.SOL_SOCKET, unix.SO_TYPE)
@@ -200,7 +200,7 @@ func (c *ConnectedEndpoint) Send(ctx context.Context, data [][]byte, controlMess
 	defer c.mu.RUnlock()
 
 	if !controlMessages.Empty() {
-		return 0, false, tcpip.SyserrInvalidEndpointState
+		return 0, false, syserr.ErrInvalidEndpointState
 	}
 
 	// Since stream sockets don't preserve message boundaries, we can write

diff --git a/pkg/sentry/fs/host/socket_test.go b/pkg/sentry/fs/host/socket_test.go
@@ -25,6 +25,7 @@ import (
 	ktime "gvisor.dev/gvisor/pkg/sentry/kernel/time"
 	"gvisor.dev/gvisor/pkg/sentry/socket"
 	"gvisor.dev/gvisor/pkg/sentry/socket/unix/transport"
+	"gvisor.dev/gvisor/pkg/syserr"
 	"gvisor.dev/gvisor/pkg/tcpip"
 	"gvisor.dev/gvisor/pkg/usermem"
 	"gvisor.dev/gvisor/pkg/waiter"
@@ -177,11 +178,11 @@ func TestListen(t *testing.T) {
 	socket2 := sfile2.FileOperations.(socket.Socket)
 
 	// Socketpairs can not be listened to.
-	if err := socket1.Listen(nil, 64); err != tcpip.SyserrInvalidEndpointState {
-		t.Fatalf("socket1.Listen(nil, 64) => %v, want tcpip.SyserrInvalidEndpointState", err)
+	if err := socket1.Listen(nil, 64); err != syserr.ErrInvalidEndpointState {
+		t.Fatalf("socket1.Listen(nil, 64) => %v, want syserr.ErrInvalidEndpointState", err)
 	}
-	if err := socket2.Listen(nil, 64); err != tcpip.SyserrInvalidEndpointState {
-		t.Fatalf("socket2.Listen(nil, 64) => %v, want tcpip.SyserrInvalidEndpointState", err)
+	if err := socket2.Listen(nil, 64); err != syserr.ErrInvalidEndpointState {
+		t.Fatalf("socket2.Listen(nil, 64) => %v, want syserr.ErrInvalidEndpointState", err)
 	}
 
 	// Create a Unix socket, do not bind it.
@@ -197,8 +198,8 @@ func TestListen(t *testing.T) {
 	socket3 := sfile3.FileOperations.(socket.Socket)
 
 	// This socket is not bound so we can't listen on it.
-	if err := socket3.Listen(nil, 64); err != tcpip.SyserrInvalidEndpointState {
-		t.Fatalf("socket3.Listen(nil, 64) => %v, want tcpip.SyserrInvalidEndpointState", err)
+	if err := socket3.Listen(nil, 64); err != syserr.ErrInvalidEndpointState {
+		t.Fatalf("socket3.Listen(nil, 64) => %v, want syserr.ErrInvalidEndpointState", err)
 	}
 }
 

diff --git a/pkg/sentry/fsimpl/gofer/BUILD b/pkg/sentry/fsimpl/gofer/BUILD
@@ -82,7 +82,6 @@ go_library(
         "//pkg/sentry/vfs",
         "//pkg/sync",
         "//pkg/syserr",
-        "//pkg/tcpip",
         "//pkg/unet",
         "//pkg/usermem",
         "//pkg/waiter",

diff --git a/pkg/sentry/fsimpl/gofer/socket.go b/pkg/sentry/fsimpl/gofer/socket.go
@@ -23,7 +23,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/fsimpl/host"
 	"gvisor.dev/gvisor/pkg/sentry/socket/unix/transport"
 	"gvisor.dev/gvisor/pkg/syserr"
-	"gvisor.dev/gvisor/pkg/tcpip"
 	"gvisor.dev/gvisor/pkg/waiter"
 )
 
@@ -70,7 +69,7 @@ func (e *endpoint) BidirectionalConnect(ctx context.Context, ce transport.Connec
 	}
 	if ce.Listening() {
 		ce.Unlock()
-		return tcpip.SyserrInvalidEndpointState
+		return syserr.ErrInvalidEndpointState
 	}
 
 	c, err := e.newConnectedEndpoint(ctx, ce.Type(), ce.WaiterQueue())

diff --git a/pkg/sentry/fsimpl/host/socket.go b/pkg/sentry/fsimpl/host/socket.go
@@ -97,7 +97,7 @@ func (c *ConnectedEndpoint) initFromOptions() *syserr.Error {
 
 	if family != unix.AF_UNIX {
 		// We only allow Unix sockets.
-		return tcpip.SyserrInvalidEndpointState
+		return syserr.ErrInvalidEndpointState
 	}
 
 	stype, err := unix.GetsockoptInt(c.fd, unix.SOL_SOCKET, unix.SO_TYPE)
@@ -147,7 +147,7 @@ func (c *ConnectedEndpoint) Send(ctx context.Context, data [][]byte, controlMess
 	defer c.mu.RUnlock()
 
 	if !controlMessages.Empty() {
-		return 0, false, tcpip.SyserrInvalidEndpointState
+		return 0, false, syserr.ErrInvalidEndpointState
 	}
 
 	// Since stream sockets don't preserve message boundaries, we can write

diff --git a/pkg/sentry/socket/netfilter/netfilter.go b/pkg/sentry/socket/netfilter/netfilter.go
@@ -289,7 +289,7 @@ func SetEntries(task *kernel.Task, stk *stack.Stack, optVal []byte, ipv6 bool) *
 	// - There are no chains without an unconditional final rule.
 	// - There are no chains without an unconditional underflow rule.
 
-	return tcpip.TranslateNetstackError(stk.IPTables().ReplaceTable(nameToID[replace.Name.String()], table, ipv6))
+	return syserr.TranslateNetstackError(stk.IPTables().ReplaceTable(nameToID[replace.Name.String()], table, ipv6))
 }
 
 // parseMatchers parses 0 or more matchers from optVal. optVal should contain

diff --git a/pkg/sentry/socket/netlink/provider.go b/pkg/sentry/socket/netlink/provider.go
@@ -23,7 +23,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/kernel"
 	"gvisor.dev/gvisor/pkg/sentry/socket"
 	"gvisor.dev/gvisor/pkg/syserr"
-	"gvisor.dev/gvisor/pkg/tcpip"
 )
 
 // Protocol is the implementation of a netlink socket protocol.
@@ -105,7 +104,7 @@ func (*socketProvider) Socket(t *kernel.Task, stype linux.SockType, protocol int
 // Pair implements socket.Provider.Pair by returning an error.
 func (*socketProvider) Pair(*kernel.Task, linux.SockType, int) (*fs.File, *fs.File, *syserr.Error) {
 	// Netlink sockets never supports creating socket pairs.
-	return nil, nil, tcpip.SyserrNotSupported
+	return nil, nil, syserr.ErrNotSupported
 }
 
 // LINT.ThenChange(./provider_vfs2.go)

diff --git a/pkg/sentry/socket/netlink/provider_vfs2.go b/pkg/sentry/socket/netlink/provider_vfs2.go
@@ -20,7 +20,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/kernel"
 	"gvisor.dev/gvisor/pkg/sentry/vfs"
 	"gvisor.dev/gvisor/pkg/syserr"
-	"gvisor.dev/gvisor/pkg/tcpip"
 )
 
 // socketProviderVFS2 implements socket.Provider.
@@ -67,5 +66,5 @@ func (*socketProviderVFS2) Socket(t *kernel.Task, stype linux.SockType, protocol
 // Pair implements socket.Provider.Pair by returning an error.
 func (*socketProviderVFS2) Pair(*kernel.Task, linux.SockType, int) (*vfs.FileDescription, *vfs.FileDescription, *syserr.Error) {
 	// Netlink sockets never supports creating socket pairs.
-	return nil, nil, tcpip.SyserrNotSupported
+	return nil, nil, syserr.ErrNotSupported
 }
diff --git a/pkg/sentry/socket/netlink/route/BUILD b/pkg/sentry/socket/netlink/route/BUILD
@@ -17,7 +17,6 @@ go_library(
         "//pkg/sentry/kernel/auth",
         "//pkg/sentry/socket/netlink",
         "//pkg/syserr",
-        "//pkg/tcpip",
         "@org_golang_x_sys//unix:go_default_library",
     ],
 )
diff --git a/pkg/sentry/socket/netlink/route/protocol.go b/pkg/sentry/socket/netlink/route/protocol.go
@@ -27,7 +27,6 @@ import (
 	"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
 	"gvisor.dev/gvisor/pkg/sentry/socket/netlink"
 	"gvisor.dev/gvisor/pkg/syserr"
-	"gvisor.dev/gvisor/pkg/tcpip"
 )
 
 // commandKind describes the operational class of a message type.
@@ -361,7 +360,7 @@ func parseForDestination(msg *netlink.Message) ([]byte, *syserr.Error) {
 	// commit bc234301af12. Note we don't check this flag for backward
 	// compatibility.
 	if rtMsg.Flags != 0 && rtMsg.Flags != linux.RTM_F_LOOKUP_TABLE {
-		return nil, tcpip.SyserrNotSupported
+		return nil, syserr.ErrNotSupported
 	}
 
 	// Expect first attribute is RTA_DST.
@@ -394,15 +393,15 @@ func (p *Protocol) dumpRoutes(ctx context.Context, msg *netlink.Message, ms *net
 		route, err := fillRoute(routeTables, dst)
 		if err != nil {
 			// TODO(gvisor.dev/issue/1237): return NLMSG_ERROR with ENETUNREACH.
-			return tcpip.SyserrNotSupported
+			return syserr.ErrNotSupported
 		}
 		routeTables = append([]inet.Route{}, route)
 	} else if hdr.Flags&linux.NLM_F_DUMP == linux.NLM_F_DUMP {
 		// We always send back an NLMSG_DONE.
 		ms.Multi = true
 	} else {
 		// TODO(b/68878065): Only above cases are supported.
-		return tcpip.SyserrNotSupported
+		return syserr.ErrNotSupported
 	}
 
 	for _, rt := range routeTables {
@@ -490,7 +489,7 @@ func (p *Protocol) newAddr(ctx context.Context, msg *netlink.Message, ms *netlin
 			}
 		case linux.IFA_ADDRESS:
 		default:
-			return tcpip.SyserrNotSupported
+			return syserr.ErrNotSupported
 		}
 	}
 	return nil
@@ -531,11 +530,11 @@ func (p *Protocol) delAddr(ctx context.Context, msg *netlink.Message, ms *netlin
 				Addr:      value,
 			})
 			if err != nil {
-				return tcpip.SyserrBadLocalAddress
+				return syserr.ErrBadLocalAddress
 			}
 		case linux.IFA_ADDRESS:
 		default:
-			return tcpip.SyserrNotSupported
+			return syserr.ErrNotSupported
 		}
 	}
 
@@ -573,7 +572,7 @@ func (p *Protocol) ProcessMessage(ctx context.Context, msg *netlink.Message, ms
 		case linux.RTM_GETROUTE:
 			return p.dumpRoutes(ctx, msg, ms)
 		default:
-			return tcpip.SyserrNotSupported
+			return syserr.ErrNotSupported
 		}
 	} else if hdr.Flags&linux.NLM_F_REQUEST == linux.NLM_F_REQUEST {
 		switch hdr.Type {
@@ -588,10 +587,10 @@ func (p *Protocol) ProcessMessage(ctx context.Context, msg *netlink.Message, ms
 		case linux.RTM_DELADDR:
 			return p.delAddr(ctx, msg, ms)
 		default:
-			return tcpip.SyserrNotSupported
+			return syserr.ErrNotSupported
 		}
 	}
-	return tcpip.SyserrNotSupported
+	return syserr.ErrNotSupported
 }
 
 // init registers the NETLINK_ROUTE provider.

diff --git a/pkg/sentry/socket/netlink/socket.go b/pkg/sentry/socket/netlink/socket.go
@@ -312,19 +312,19 @@ func (s *socketOpsCommon) Connect(t *kernel.Task, sockaddr []byte, blocking bool
 // Accept implements socket.Socket.Accept.
 func (s *socketOpsCommon) Accept(t *kernel.Task, peerRequested bool, flags int, blocking bool) (int32, linux.SockAddr, uint32, *syserr.Error) {
 	// Netlink sockets never support accept.
-	return 0, nil, 0, tcpip.SyserrNotSupported
+	return 0, nil, 0, syserr.ErrNotSupported
 }
 
 // Listen implements socket.Socket.Listen.
 func (s *socketOpsCommon) Listen(t *kernel.Task, backlog int) *syserr.Error {
 	// Netlink sockets never support listen.
-	return tcpip.SyserrNotSupported
+	return syserr.ErrNotSupported
 }
 
 // Shutdown implements socket.Socket.Shutdown.
 func (s *socketOpsCommon) Shutdown(t *kernel.Task, how int) *syserr.Error {
 	// Netlink sockets never support shutdown.
-	return tcpip.SyserrNotSupported
+	return syserr.ErrNotSupported
 }
 
 // GetSockOpt implements socket.Socket.GetSockOpt.