diff options
author | Mithun Iyer <iyerm@google.com> | 2021-05-05 08:54:23 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-05-05 08:57:03 -0700 |
commit | 61615f3f152499609b76ec14107c35078611960e (patch) | |
tree | b638e8023399a04b89cb7e133d00afeba291d053 /pkg/sentry/mm/pma.go | |
parent | d924515b0991a3a14e0b0d7d21268eaed6fafb5b (diff) |
Fix a race in reading last seen ICMP error during handshake
On receiving an ICMP error during handshake, the error is propagated
by reading `endpoint.lastError`. This can race with the socket layer
invoking getsockopt() with SO_ERROR where the same value is read and
cleared, causing the handshake to bail out with a non-error state.
Fix the race by checking for lastError state and failing the
handshake with ErrConnectionAborted if the lastError was read and
cleared by say SO_ERROR.
The race mentioned in the bug, is caught only with the newly added
tcp_test unit test, where we have control over stopping/resuming
protocol loop. Adding a packetimpact test as well for sanity testing
of ICMP error handling during handshake.
Fixes #5922
PiperOrigin-RevId: 372135662
Diffstat (limited to 'pkg/sentry/mm/pma.go')
0 files changed, 0 insertions, 0 deletions