Age | Commit message (Collapse) | Author |
|
This is purely moving code, no changes. netfilter.go is cluttered and targets.go
is a good place for this.
#3549
PiperOrigin-RevId: 325879965
|
|
PiperOrigin-RevId: 325861904
|
|
Running garbage collection enqueues all finalizers, which are used by the
refs/refs_vfs2 packages to detect reference leaks. Note that even with GC,
there is no guarantee that all finalizers will be run before the program exits.
This is a best effort attempt to activate leak checks as much as possible.
Updates #3545.
PiperOrigin-RevId: 325834438
|
|
Packets MUST NOT use a non-unicast source address for ICMP
Echo Replies.
Test: integration_test.TestPingMulticastBroadcast
PiperOrigin-RevId: 325634380
|
|
It indicates that the Sentry has changed the state of the thread and
next calls of PullFullState() has to do nothing.
PiperOrigin-RevId: 325567415
|
|
Earlier we were using NLink to decide if /tmp is empty or not. However, NLink
at best tells us about the number of subdirectories (via the ".." entries).
NLink = n + 2 for n subdirectories. But it does not tell us if the directory is
empty. There still might be non-directory files. We could also not rely on
NLink because host overlayfs always returned 1.
VFS1 uses Readdir to decide if the directory is empty. Used a similar approach.
We now use IterDirents to decide if the "/tmp" directory is empty.
Fixes #3369
PiperOrigin-RevId: 325554234
|
|
PiperOrigin-RevId: 325546935
|
|
PiperOrigin-RevId: 325546629
|
|
PiperOrigin-RevId: 325546308
|
|
These files have been deleted by cl/324775563.
PiperOrigin-RevId: 325543067
|
|
PiperOrigin-RevId: 325531657
|
|
Remove the old benchmark-tools directory, including
imports in the WORKSPACE file and associated bazel rules.
The new Golang benchmark-tools can be found at //test/benchmarks
and it is functionally equivalent, excepting syscall_test
which can be found in //test/perf/linux.
PiperOrigin-RevId: 325529075
|
|
When a Neighbor Solicitation is received, a neighbor entry is created with the
remote host's link layer address, but without a link layer address resolver. If
the host decides to send a packet addressed to the IP address of that neighbor
entry, Address Resolution starts with a nil pointer to the link layer address
resolver. This causes the netstack to panic and crash.
This change ensures that when a packet is sent in that situation, the link
layer address resolver will be set before Address Resolution begins.
Tests:
pkg/tcpip/stack:stack_test
+ TestEntryUnknownToStaleToProbeToReachable
- TestNeighborCacheEntryNoLinkAddress
Updates #1889
Updates #1894
Updates #1895
Updates #1947
Updates #1948
Updates #1949
Updates #1950
PiperOrigin-RevId: 325516471
|
|
PiperOrigin-RevId: 325500772
|
|
PiperOrigin-RevId: 325497346
|
|
It was changed in the Linux kernel:
commit f0628c524fd188c3f9418e12478dfdfadacba815
Date: Fri Apr 24 16:06:16 2020 +0800
net: Replace the limit of TCP_LINGER2 with TCP_FIN_TIMEOUT_MAX
PiperOrigin-RevId: 325493859
|
|
PiperOrigin-RevId: 325490674
|
|
PiperOrigin-RevId: 325481011
|
|
PiperOrigin-RevId: 325472312
|
|
PiperOrigin-RevId: 325388385
|
|
Updates #1198
PiperOrigin-RevId: 325350818
|
|
|
|
PiperOrigin-RevId: 325280924
|
|
The utility has several differences from the VFS1 equivalent:
- There are no weak references, which have a significant overhead
- In order to print useful debug messages with the type of the reference-
counted object, we use a generic Refs object with the owner type as a
template parameter. In vfs1, this was accomplished by storing a type name
and caller stack directly in the ref count (as in vfs1), which increases the
struct size by 6x. (Note that the caller stack was needed because fs types
like Dirent were shared by all fs implementations; in vfs2, each impl has
its own data structures, so this is no longer necessary.)
Updates #1486.
PiperOrigin-RevId: 325271469
|
|
PiperOrigin-RevId: 325269275
|
|
test_httplib was un-excluded in cl/325137657. Exclude it again.
test_httplib fails consistently when running in a kokoro job. Could not repro
with Docker.
There are some java tests that pass locally on Docker but fail when running
within a kokoro job.
Also make shard count a multiple of 8 to minimize idle cores and minimize test
time.
PiperOrigin-RevId: 325267071
|
|
PiperOrigin-RevId: 325266487
|
|
Test:
- stack_test.TestJoinLeaveMulticastOnNICEnableDisable
- integration_test.TestIncomingMulticastAndBroadcast
PiperOrigin-RevId: 325185259
|
|
/proc/sys/net/ipv4/tcp_recovery is used to enable RACK loss
recovery in TCP.
PiperOrigin-RevId: 325157807
|
|
When a directory is replaced by a rename operation, its link count should
reach zero. We were missing the link from `dir/.`
PiperOrigin-RevId: 325141730
|
|
- un-exclude passing tests to increase testing surface.
- create/update bugs for tests that fail on runsc but pass on runc.
PiperOrigin-RevId: 325137657
|
|
Test: integration_test.TestIncomingSubnetBroadcast
PiperOrigin-RevId: 325135617
|
|
PiperOrigin-RevId: 325122849
|
|
Updates #231
PiperOrigin-RevId: 325097683
|
|
craig08:fuse-integration-test-fix-connection-refused
PiperOrigin-RevId: 325080329
|
|
Also removes `--profile-goroutine` because it's equivalent
to `debug --stacks`.
PiperOrigin-RevId: 325061502
|
|
PiperOrigin-RevId: 325045486
|
|
This was discovered by syzkaller.
PiperOrigin-RevId: 325025193
|
|
RACK (Recent Acknowledgement) is a new loss detection
algorithm in TCP. These are the fields which should be
stored on connections to implement RACK algorithm.
PiperOrigin-RevId: 324948703
|
|
This required minor fixes to the bazel wrapper. The "dut_platform" is
also changed to "native" to line-up with the system call tests and
remove the hard-coded "linux" and "netstack" strings.
|
|
Discovered by syzkaller.
PiperOrigin-RevId: 324938438
|
|
Go compiler barely inlines anything, so inline by hand
pwriteLocked since it's called from a single place.
PiperOrigin-RevId: 324937734
|
|
PiperOrigin-RevId: 324931854
|
|
PiperOrigin-RevId: 324923599
|
|
PiperOrigin-RevId: 324918229
|
|
The loader dup's stdio FD into stable FD's starting at a fixed
number. During tests, it's possible that the target FD is already
in use. Added check to error early so it's easier to debug failures.
Also bumped up the starting FD number to prevent collisions.
PiperOrigin-RevId: 324917299
|
|
This will help manage memory consumption by IP reassembly when
receiving IP fragments on multiple network endpoints. Previously,
each endpoint would cap memory consumption at 4MB, but with this
change, each IP stack will cap memory consumption at 4MB.
No behaviour changes.
PiperOrigin-RevId: 324913904
|
|
The utility has several differences from the VFS1 equivalent:
- There are no weak references, which have a significant overhead
- In order to print useful debug messages with the type of the reference-
counted object, we use a generic Refs object with the owner type as a
template parameter. In vfs1, this was accomplished by storing a type name
and caller stack directly in the ref count (as in vfs1), which increases the
struct size by 6x. (Note that the caller stack was needed because fs types
like Dirent were shared by all fs implementations; in vfs2, each impl has
its own data structures, so this is no longer necessary.)
As an example, the utility is added to tmpfs.inode.
Updates #1486.
PiperOrigin-RevId: 324906582
|
|
The newer version of FUSE_INIT checks the response from the FUSE server
if its major number is equal to 7. If it's not, then FUSE_INIT fails and
further filesystem operations will get ECONNREFUSED. To mitigate this
issue, we can send back a response with major version equals to 7 when
consuming the first FUSE_INIT request.
Fixes #3500
|
|
PiperOrigin-RevId: 324877577
|