Age | Commit message (Collapse) | Author |
|
TCP, in CLOSE-WAIT state, MUST return ACK with proper SEQ and ACK numbers after
recv a seg with OTW SEQ or unacc ACK number, and remain in same state. If the
connection is in a synchronized state, any unacceptable segment (out of window
sequence number or unacceptable acknowledgment number) must elicit only an empty
acknowledgment segment containing the current send-sequence number and an
acknowledgment indicating the next sequence number expected to be received, and
the connection remains in the same state.
PiperOrigin-RevId: 306897984
|
|
PiperOrigin-RevId: 306891171
|
|
The tests are based on RFC 793 page 69.
Updates #1607
PiperOrigin-RevId: 306768847
|
|
PiperOrigin-RevId: 306726587
|
|
Removed the TODO to use netlink.
PiperOrigin-RevId: 306721468
|
|
Rather than have a struct for the state of each type of connection, such as
TCP/IPv4, UDP/IPv4, TCP/IPv6, etc, have a state for each layer, such as UDP,
TCP, IPv4, IPv6. Those states can be composed into connections.
Tested:
Existing unit tests still pass/fail as expected.
PiperOrigin-RevId: 306703180
|
|
PiperOrigin-RevId: 306677789
|
|
Remove useless casts and duplicate return statements.
PiperOrigin-RevId: 306627916
|
|
Attempt to redeliver TCP segments that are enqueued into a closing
TCP endpoint. This was being done for Established endpoints but not
for those that are listening or performing connection handshake.
Fixes #2417
PiperOrigin-RevId: 306598155
|
|
Tests now use a MinRTO of 3s instead of default 200ms. This reduced flakiness in
a lot of the congestion control/recovery tests which were flaky due to
retransmit timer firing too early in case the test executors were overloaded.
This change also bumps some of the timeouts in tests which were too sensitive to
timer variations and reduces the number of slow start iterations which can
make the tests run for too long and also trigger retansmit timeouts etc if
the executor is overloaded.
PiperOrigin-RevId: 306562645
|
|
As per RFC 7217 section 6, attempt to regenerate IPv6 SLAAC address in response
to a DAD conflict if the address was generated with an opaque IID as outlined in
RFC 7217 section 5.
Test:
- stack_test.TestAutoGenAddrWithOpaqueIIDDADRetries
- stack_test.TestAutoGenAddrWithEUI64IIDNoDADRetries
- stack_test.TestAutoGenAddrContinuesLifetimesAfterRetry
PiperOrigin-RevId: 306555645
|
|
- Use the fs.File, rather than the vfs.FileDescription, in the VFS1 version.
- Check for a nil fs.File/vfs.FileDescription before calling DecRef, which is
possible if a racing dup2() or dup3() replaces the file descriptor between
when it is installed and when it is returned. (This is not possible in Linux
because Linux separates allocation of a file descriptor from binding an
allocated file descriptor to a struct file, and dup2/dup3 return EBUSY if
asked to replace an allocated but unbound file descriptor.)
PiperOrigin-RevId: 306517101
|
|
Needed for PipeTest_Flags: files opened by open() and openat() get O_LARGEFILE
(on architectures with 64-bit off_t), but not FDs created by other syscalls
such as pipe().
Updates #1035
PiperOrigin-RevId: 306504788
|
|
PiperOrigin-RevId: 306477639
|
|
TCP, in ESTABLISHED state, SHOULD piggyback acknowledgement with a segment being
transmitted (whenever possible) without incurring undue delay
PiperOrigin-RevId: 306474550
|
|
PiperOrigin-RevId: 306432289
|
|
Add Sniffer.Drain() which drains the socket's receive buffer by temporarily
setting the socket to non-blocking, and receiving in a loop until EINTR,
EWOULDBLOCK or EAGAIN. This method should be used when long periods of time
elapses without receiving on the socket, because uninteresting packets may have
piled up in the receive buffer, filling it up and causing packets critical to
test operation to be dropped.
PiperOrigin-RevId: 306380480
|
|
PiperOrigin-RevId: 306348346
|
|
The work being done in these threads is not asynchronous with respect to
the test; that is, it is equivalent to issue non-blocking `connect`
calls serially, since the work is done asynchronously with respect to
the caller. Futhermore, this test was added to test closing a listener
with completed but not delivered connections, which never required
threading in the first place.
PiperOrigin-RevId: 306339486
|
|
PiperOrigin-RevId: 306306809
|
|
PiperOrigin-RevId: 306306494
|
|
PiperOrigin-RevId: 306303148
|
|
PiperOrigin-RevId: 306300032
|
|
Note that most kinds of sockets are not yet supported in VFS2
(only Unix sockets are partially supported at the moment), so
these syscalls will still generally fail. Enabling them allows
us to begin running socket tests for VFS2 as more features are
ported over.
Updates #1476, #1478, #1484, #1485.
PiperOrigin-RevId: 306292294
|
|
PiperOrigin-RevId: 306289643
|
|
The comments in the ticket indicate that this behavior
is fine and that the ticket should be closed, so we shouldn't
need pointers to the ticket.
PiperOrigin-RevId: 306266071
|
|
PiperOrigin-RevId: 306263615
|
|
This makes the code shorter and less repetitive.
TESTED:
All unit tests still pass.
PiperOrigin-RevId: 306161475
|
|
Tested:
Looked at output of failing tests.
PiperOrigin-RevId: 306031407
|
|
noNewPrivileges is ignored if set to false since gVisor assumes that
PR_SET_NO_NEW_PRIVS is always enabled.
PiperOrigin-RevId: 305991947
|
|
As in VFS1, we only support the user.* namespace. Plumbing is added to tmpfs
and goferfs.
Note that because of the slightly different order of checks between VFS2 and
Linux, one of the xattr tests needs to be relaxed slightly.
Fixes #2363.
PiperOrigin-RevId: 305985121
|
|
The sentry doesn't allow execve, but it's a good defense
in-depth measure.
PiperOrigin-RevId: 305958737
|
|
PiperOrigin-RevId: 305944892
|
|
PiperOrigin-RevId: 305940483
|
|
PiperOrigin-RevId: 305927989
|
|
PiperOrigin-RevId: 305922105
|
|
Continues the modifications in cl/272963663. This prevents non-syscall errors
from being propogated to kernel/task_syscall.go:ExtractErrno(), which causes a
sentry panic.
PiperOrigin-RevId: 305913127
|
|
The dependency strace=>kernel grew over time. strace also depends on
task's FD table and FSContext. It could be fixed with some interfaces
the other way, but then we're trading an interface for another, and
kernel.Stracer is likely cleaner.
Closes #155
PiperOrigin-RevId: 305909678
|
|
PiperOrigin-RevId: 305879441
|
|
It was added in cl/201419897 to deflake
socket_ip_tcp_loopback_non_blocking_test_gvisor.
It seems we don't need this hack, because the origin issue isn't
reproducible without this hack.
PiperOrigin-RevId: 305871748
|
|
PiperOrigin-RevId: 305807868
|
|
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Change-Id: I5bb8fa7d580d173b1438d6465e1adb442216c8fa
|
|
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Change-Id: I033692bcf4f8139df29e369a12b150d10fccbe32
|
|
Better validate NDP NS messages and their options before doing work in
response to them. Also make sure that NA messages sent in response to
an NS use the correct IPv6 and link-layer addresses so they are
routed properly and received by the right node.
Test: stack_test.TestNeighorSolicitationResponse
PiperOrigin-RevId: 305799054
|
|
This should fix panic at aio callback.
PiperOrigin-RevId: 305798549
|
|
PiperOrigin-RevId: 305794509
|
|
Closes #2393
PiperOrigin-RevId: 305793027
|
|
Block and drain requests in io_destroy(2).
Note the reason to create read-only mapping.
PiperOrigin-RevId: 305786312
|
|
PiperOrigin-RevId: 305782490
|
|
It seems no longer necessary.
PiperOrigin-RevId: 305758572
|