| Age | Commit message (Collapse) | Author |
|---|
|
|
|
PiperOrigin-RevId: 356868412
|
|
|
|
TestRACKWithDuplicateACK is flaky as the reorder window can expire before
receiving three duplicate ACKs which will result in sending the first
unacknowledged segment twice: when reorder timer expired and again after
receiving the third duplicate ACK.
This CL will fix this behavior and will not resend the segment again if it was
already re-transmittted when reorder timer expired.
Update the TestRACKWithDuplicateACK to test that the first segment is
considered as lost and is re-transmitted.
PiperOrigin-RevId: 356855168
|
|
|
|
Linux does the same thing.
Reported-by: syzbot+6c79385c930c929d1d9e@syzkaller.appspotmail.com
PiperOrigin-RevId: 356854562
|
|
|
|
PiperOrigin-RevId: 356852625
|
|
|
|
PiperOrigin-RevId: 356843249
|
|
|
|
Deflake this test by retransmitting the ACK and retrying RST
expectation after the supposed state transition to CLOSED.
This gives time for the state transition to complete.
Without such a retransmit from the test, the ACK could get silently
dropped by the listener when the passively connecting endpoint
has not yet completely updated the state (in gVisor this would be
endpoint state and decrement of synRcvdCount).
PiperOrigin-RevId: 356825562
|
|
|
|
PiperOrigin-RevId: 356807933
|
|
|
|
PiperOrigin-RevId: 356784956
|
|
|
|
PiperOrigin-RevId: 356772367
|
|
|
|
PiperOrigin-RevId: 356762859
|
|
|
|
The limits for snd/rcv buffers for unix domain socket is controlled by the
following sysctls on linux
- net.core.rmem_default
- net.core.rmem_max
- net.core.wmem_default
- net.core.wmem_max
Today in gVisor we do not expose these sysctls but we do support setting the
equivalent in netstack via stack.Options() method. But AF_UNIX sockets in gVisor
can be used without netstack, with hostinet or even without any networking stack
at all. Which means ideally these sysctls need to live as globals in gVisor.
But rather than make this a big change for now we hardcode the limits in the
AF_UNIX implementation itself (which in itself is better than where we were
before) where it SO_SNDBUF was hardcoded to 16KiB. Further we bump the initial
limit to a default value of 208 KiB to match linux from the paltry 16 KiB we use
today.
Updates #5132
PiperOrigin-RevId: 356665498
|
|
|
|
The test will sometimes fail on Bind calls using the old RPCTimeout.
PiperOrigin-RevId: 356646668
|
|
|
|
PiperOrigin-RevId: 356645022
|
|
|
|
PiperOrigin-RevId: 356624256
|
|
|
|
PiperOrigin-RevId: 356587965
|
|
|
|
Utilities written to be common across IPv4/IPv6 are not planned to be
available for public use.
https://golang.org/doc/go1.4#internalpackages
PiperOrigin-RevId: 356554862
|
|
|
|
... as per RFC 7048. The Failed state is an internal state that is not
specified by any RFC; replacing it with the Unreachable state enables us to
expose this state while keeping our terminology consistent with RFC 4861 and
RFC 7048.
Unreachable state replaces all internal references for Failed state. However
unlike the Failed state, change events are dispatched when moving into
Unreachable state. This gives developers insight into whether a neighbor entry
failed address resolution or whether it was explicitly removed.
The Failed state will be removed entirely once all references to it are
removed. This is done to avoid a Fuchsia roll failure.
Updates #4667
PiperOrigin-RevId: 356554104
|
|
|
|
PiperOrigin-RevId: 356536548
|
|
|
|
Reported-by: syzbot+9ffc71246fe72c73fc25@syzkaller.appspotmail.com
PiperOrigin-RevId: 356536113
|
|
|
|
PiperOrigin-RevId: 356450303
|
|
|
|
IPv4 forwarding and reassembly needs support for option processing
and regular processing also needs options to be processed before
being passed to the transport layer. This patch extends option processing
to those cases and provides additional testing. A small change to the ICMP
error generation API code was required to allow it to know when a packet was
being forwarded or not.
Updates #4586
PiperOrigin-RevId: 356446681
|
|
|
|
The thing the lock protects will never be accessed concurrently.
PiperOrigin-RevId: 356423331
|
|
|
|
We previously return EINVAL when connecting to port 0, however this is not the
observed behavior on Linux. One of the observable effects after connecting to
port 0 on Linux is that getpeername() will fail with ENOTCONN.
PiperOrigin-RevId: 356413451
|
|
|
|
Reported-by: syzbot+d54bc27a15aefe52c330@syzkaller.appspotmail.com
PiperOrigin-RevId: 356406975
|
|
|
|
...as long as the network protocol supports duplicate address detection.
This CL provides the facilities for a netstack integrator to perform
DAD.
DHCP recommends that clients effectively perform DAD before accepting an
offer. As per RFC 2131 section 4.4.1 pg 38,
The client SHOULD perform a check on the suggested address to ensure
that the address is not already in use. For example, if the client
is on a network that supports ARP, the client may issue an ARP request
for the suggested request.
The implementation of ARP-based IPv4 DAD effectively operates the same
as IPv6's NDP DAD - using ARP requests and responses in place of
NDP neighbour solicitations and advertisements, respectively.
DAD performed by calls to (*Stack).CheckDuplicateAddress don't interfere
with DAD performed when a new IPv6 address is added. This is so that
integrator requests to check for duplicate addresses aren't unexpectedly
aborted when addresses are removed.
A network package internal package provides protocol agnostic DAD state
management that specific protocols that provide DAD can use.
Fixes #4550.
Tests:
- internal/ip_test.*
- integration_test.TestDAD
- arp_test.TestDADARPRequestPacket
- ipv6.TestCheckDuplicateAddress
PiperOrigin-RevId: 356405593
|
