summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-01-24FAQ.md: fix kubeadm init instructionsIgor Beliakov
The current version of FAQ.md contains an incorrect example of how to instruct kubelet to prefer containerd over docker. More specifically, it refers to a non-existent `--cni-socket` flag whereas it should have been `--cri-socket`. The suggested PR fixes that.
2021-01-22Detect failures in forked functionFabricio Voznika
EXPECT*/ASSERT* functions are not async-signal-safe and should not be called from the function passed to InForkedProcess. However, these happen accidentally sometimes but do no cause InForkedProcess to fail. Detect and notify in such cases. PiperOrigin-RevId: 353354540
2021-01-22Update containerd minimal versionFabricio Voznika
PiperOrigin-RevId: 353340554
2021-01-22Refactor GetMainNICAddressArthur Sfez
It previously returned an error but it could only be UnknownNICID. It now returns a boolean to indicate whether the nic exists or not. PiperOrigin-RevId: 353337489
2021-01-22Do not modify IGMP packets when verifying checksumGhanan Gowripalan
PiperOrigin-RevId: 353336894
2021-01-22Pass RouteInfo to the route resolve callbackGhanan Gowripalan
The route resolution callback will be called with a stack.ResolvedFieldsResult which will hold the route info so callers can avoid attempting resolution again to check if a previous resolution attempt succeeded or not. Test: integration_test.TestRouteResolvedFields PiperOrigin-RevId: 353319019
2021-01-22Implement F_GETLK fcntl.Dean Deng
Fixes #5113. PiperOrigin-RevId: 353313374
2021-01-22Define tcpip.Payloader in terms of io.ReaderTamir Duberstein
Fixes #1509. PiperOrigin-RevId: 353295589
2021-01-22Add tests for RACKNayana Bidari
- Added packetimpact tests for RACK. PiperOrigin-RevId: 353282342
2021-01-22Avoid atomic operations in kcov processing.Dean Deng
Atomic operations here significantly slow down gVisor builds with kcov/coverage enabled. Also mark these functions go:norace to avoid complaints from the race detector. PiperOrigin-RevId: 353281865
2021-01-22Add initial mitigate code and cpu parsing.Zach Koopmans
PiperOrigin-RevId: 353274135
2021-01-22Remove dependency to abi/linuxFabricio Voznika
abi package is to be used by the Sentry to implement the Linux ABI. Code dealing with the host should use x/sys/unix. PiperOrigin-RevId: 353272679
2021-01-22Fix TestDuplicateEnvVariable flakynessFabricio Voznika
Updates #5226 PiperOrigin-RevId: 353262133
2021-01-22[infra] Fix Build Github action failure.Ayush Ranjan
The GH Build action has been failing with the error message: ``` --- BUILD -c opt //runsc tee: /proc/self/fd/2: No such device or address ``` tee /dev/fd/2 seems to be the canonical way of copying stdin to stderr. So use that instead. PiperOrigin-RevId: 353259087
2021-01-21Resolve static link addresses in GetLinkAddressGhanan Gowripalan
If a network address has a static mapping to a link address, calculate it in GetLinkAddress. Test: stack_test.TestStaticGetLinkAddress PiperOrigin-RevId: 353179616
2021-01-21iptables: support matching the input interface nameToshi Kikuchi
We have support for the output interface name, but not for the input interface name. This change adds the support for the input interface name, and adds the test cases for it. Fixes #5300 PiperOrigin-RevId: 353179389
2021-01-21Syscall docs updateIan Lewis
- Moves the id to the <tr> tag so that the page aligns properly when using an anchor. - Makes the syscall number a link to the anchor. - Fixes some broken links to syscalls without man pages. PiperOrigin-RevId: 353159903
2021-01-21Only use callback for GetLinkAddressGhanan Gowripalan
GetLinkAddress's callback will be called immediately with a stack.LinkResolutionResult which will hold the link address so no need to also return the link address from the function. Fixes #5151. PiperOrigin-RevId: 353157857
2021-01-21Do not cache remote link address in RouteGhanan Gowripalan
...unless explicitly requested via ResolveWith. Remove cancelled channels from pending packets as we can use the link resolution channel in a FIFO to limit the number of maximum pending resolutions we should queue packets for. This change also defers starting the goroutine that handles link resolution completion to when link resolution succeeds, fails or gets cancelled due to the max number of pending resolutions being reached. Fixes #751. PiperOrigin-RevId: 353130577
2021-01-21Add image presubmit tests and mark fsstress x86_64 only.Adin Scannell
PiperOrigin-RevId: 353118942
2021-01-21Fix ownership change logicFabricio Voznika
Previously fsgofer was skipping chown call if the uid and gid were the same as the current user/group. However, when setgid is set, the group may not be the same as the caller. Instead, compare the actual uid/gid of the file after it has been created and change ownership only if needed. Updates #180 PiperOrigin-RevId: 353118733
2021-01-21Queue packets in WritePackets when resolving link addressGhanan Gowripalan
Test: integration_test.TestWritePacketsLinkResolution Fixes #4458. PiperOrigin-RevId: 353108826
2021-01-21Populate EgressRoute, GSO, Netproto in NICGhanan Gowripalan
fdbased and qdisc layers expect these fields to already be populated before being reached. PiperOrigin-RevId: 353099492
2021-01-21Fix fsstress argument nameFabricio Voznika
Updates #5273 PiperOrigin-RevId: 353087710
2021-01-21Syscall test for connecting to unspecified addressZeling Feng
For an active OPEN call with unspecified foreign socket, TCP MUST return error: foreign socket unspecified PiperOrigin-RevId: 352961691
2021-01-20Update splice syscall documentation.Dean Deng
PiperOrigin-RevId: 352954044
2021-01-20Add syscall docs back to menuIan Lewis
Syscall docs were excluded from the navigation menu. This change adds them back. PiperOrigin-RevId: 352942238
2021-01-20Remove unimplemented message for SO_LINGERNayana Bidari
- Removes the unimplemented message for SO_LINGER - Fix the length for IP_PKTINFO option PiperOrigin-RevId: 352917611
2021-01-20Don't use task goroutine context in fsimpl tests.Jamie Liu
PiperOrigin-RevId: 352908368
2021-01-20Fix typo boundry -> boundary.Dean Deng
PiperOrigin-RevId: 352905565
2021-01-20Move Lock/UnlockPOSIX into LockFD util.Dean Deng
PiperOrigin-RevId: 352904728
2021-01-20Fix refcount increments in gofer.filesystem.Sync.Jamie Liu
Fixes #5263 PiperOrigin-RevId: 352903844
2021-01-20Remove string allocation from strings.Repeat() in /proc/[pid]/maps.Jamie Liu
PiperOrigin-RevId: 352894106
2021-01-20Change the way the IP options report problemsJulian Elischer
The error messages are not needed or used as these are not processing errors so much as errors to be reported back to the packet sender. Implicitly describe whether each error should generate ICMP packets or not. Most do but there are a couple that do not. Slightly alter some test expectations for Linux compatibility and add a couple more. Improve Linux compatibility on error packet returns. Some cosmetic changes to tests to match the upcoming packet impact version of the same tests. PiperOrigin-RevId: 352889785
2021-01-19Do not have a stack-wide linkAddressCacheGhanan Gowripalan
Link addresses are cached on a per NIC basis so instead of having a single cache that includes the NIC ID for neighbor entry lookups, use a single cache per NIC. PiperOrigin-RevId: 352684111
2021-01-19platform/ptrace: workaround a kernel ptrace issue on ARM64Andrei Vagin
On ARM64, when ptrace stops on a system call, it uses the x7 register to indicate whether the stop has been signalled from syscall entry or syscall exit. This means that we can't get a value of this register and we can't change it. More details are in the comment for tracehook_report_syscall in arch/arm64/kernel/ptrace.c. This happens only if we stop on a system call, so let's queue a signal, resume a stub thread and catch it on a signal handling. Fixes: #5238 PiperOrigin-RevId: 352668695
2021-01-19Per NIC NetworkEndpoint statisticsArthur Sfez
To facilitate the debugging of multi-homed setup, track Network protocols statistics for each endpoint. Note that the original stack-wide stats still exist. A new type of statistic counter is introduced, which track two versions of a stat at the same time. This lets a network endpoint increment both the local stat and the stack-wide stat at the same time. Fixes #4605 PiperOrigin-RevId: 352663276
2021-01-19Ensure that IP{V6}_RECVORIGDSTADDR yields the post-NAT address and port.Kevin Krakauer
PiperOrigin-RevId: 352624174
2021-01-19Drop CheckLocalAddress from LinkAddressCacheGhanan Gowripalan
PiperOrigin-RevId: 352623277
2021-01-19[infra] Attempt to fix Kokoro image workflow.Ayush Ranjan
#5274 broke `make load-basic_fsstress` target. It works locally but for some inconceivable reason it fails to build on Kokoro. Error message: ``` Step 1/12 : FROM alpine ---> 1fca6fe4a1ec Step 2/12 : RUN apk add git ---> Running in 109a5326259a standard_init_linux.go:207: exec user process caused "no such file or directory" The command '/bin/sh -c apk add git' returned a non-zero code: 1 make: *** [load-basic_fsstress] Error 1 tools/images.mk:149: recipe for target 'load-basic_fsstress' failed ``` Copied the approach from the following issue to achieve the same goal: https://github.com/nodejs/docker-node/issues/586#issue-273737852. PiperOrigin-RevId: 352602945
2021-01-17Do not use a stack-wide queue of pending packetsGhanan Gowripalan
Packets may be pending on link resolution to complete before being sent. Link resolution is performed for neighbors which are unique to a NIC so hold link resolution related state under the NIC, not the stack. Note, this change may result in more queued packets but that is okay as RFC 4861 section 7.2.2 recommends that the stack maintain a queue of packets for each neighbor that is waiting for link resolution to complete, not a fixed limit per stack. PiperOrigin-RevId: 352322155
2021-01-15Resolve known link address on route creationGhanan Gowripalan
If a Route is being created through a link that requires link address resolution and a remote address that has a known mapping to a link address, populate the link address when the route is created. This removes the need for neighbor/link address caches to perform this check. Fixes #5149 PiperOrigin-RevId: 352122401
2021-01-15Support GetLinkAddress with neighborCacheGhanan Gowripalan
Test: integration_test.TestGetLinkAddress PiperOrigin-RevId: 352119404
2021-01-15Only pass stack.Route's fields to LinkEndpointsGhanan Gowripalan
stack.Route is used to send network packets and resolve link addresses. A LinkEndpoint does not need to do either of these and only needs the route's fields at the time of the packet write request. Since LinkEndpoints only need the route's fields when writing packets, pass a stack.RouteInfo instead. PiperOrigin-RevId: 352108405
2021-01-15Remove count argument from tcpip.Endpoint.ReadTamir Duberstein
The same intent can be specified via the io.Writer. PiperOrigin-RevId: 352098747
2021-01-15[rack] Retransmit the probe segment after the probe timer expires.Ayush Ranjan
This change implements TLP details enumerated in https://tools.ietf.org/html/draft-ietf-tcpm-rack-08#section-7.5.2. Fixes #5084 PiperOrigin-RevId: 352093473
2021-01-15Correctly return EMSGSIZE when packet is too big in raw socket.Ting-Yu Wang
IPv4 previously accepts the packet, while IPv6 panics. Neither is the behavior in Linux. splice() in Linux has different behavior than in gVisor. This change documents it in the SpliceTooLong test. Reported-by: syzbot+b550e78e5c24d1d521f2@syzkaller.appspotmail.com PiperOrigin-RevId: 352091286
2021-01-15Populate EgressRoute, GSO, Netproto for batch writesGhanan Gowripalan
We loop over the list of packets anyways so setting these aren't expensive. Now that they are populated only by the link endpoint that uses them, TCP does not need to. PiperOrigin-RevId: 352090853
2021-01-15Add fsstress testsFabricio Voznika
Updates #5273 PiperOrigin-RevId: 352088736
2021-01-15Combine reference count logs into one message.Dean Deng
Otherwise, races can occur between concurrent logs. PiperOrigin-RevId: 352086914