summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-04-17Merge release-20200323.0-182-ge838290 (automated)gVisor bot
2020-04-17prlimit: don't check credentials on selfKevin Krakauer
prlimit was erroneously comparing UIDs and GIDs when getting/setting a process' own limits. From the manpage: To set or get the resources of a process other than itself, the caller must have the CAP_SYS_RESOURCE capability, or the real, effective, and saved set user IDs of the target process must match the real user ID of the caller and the real, effective, and saved set group IDs of the target process must match the real group ID of the caller. PiperOrigin-RevId: 307127266
2020-04-17Merge release-20200323.0-181-g486759a (automated)gVisor bot
2020-04-17Support NDP DNS Search List optionGhanan Gowripalan
Inform the netstack integrator when the netstack receives an NDP Router Advertisement message with the NDP DNS Search List option with at least one domain name. The stack will not maintain any state related to the search list - the integrator is expected to maintain any required state and invalidate domain names after their lifetime expires, or refresh the lifetime when a new one is received for a known domain name. Test: - header_test.TestNDPDNSSearchListOption - header_test.TestNDPDNSSearchListOptionSerialize - header_test.TestNDPSearchListOptionDomainNameLabelInvalidSymbols - header_test.TestNDPOptionsIterCheck - stack_test.TestNDPDNSSearchListDispatch PiperOrigin-RevId: 307109375
2020-04-17Merge release-20200323.0-180-ga80cd43 (automated)gVisor bot
2020-04-17Add test name to boot and gofer log filesFabricio Voznika
This is to make easier to find corresponding logs in case test fails. PiperOrigin-RevId: 307104283
2020-04-17Merge release-20200323.0-179-g80deebb (automated)gVisor bot
2020-04-17Merge pull request #1978 from lubinszARM:pr_signal_mmgVisor bot
PiperOrigin-RevId: 307078788
2020-04-17Merge release-20200323.0-177-g12bde95 (automated)gVisor bot
2020-04-17Get /bin/true to run on VFS2Zach Koopmans
Included: - loader_test.go RunTest and TestStartSignal VFS2 - container_test.go TestAppExitStatus on VFS2 - experimental flag added to runsc to turn on VFS2 Note: shared mounts are not yet supported. PiperOrigin-RevId: 307070753
2020-04-17Merge release-20200323.0-176-g4a818d6 (automated)gVisor bot
2020-04-17proc net test: Annotate disable-save test with NoRandomSave.Ting-Yu Wang
PiperOrigin-RevId: 307069884
2020-04-17Merge release-20200323.0-175-g6c225ea (automated)gVisor bot
2020-04-17Allow caller-defined sinks for packet sniffing.Tamir Duberstein
PiperOrigin-RevId: 307053624
2020-04-17Merge release-20200323.0-174-gb4de018 (automated)gVisor bot
2020-04-17Permit setting unknown optionsTamir Duberstein
This previously changed in 305699233, but this behaviour turned out to be load bearing. PiperOrigin-RevId: 307033802
2020-04-17Merge release-20200323.0-173-gf03996c (automated)gVisor bot
2020-04-16Implement pipe(2) and pipe2(2) for VFS2.Jamie Liu
Updates #1035 PiperOrigin-RevId: 306968644
2020-04-17Merge release-20200323.0-172-gf367cf8 (automated)gVisor bot
2020-04-16Drop invalid NDP NA messagesGhanan Gowripalan
Better validate NDP NAs options before updating the link address cache. Test: stack_test.TestNeighorAdvertisementWithTargetLinkLayerOption PiperOrigin-RevId: 306962924
2020-04-17Merge release-20200323.0-171-ge7dcd94 (automated)gVisor bot
2020-04-16Properly delegate WaitTamir Duberstein
PiperOrigin-RevId: 306959393
2020-04-17Merge release-20200323.0-170-g3b05f57 (automated)gVisor bot
2020-04-16Reset pending connections on listener shutdown.Mithun Iyer
When the listening socket is read shutdown, we need to reset all pending and incoming connections. Ensure that the endpoint is not cleaned up from the demuxer and subsequent bind to same port does not go through. PiperOrigin-RevId: 306958038
2020-04-17Merge release-20200323.0-169-gb33c3bb (automated)gVisor bot
2020-04-16Return detailed errors when iterating NDP optionsGhanan Gowripalan
Test: header_test.TestNDPOptionsIterCheck PiperOrigin-RevId: 306953867
2020-04-16Merge release-20200323.0-168-g0eda010 (automated)gVisor bot
2020-04-16Fix data race in tcp_test.Bhasker Hariharan
This change makes SynRcvdCountThreshold and the global synRcvdCount into a stack configurable value. This is required because in cases like mod_proxy which create multiple Stack instances the count will be a global value that impacts all Stack instances. Further the tests relied on modifying the global threshold to simulate tests where we want to verify SYN cookie based behaviour. This lead to data races due to the global being modified/read without locks or atomics. PiperOrigin-RevId: 306947723
2020-04-16Merge release-20200323.0-167-g75e864f (automated)gVisor bot
2020-04-16Use multierr in packetimpact Connection.Close()Eyal Soha
PiperOrigin-RevId: 306930652
2020-04-16Merge release-20200323.0-166-g5a8ee1b (automated)gVisor bot
2020-04-16Preserve log FD after execveFabricio Voznika
PiperOrigin-RevId: 306908296
2020-04-16Merge release-20200323.0-165-geb7b190 (automated)gVisor bot
2020-04-16Test TCP behavior when receiving unacceptable segment in CLOSE_WAITgVisor bot
TCP, in CLOSE-WAIT state, MUST return ACK with proper SEQ and ACK numbers after recv a seg with OTW SEQ or unacc ACK number, and remain in same state. If the connection is in a synchronized state, any unacceptable segment (out of window sequence number or unacceptable acknowledgment number) must elicit only an empty acknowledgment segment containing the current send-sequence number and an acknowledgment indicating the next sequence number expected to be received, and the connection remains in the same state. PiperOrigin-RevId: 306897984
2020-04-16Merge release-20200323.0-164-g2839981 (automated)gVisor bot
2020-04-16Make ExtractErrno a functionFabricio Voznika
PiperOrigin-RevId: 306891171
2020-04-16Merge release-20200323.0-163-g09c7e3f (automated)gVisor bot
2020-04-15Add tests for segments outside the receive window.Eyal Soha
The tests are based on RFC 793 page 69. Updates #1607 PiperOrigin-RevId: 306768847
2020-04-15Merge release-20200323.0-162-g3d3bf96 (automated)gVisor bot
2020-04-15Use hex.Dump for Layer.String() of byte slices.Eyal Soha
PiperOrigin-RevId: 306726587
2020-04-15Merge release-20200323.0-161-gea5b8e9 (automated)gVisor bot
2020-04-15Use if_nametoindex to get interface index.Ting-Yu Wang
Removed the TODO to use netlink. PiperOrigin-RevId: 306721468
2020-04-15Merge release-20200323.0-160-g1bcc2bf (automated)gVisor bot
2020-04-15Refactor connections.go to make it easier to add new connection types.Eyal Soha
Rather than have a struct for the state of each type of connection, such as TCP/IPv4, UDP/IPv4, TCP/IPv6, etc, have a state for each layer, such as UDP, TCP, IPv4, IPv6. Those states can be composed into connections. Tested: Existing unit tests still pass/fail as expected. PiperOrigin-RevId: 306703180
2020-04-15Merge release-20200323.0-159-g7c13546 (automated)gVisor bot
2020-04-15Deduplicate packet loggingTamir Duberstein
PiperOrigin-RevId: 306677789
2020-04-15Merge release-20200323.0-158-g0348edc (automated)gVisor bot
2020-04-15Remove unnecessary codeTamir Duberstein
Remove useless casts and duplicate return statements. PiperOrigin-RevId: 306627916
2020-04-15Merge release-20200323.0-157-g9c91834 (automated)gVisor bot
2020-04-15Reset pending connections on listener closeMithun Iyer
Attempt to redeliver TCP segments that are enqueued into a closing TCP endpoint. This was being done for Established endpoints but not for those that are listening or performing connection handshake. Fixes #2417 PiperOrigin-RevId: 306598155
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-05 00:05:49 +0000