summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/socket
AgeCommit message (Collapse)Author
2020-08-19Merge release-20200810.0-66-gf8a948300 (automated)gVisor bot
2020-08-19Merge release-20200810.0-65-g182f66ee5 (automated)gVisor bot
2020-08-19ip6tables: move ipv4-specific logic into its own fileKevin Krakauer
A later change will introduce the equivalent IPv6 logic. #3549 PiperOrigin-RevId: 327499064
2020-08-19Merge release-20200810.0-62-g41777e90e (automated)gVisor bot
2020-08-19Merge release-20200810.0-61-g333172229 (automated)gVisor bot
2020-08-19Merge release-20200810.0-60-g33c60b893 (automated)gVisor bot
2020-08-19Merge release-20200810.0-59-g35dc7fe7e (automated)gVisor bot
2020-08-19Merge release-20200810.0-58-ge5f05d9bf (automated)gVisor bot
2020-08-18Merge release-20200810.0-53-g4184a7d5f (automated)gVisor bot
2020-08-18Merge release-20200810.0-52-g6405525b0 (automated)gVisor bot
2020-08-18Merge release-20200810.0-49-gb3141b680 (automated)gVisor bot
2020-08-18Merge release-20200810.0-48-gb9d87ae7a (automated)gVisor bot
2020-08-18Merge release-20200810.0-47-g673b6cc7f (automated)gVisor bot
2020-08-18Merge release-20200810.0-46-gda5c2ea6d (automated)gVisor bot
2020-08-17Merge release-20200810.0-44-gd42d01b97 (automated)gVisor bot
2020-08-17Merge release-20200810.0-43-g1b938ba72 (automated)gVisor bot
2020-08-17Merge release-20200810.0-42-g988ab2705 (automated)gVisor bot
2020-08-17Merge release-20200810.0-41-ge3e1b3689 (automated)gVisor bot
2020-08-17Merge release-20200810.0-40-ge3c4bbd10 (automated)gVisor bot
2020-08-17Merge release-20200810.0-39-g3bd066d50 (automated)gVisor bot
2020-08-17Remove weak references from unix sockets.Dean Deng
The abstract socket namespace no longer holds any references on sockets. Instead, TryIncRef() is used when a socket is being retrieved in BoundEndpoint(). Abstract sockets are now responsible for removing themselves from the namespace they are in, when they are destroyed. Updates #1486. PiperOrigin-RevId: 327064173
2020-08-13Merge release-20200810.0-23-g47515f475 (automated)gVisor bot
2020-08-13Migrate to PacketHeader API for PacketBuffer.Ting-Yu Wang
Formerly, when a packet is constructed or parsed, all headers are set by the client code. This almost always involved prepending to pk.Header buffer or trimming pk.Data portion. This is known to prone to bugs, due to the complexity and number of the invariants assumed across netstack to maintain. In the new PacketHeader API, client will call Push()/Consume() method to construct/parse an outgoing/incoming packet. All invariants, such as slicing and trimming, are maintained by the API itself. NewPacketBuffer() is introduced to create new PacketBuffer. Zero value is no longer valid. PacketBuffer now assumes the packet is a concatenation of following portions: * LinkHeader * NetworkHeader * TransportHeader * Data Any of them could be empty, or zero-length. PiperOrigin-RevId: 326507688
2020-08-10Merge release-20200804.0-57-g7ba5e3558 (automated)gVisor bot
2020-08-10ip6tables: move target-specific code to targets.goKevin Krakauer
This is purely moving code, no changes. netfilter.go is cluttered and targets.go is a good place for this. #3549 PiperOrigin-RevId: 325879965
2020-08-06Merge release-20200804.0-27-g35312a95c (automated)gVisor bot
2020-08-05Add loss recovery option for TCP.Nayana Bidari
/proc/sys/net/ipv4/tcp_recovery is used to enable RACK loss recovery in TCP. PiperOrigin-RevId: 325157807
2020-08-03Merge release-20200622.1-313-gb2ae7ea1b (automated)gVisor bot
2020-08-03Plumbing context.Context to DecRef() and Release().Nayana Bidari
context is passed to DecRef() and Release() which is needed for SO_LINGER implementation. PiperOrigin-RevId: 324672584
2020-07-31Merge release-20200622.1-300-ga7d9aa6d5 (automated)gVisor bot
2020-07-31iptables: support SO_ORIGINAL_DSTKevin Krakauer
Envoy (#170) uses this to get the original destination of redirected packets.
2020-07-28Redirect TODO to GitHub issuesFabricio Voznika
PiperOrigin-RevId: 323715260
2020-07-24Merge release-20200622.1-217-ge2c70ee98 (automated)gVisor bot
2020-07-24Enable automated marshalling for netstack.Ayush Ranjan
PiperOrigin-RevId: 322954792
2020-07-24Merge release-20200622.1-214-g5e7ae0476 (automated)gVisor bot
2020-07-23Merge pull request #3142 from tanjianfeng:fix-3141gVisor bot
PiperOrigin-RevId: 322937495
2020-07-23Merge release-20200622.1-195-g6f7f73996 (automated)gVisor bot
2020-07-23Marshallable socket opitons.Ayush Ranjan
Socket option values are now required to implement marshal.Marshallable. Co-authored-by: Rahat Mahmood <rahat@google.com> PiperOrigin-RevId: 322831612
2020-07-22Merge release-20200622.1-187-gbd98f8201 (automated)gVisor bot
2020-07-22iptables: replace maps with arraysKevin Krakauer
For iptables users, Check() is a hot path called for every packet one or more times. Let's avoid a bunch of map lookups. PiperOrigin-RevId: 322678699
2020-07-22Merge release-20200622.1-184-g71bf90c55 (automated)gVisor bot
2020-07-22Support for receiving outbound packets in AF_PACKET.Bhasker Hariharan
Updates #173 PiperOrigin-RevId: 322665518
2020-07-17Merge release-20200622.1-173-gdcf6ddc27 (automated)gVisor bot
2020-07-16Add support to return protocol in recvmsg for AF_PACKET.Bhasker Hariharan
Updates #173 PiperOrigin-RevId: 321690756
2020-07-15Merge release-20200622.1-162-gfef90c61c (automated)gVisor bot
2020-07-15Fix minor bugs in a couple of interface IOCTLs.Bhasker Hariharan
gVisor incorrectly returns the wrong ARP type for SIOGIFHWADDR. This breaks tcpdump as it tries to interpret the packets incorrectly. Similarly, SIOCETHTOOL is used by tcpdump to query interface properties which fails with an EINVAL since we don't implement it. For now change it to return EOPNOTSUPP to indicate that we don't support the query rather than return EINVAL. NOTE: ARPHRD types for link endpoints are distinct from NIC capabilities and NIC flags. In Linux all 3 exist eg. ARPHRD types are stored in dev->type field while NIC capabilities are more like the device features which can be queried using SIOCETHTOOL but not modified and NIC Flags are fields that can be modified from user space. eg. NIC status (UP/DOWN/MULTICAST/BROADCAST) etc. Updates #2746 PiperOrigin-RevId: 321436525
2020-07-15Merge release-20200622.1-158-gfc48ace73 (automated)gVisor bot
2020-07-15hostinet: fix fd leak in fdnotifier for VFS2Tiwei Bie
When we failed to create the new socket after adding the fd to fdnotifier, we should remove the fd from fdnotifier, because we are going to close the fd directly. Fixes: #3241 Signed-off-by: Tiwei Bie <tiwei.btw@antgroup.com>
2020-07-11Merge release-20200622.1-90-g216dcebc0 (automated)gVisor bot
2020-07-11Stub out SO_DETACH_FILTER.Bhasker Hariharan
Updates #2746 PiperOrigin-RevId: 320757963