summaryrefslogtreecommitdiffhomepage
path: root/pkg/tcpip
AgeCommit message (Collapse)Author
2020-10-23Decrement e.synRcvdCount once handshake is complete.Bhasker Hariharan
Earlier the count was dropped only after calling e.deliverAccepted. This lead to an issue where there were no connections in SYN-RCVD state for the listening endpoint but e.synRcvdCount would not be zero because it was being reduced only when handleSynSegment returned after deliverAccepted returned. This issue is seen when the Nth SYN for a listen backlog of size N which would cause the listen backlog to be full gets dropped occasionally. This happens when the new SYN comes at when the previous completed endpoint has been delivered to the accept queue but the synRcvdCount hasn't yet been decremented because the goroutine running handleSynSegment has not yet completed. PiperOrigin-RevId: 338690646
2020-10-23Rewrite reference leak checker without finalizers.Dean Deng
Our current reference leak checker uses finalizers to verify whether an object has reached zero references before it is garbage collected. There are multiple problems with this mechanism, so a rewrite is in order. With finalizers, there is no way to guarantee that a finalizer will run before the program exits. When an unreachable object with a finalizer is garbage collected, its finalizer will be added to a queue and run asynchronously. The best we can do is run garbage collection upon sandbox exit to make sure that all finalizers are enqueued. Furthermore, if there is a chain of finalized objects, e.g. A points to B points to C, garbage collection needs to run multiple times before all of the finalizers are enqueued. The first GC run will register the finalizer for A but not free it. It takes another GC run to free A, at which point B's finalizer can be registered. As a result, we need to run GC as many times as the length of the longest such chain to have a somewhat reliable leak checker. Finally, a cyclical chain of structs pointing to one another will never be garbage collected if a finalizer is set. This is a well-known issue with Go finalizers (https://github.com/golang/go/issues/7358). Using leak checking on filesystem objects that produce cycles will not work and even result in memory leaks. The new leak checker stores reference counted objects in a global map when leak check is enabled and removes them once they are destroyed. At sandbox exit, any remaining objects in the map are considered as leaked. This provides a deterministic way of detecting leaks without relying on the complexities of finalizers and garbage collection. This approach has several benefits over the former, including: - Always detects leaks of objects that should be destroyed very close to sandbox exit. The old checker very rarely detected these leaks, because it relied on garbage collection to be run in a short window of time. - Panics if we forgot to enable leak check on a ref-counted object (we will try to remove it from the map when it is destroyed, but it will never have been added). - Can store extra logging information in the map values without adding to the size of the ref count struct itself. With the size of just an int64, the ref count object remains compact, meaning frequent operations like IncRef/DecRef are more cache-efficient. - Can aggregate leak results in a single report after the sandbox exits. Instead of having warnings littered in the log, which were non-deterministically triggered by garbage collection, we can print all warning messages at once. Note that this could also be a limitation--the sandbox must exit properly for leaks to be detected. Some basic benchmarking indicates that this change does not significantly affect performance when leak checking is enabled, which is understandable since registering/unregistering is only done once for each filesystem object. Updates #1486. PiperOrigin-RevId: 338685972
2020-10-22Pass NetworkInterface to LinkAddressRequestGhanan Gowripalan
Previously a link endpoint was passed to stack.LinkAddressResolver.LinkAddressRequest. With this change, implementations that want a route for the link address request may find one through the stack. Other implementations that want to send a packet without a route may continue to do so using the network interface directly. Test: - arp_test.TestLinkAddressRequest - ipv6.TestLinkAddressRequest PiperOrigin-RevId: 338577474
2020-10-21Add underflow check when calculating the MTUArthur Sfez
Also enforce the minimum MTU for IPv4 and IPv6, and discard packets if the minimum is not met. PiperOrigin-RevId: 338404225
2020-10-20Fix nogo test in //pkg/tcpip/...Ting-Yu Wang
PiperOrigin-RevId: 338168977
2020-10-20Fix locking in AddressableEndpointStateGhanan Gowripalan
PiperOrigin-RevId: 338156438
2020-10-20Fix nogo tests.Ting-Yu Wang
//pkg/tcpip/stack:stack_x_test_nogo //pkg/tcpip/transport/raw:raw_nogo PiperOrigin-RevId: 338153265
2020-10-16Don't include link header when forwarding packetsGhanan Gowripalan
Before this change, if a link header was included in an incoming packet that is forwarded, the packet that gets sent out will take the original packet and add a link header to it while keeping the old link header. This would make the sent packet look like: OUTGOING LINK HDR | INCOMING LINK HDR | NETWORK HDR | ... Obviously this is incorrect as we should drop the incoming link header and only include the outgoing link header. This change fixes this bug. Test: integration_test.TestForwarding PiperOrigin-RevId: 337571447
2020-10-16Make IPv4 check the IP header checksumJulian Elischer
The IPv4 header checksum has not been checked, at least in recent times, so add code to do so. Fix all the tests that fail because they never needed to set the checksum. Fixes #4484 PiperOrigin-RevId: 337556243
2020-10-16Enable IPv4 fragmentation for every code path.Arthur Sfez
Currently, fragmentation can only occur during WritePacket(). This enables it for WritePackets() and WriteIncludedHeaderPacket() as well. IPv4 unit tests were refactored to be consistent with the IPv6 unit tests. This removes the extraHeaderReserveLength field and the related "prependable bytes" unit tests (for both IPv4 and IPv6) because it was only testing a panic condition when the value was too low. Fixes #3796 PiperOrigin-RevId: 337550061
2020-10-16Enable IPv6 WriteHeaderIncludedPacketGhanan Gowripalan
Allow writing an IPv6 packet where the IPv6 header is a provided by the user. * Introduce an error to let callers know a header is malformed. We previously useed tcpip.ErrInvalidOptionValue but that did not seem appropriate for generic malformed header errors. * Populate network header in WriteHeaderIncludedPacket IPv4's implementation of WriteHeaderIncludedPacket did not previously populate the packet buffer's network header. This change fixes that. Fixes #4527 Test: ip_test.TestWriteHeaderIncludedPacket PiperOrigin-RevId: 337534548
2020-10-15Process NAs without target link-layer addressesSam Balana
RFC 4861 section 4.4 comments the Target link-layer address option is sometimes optional in a Neighbor Advertisement packet: "When responding to a unicast Neighbor Solicitation this option SHOULD be included." Tests: pkg/tcpip/stack:stack_test - TestEntryStaleToReachableWhenSolicitedConfirmationWithoutAddress - TestEntryDelayToReachableWhenSolicitedConfirmationWithoutAddress - TestEntryProbeToReachableWhenSolicitedConfirmationWithoutAddress pkg/tcpip/network/ipv6:ipv6_test - TestCallsToNeighborCache PiperOrigin-RevId: 337396493
2020-10-15Refactor compareFragments to follow Go styleArthur Sfez
Test helpers should be used for test setup/teardown, not actual testing. Use cmp.Diff instead of bytes.Equal to improve readability. PiperOrigin-RevId: 337323242
2020-10-14Find route before sending NA responseGhanan Gowripalan
This change also brings back the stack.Route.ResolveWith method so that we can immediately resolve a route when sending an NA in response to a a NS with a source link layer address option. Test: ipv6_test.TestNeighorSolicitationResponse PiperOrigin-RevId: 337185461
2020-10-13Merge pull request #4486 from patr0nus:master_udp_ep_fixgVisor bot
PiperOrigin-RevId: 336974095
2020-10-13Correct NA minimum sizeSam Balana
Remove the duplicate NA size variable while I'm here. See https://tools.ietf.org/html/rfc4861#section-4.4 for the packet format. PiperOrigin-RevId: 336943206
2020-10-13Use NDP option serializer instead of handcrafting the NSTamir Duberstein
Use the correct constant (Solicit, not Advert) while I'm here. PiperOrigin-RevId: 336924605
2020-10-11Assign ep.effectiveNetProtos in UDP forwarder's CreateEndpointpatr0nus
2020-10-09TCP Receive window advertisement fixes.Bhasker Hariharan
The fix in commit 028e045da93b7c1c26417e80e4b4e388b86a713d was incorrect as it can cause the right edge of the window to shrink when we announce a zero window due to receive buffer being full as its done before the check for seeing if the window is being shrunk because of the selected window. Further the window was calculated purely on available space but in cases where we are getting full sized segments it makes more sense to use the actual bytes being held. This CL changes to use the lower of the total available space vs the available space in the maximal window we could advertise minus the actual payload bytes being held. This change also cleans up the code so that the window selection logic is not duplicated between getSendParams() and windowCrossedACKThresholdLocked. PiperOrigin-RevId: 336404827
2020-10-09RACK: Detect packet reordering.Nayana Bidari
RACK detects packet reordering by checking if the sender received ACK for the packet which has the sequence number less than the already acknowledged packets. PiperOrigin-RevId: 336397526
2020-10-09Automated rollback of changelist 336304024Ghanan Gowripalan
PiperOrigin-RevId: 336339194
2020-10-09Automated rollback of changelist 336185457Bhasker Hariharan
PiperOrigin-RevId: 336304024
2020-10-08Only block resolution when NUD is incompleteGhanan Gowripalan
When a completed entry exists for a neighbor, there is no need to block while reachability is (re)confirmed. The stack should continue to use the neighbor's link address while NUD is performed. Test: stack_test.TestNeighborCacheReplace PiperOrigin-RevId: 336199043
2020-10-08Do not resolve routes immediatelyGhanan Gowripalan
When a response needs to be sent to an incoming packet, the stack should consult its neighbour table to determine the remote address's link address. When an entry does not exist in the stack's neighbor table, the stack should queue the packet while link resolution completes. See comments. PiperOrigin-RevId: 336185457
2020-10-08Send unicast probes when link address is knownGhanan Gowripalan
When the neighbor table already has link address for a neighbor but is trying to confirm reachability, it may send unicast probes to the neighbor. PiperOrigin-RevId: 336166711
2020-10-08Change IPv6 reassembly timeout to 60sArthur Sfez
It was originally set to 30s for IPv6 (same as IPv4) but this is not what RFC 8200 prescibes. Linux also defaults to 60s [1]. [1] https://github.com/torvalds/linux/blob/47ec5303d73ea344e84f46660fff693c57641386/include/net/ipv6.h#L456 PiperOrigin-RevId: 336034636
2020-10-06Discard invalid Neighbor SolicitationsPeter Johnston
...per RFC 4861 s7.1.1. PiperOrigin-RevId: 335742851
2020-10-06Add support for IPv6 fragmentationArthur Sfez
Most of the IPv4 fragmentation code was moved in the fragmentation package and it is reused by IPv6 fragmentation. Test: - pkg/tcpip/network/ipv4:ipv4_test - pkg/tcpip/network/ipv6:ipv6_test - pkg/tcpip/network/fragmentation:fragmentation_test Fixes #4389 PiperOrigin-RevId: 335714280
2020-10-05Fix IPv4 ICMP echo handler to copy optionsJulian Elischer
The IPv4 RFCs are specific (though obtuse) that an echo response packet needs to contain all the options from the echo request, much as if it been routed back to the sender, though apparently with a new TTL. They suggest copying the incoming packet header to achieve this so that is what this patch does. PiperOrigin-RevId: 335559176
2020-10-05Remove AssignableAddressEndpoint.NetworkEndpointGhanan Gowripalan
We can get the network endpoint directly from the NIC. This is a preparatory CL for when a Route needs to hold a dedicated NIC as its output interface. This is because when forwarding is enabled, packets may be sent from a NIC different from the NIC a route's local address is associated with. PiperOrigin-RevId: 335484500
2020-10-02Update minimum RTT for RACK.Nayana Bidari
We are currently tracking the minimum RTT for RACK as smoothed RTT. As per RFC minimum RTT can be a global minimum of all RTTs or filtered value of recent RTT measurements. In this cl minimum RTT is updated to global minimum of all RTTs for the connection. PiperOrigin-RevId: 335061518
2020-09-30ip6tables: redirect supportKevin Krakauer
Adds support for the IPv6-compatible redirect target. Redirection is a limited form of DNAT, where the destination is always the localhost. Updates #3549. PiperOrigin-RevId: 334698344
2020-09-30Count IP OutgoingPacketErrors in the NetworkEndpoint methodsArthur Sfez
Before this change, OutgoingPacketErrors was incremented in the stack.Route methods. This was going to be a problem once IPv4/IPv6 WritePackets support fragmentation because Route.WritePackets might now know how many packets are left after an error occurs. Test: - pkg/tcpip/network/ipv4:ipv4_test - pkg/tcpip/network/ipv6:ipv6_test PiperOrigin-RevId: 334687983
2020-09-30Use the ICMP error response facilityJulian Elischer
Add code in IPv6 to send ICMP packets while processing extension headers. Add some accounting in processing IPV6 Extension headers which allows us to report meaningful information back in ICMP parameter problem packets. IPv4 also needs to send a message when an unsupported protocol is requested. Add some tests to generate both ipv4 and ipv6 packets with various errors and check the responses. Add some new checkers and cleanup some inconsistencies in the messages in that file. Add new error types for the ICMPv4/6 generators. Fix a bug in the ICMPv4 generator that stopped it from generating "Unknown protocol" messages. Updates #2211 PiperOrigin-RevId: 334661716
2020-09-30Make all Target.Action implementation pointer receiversKevin Krakauer
PiperOrigin-RevId: 334652998
2020-09-29Set transport protocol number during parsingKevin Krakauer
PiperOrigin-RevId: 334535896
2020-09-29iptables: remove unused min/max NAT range fieldsKevin Krakauer
PiperOrigin-RevId: 334531794
2020-09-29Return permanent addresses when NIC is downGhanan Gowripalan
Test: stack_test.TestGetMainNICAddressWhenNICDisabled PiperOrigin-RevId: 334513286
2020-09-29Don't allow broadcast/multicast source addressGhanan Gowripalan
As per relevant IP RFCS (see code comments), broadcast (for IPv4) and multicast addresses are not allowed. Currently checks for these are done at the transport layer, but since it is explicitly forbidden at the IP layers, check for them there. This change also removes the UDP.InvalidSourceAddress stat since there is no longer a need for it. Test: ip_test.TestSourceAddressValidation PiperOrigin-RevId: 334490971
2020-09-29iptables: refactor to make targets extendableKevin Krakauer
Like matchers, targets should use a module-like register/lookup system. This replaces the brittle switch statements we had before. The only behavior change is supporing IPT_GET_REVISION_TARGET. This makes it much easier to add IPv6 redirect in the next change. Updates #3549. PiperOrigin-RevId: 334469418
2020-09-29Don't generate link-local IPv6 for loopbackGhanan Gowripalan
Linux doesn't generate a link-local address for the loopback interface. Test: integration_test.TestInitialLoopbackAddresses PiperOrigin-RevId: 334453182
2020-09-29Discard IP fragments as soon as it expiresToshi Kikuchi
Currently expired IP fragments are discarded only if another fragment for the same IP datagram is received after timeout or the total size of the fragment queue exceeded a predefined value. Test: fragmentation.TestReassemblingTimeout Fixes #3960 PiperOrigin-RevId: 334423710
2020-09-29Trim Network/Transport Endpoint/ProtocolGhanan Gowripalan
* Remove Capabilities and NICID methods from NetworkEndpoint. * Remove linkEP and stack parameters from NetworkProtocol.NewEndpoint. The LinkEndpoint can be fetched from the NetworkInterface. The stack is passed to the NetworkProtocol when it is created so the NetworkEndpoint can get it from its protocol. * Remove stack parameter from TransportProtocol.NewEndpoint. Like the NetworkProtocol/Endpoint, the stack is passed to the TransportProtocol when it is created. PiperOrigin-RevId: 334332721
2020-09-29Move IP state from NIC to NetworkEndpoint/ProtocolGhanan Gowripalan
* Add network address to network endpoints. Hold network-specific state in the NetworkEndpoint instead of the stack. This results in the stack no longer needing to "know" about the network endpoints and special case certain work for various endpoints (e.g. IPv6 DAD). * Provide NetworkEndpoints with an NetworkInterface interface. Instead of just passing the NIC ID of a NIC, pass an interface so the network endpoint may query other information about the NIC such as whether or not it is a loopback device. * Move NDP code and state to the IPv6 package. NDP is IPv6 specific so there is no need for it to live in the stack. * Control forwarding through NetworkProtocols instead of Stack Forwarding should be controlled on a per-network protocol basis so forwarding configurations are now controlled through network protocols. * Remove stack.referencedNetworkEndpoint. Now that addresses are exposed via AddressEndpoint and only one NetworkEndpoint is created per interface, there is no need for a referenced NetworkEndpoint. * Assume network teardown methods are infallible. Fixes #3871, #3916 PiperOrigin-RevId: 334319433
2020-09-28Fix 1 zero window advertisement bug and a TCP test flake.Bhasker Hariharan
In TestReceiveBufferAutoTuning we now send a keep-alive packet to measure the current window rather than a 1 byte segment as the returned window value in the latter case is reduced due to the 1 byte segment now being held in the receive buffer and can cause the test to flake if the segment overheads were to change. In getSendParams in rcv.go we were advertising a non-zero window even if available window space was zero after we received the previous segment. In such a case newWnd and curWnd will be the same and we end up advertising a tiny but non-zero window and this can cause the next segment to be dropped. PiperOrigin-RevId: 334314070
2020-09-28Fix lingering of TCP socket in the initial state.Nayana Bidari
When the socket is set with SO_LINGER and close()'d in the initial state, it should not linger and return immediately. PiperOrigin-RevId: 334263149
2020-09-28Support creating protocol instances with Stack refGhanan Gowripalan
Network or transport protocols may want to reach the stack. Support this by letting the stack create the protocol instances so it can pass a reference to itself at protocol creation time. Note, protocols do not yet use the stack in this CL but later CLs will make use of the stack from protocols. PiperOrigin-RevId: 334260210
2020-09-26Remove generic ICMP errorsGhanan Gowripalan
Generic ICMP errors were required because the transport dispatcher was given the responsibility of sending ICMP errors in response to transport packet delivery failures. Instead, the transport dispatcher should let network layer know it failed to deliver a packet (and why) and let the network layer make the decision as to what error to send (if any). Fixes #4068 PiperOrigin-RevId: 333962333
2020-09-24Remove useless endpoint constructionTamir Duberstein
PiperOrigin-RevId: 333591566
2020-09-24Change segment/pending queue to use receive buffer limits.Bhasker Hariharan
segment_queue today has its own standalone limit of MaxUnprocessedSegments but this can be a problem in UnlockUser() we do not release the lock till there are segments to be processed. What can happen is as handleSegments dequeues packets more keep getting queued and we will never release the lock. This can keep happening even if the receive buffer is full because nothing can read() till we release the lock. Further having a separate limit for pending segments makes it harder to track memory usage etc. Unifying the limits makes it easier to reason about memory in use and makes the overall buffer behaviour more consistent. PiperOrigin-RevId: 333508122