Age | Commit message (Collapse) | Author |
|
|
|
This change will allow us to remove the default link in a packetimpact test so
we can reduce indeterministic behaviors as required in https://fxbug.dev/78430.
This will also help with testing #1388.
Updates #578, #1388.
PiperOrigin-RevId: 387896847
|
|
|
|
This CL introduces a 'checklinkname' analyzer, which provides rudimentary
type-checking that verifies that function signatures on the local and remote
sides of //go:linkname directives match expected values.
If the Go standard library changes the definitions of any of these function,
checklinkname will flag the change as a finding, providing an error informing
the gVisor team to adapt to the upstream changes. This allows us to eliminate
the majority of gVisor's forward-looking negative build tags, as we can catch
mismatches in testing [1].
The remaining forward-looking negative build tags are covering shared struct
definitions, which I hope to add to checklinkname in a future CL.
[1] Of course, semantics/requirements can change without the signature
changing, so we still must be careful, but this covers the common case.
PiperOrigin-RevId: 387873847
|
|
|
|
PiperOrigin-RevId: 387513118
|
|
|
|
|
|
- Creates new metric "/tcp/segments_acked_with_dsack" to count the number of
segments acked with DSACK.
- Added check to verify the metric is getting incremented when a DSACK is sent
in the unit tests.
PiperOrigin-RevId: 386135949
|
|
|
|
PiperOrigin-RevId: 385944428
|
|
|
|
PiperOrigin-RevId: 385940836
|
|
|
|
PiperOrigin-RevId: 385894869
|
|
|
|
TCP is fully supported. As with SO_RCVBUF, other transport protocols perform
no-ops per DefaultSocketOptionsHandler.OnSetReceiveBufferSize.
PiperOrigin-RevId: 385023239
|
|
|
|
PiperOrigin-RevId: 384776517
|
|
|
|
Previously, two calls to set the send or receive buffer size could have raced
and left state wherein:
- The actual size depended on one call
- The value returned by getsockopt() depended on the other
PiperOrigin-RevId: 384508720
|
|
Before this change, transmission of the first router solicitation races
with the adding of an IPv6 link-local address. This change creates the
NIC in the disabled state and is only enabled after the address is added
(if required) to avoid this race.
PiperOrigin-RevId: 384493553
|
|
|
|
- Keeps Linux-specific behavior out of //pkg/tcpip
- Makes it clearer that clamping is done only for setsockopt calls from users
- Removes code duplication
PiperOrigin-RevId: 384389809
|
|
|
|
|
|
Update the following from syserror to the linuxerr equivalent:
EEXIST
EFAULT
ENOTDIR
ENOTTY
EOPNOTSUPP
ERANGE
ESRCH
PiperOrigin-RevId: 384329869
|
|
|
|
Remove "partial write" handling as io.Writer.Write is not permitted to
return a nil error on partial writes, and this code was already
panicking on non-nil errors.
PiperOrigin-RevId: 384289970
|
|
|
|
Commit 16b751b6c610ec2c5a913cb8a818e9239ee7da71 introduced a bug where writes of
zero size would end up queueing a zero sized segment which will cause the
sandbox to panic when trying to send a zero sized segment(e.g. after an RTO) as
netstack asserts that the all non FIN segments have size > 0.
This change adds the check for a zero sized payload back to avoid queueing
such segments. The associated test panics without the fix and passes with it.
PiperOrigin-RevId: 383677884
|
|
|
|
PiperOrigin-RevId: 383481745
|
|
|
|
PiperOrigin-RevId: 383426091
|
|
|
|
More-specific route discovery allows hosts to pick a more appropriate
router for off-link destinations.
Fixes #6172.
PiperOrigin-RevId: 382779880
|
|
|
|
This change makes the checklocks analyzer considerable more powerful, adding:
* The ability to traverse complex structures, e.g. to have multiple nested
fields as part of the annotation.
* The ability to resolve simple anonymous functions and closures, and perform
lock analysis across these invocations. This does not apply to closures that
are passed elsewhere, since it is not possible to know the context in which
they might be invoked.
* The ability to annotate return values in addition to receivers and other
parameters, with the same complex structures noted above.
* Ignoring locking semantics for "fresh" objects, i.e. objects that are
allocated in the local frame (typically a new-style function).
* Sanity checking of locking state across block transitions and returns, to
ensure that no unexpected locks are held.
Note that initially, most of these findings are excluded by a comprehensive
nogo.yaml. The findings that are included are fundamental lock violations.
The changes here should be relatively low risk, minor refactorings to either
include necessary annotations to simplify the code structure (in general
removing closures in favor of methods) so that the analyzer can be easily
track the lock state.
This change additional includes two changes to nogo itself:
* Sanity checking of all types to ensure that the binary and ast-derived
types have a consistent objectpath, to prevent the bug above from occurring
silently (and causing much confusion). This also requires a trick in
order to ensure that serialized facts are consumable downstream. This can
be removed with https://go-review.googlesource.com/c/tools/+/331789 merged.
* A minor refactoring to isolation the objdump settings in its own package.
This was originally used to implement the sanity check above, but this
information is now being passed another way. The minor refactor is preserved
however, since it cleans up the code slightly and is minimal risk.
PiperOrigin-RevId: 382613300
|
|
|
|
In gVisor today its possible that when trying to bind a TCP socket
w/ SO_REUSEADDR specified and requesting the kernel pick a port by
setting port to zero can result in a previously bound port being
returned. This behaviour is incorrect as the user is clearly requesting
a free port. The behaviour is fine when the user explicity specifies
a port.
This change now checks if the user specified a port when making a port
reservation for a TCP port and only returns unbound ports even if
SO_REUSEADDR was specified.
Fixes #6209
PiperOrigin-RevId: 382607638
|
|
|
|
PiperOrigin-RevId: 382427879
|
|
|
|
Update all instances of the above errors to the faster linuxerr implementation.
With the temporary linuxerr.Equals(), no logical changes are made.
PiperOrigin-RevId: 382306655
|
|
|
|
This change prepares for a later change which supports the NDP
Route Information option to discover more-specific routes, as
per RFC 4191.
Updates #6172.
PiperOrigin-RevId: 382225812
|
|
|
|
PiperOrigin-RevId: 382202462
|
|
|