summaryrefslogtreecommitdiffhomepage
path: root/pkg/tcpip
AgeCommit message (Collapse)Author
2019-08-26Merge 1fdefd41 (automated)gVisor bot
2019-08-26netstack/tcp: Add LastAck transition.Rahat Mahmood
Add missing state transition to LastAck, which should happen when the endpoint has already recieved a FIN from the remote side, and is sending its own FIN. PiperOrigin-RevId: 265568314
2019-08-26Merge 7206202b (automated)gVisor bot
2019-08-26Merge pull request #696 from xiaobo55x:tcpip_linkgVisor bot
PiperOrigin-RevId: 265534854
2019-08-26Merge ac2200b8 (automated)gVisor bot
2019-08-26Prevent a network endpoint to send/rcv if its address was removedChris Kuiper
This addresses the problem where an endpoint has its address removed but still has outstanding references held by routes used in connected TCP/UDP sockets which prevent the removal of the endpoint. The fix adds a new "expired" flag to the referenced network endpoint, which is set when an endpoint has its address removed. Incoming packets are not delivered to an expired endpoint (unless in promiscuous mode), while sending outgoing packets triggers an error to the caller (unless in spoofing mode). In addition, a few helper functions were added to stack_test.go to reduce code duplications. PiperOrigin-RevId: 265514326
2019-08-23Merge e75a12e8 (automated)gVisor bot
2019-08-23Implement fmt.Stringer on Route by valueTamir Duberstein
This is more convenient, since it implements the interface for both value and pointer. PiperOrigin-RevId: 265086510
2019-08-22Merge 8d9276ed (automated)gVisor bot
2019-08-21Support binding to multicast and broadcast addressesChris Kuiper
This fixes the issue of not being able to bind to either a multicast or broadcast address as well as to send and receive data from it. The way to solve this is to treat these addresses similar to the ANY address and register their transport endpoint ID with the global stack's demuxer rather than the NIC's. That way there is no need to require an endpoint with that multicast or broadcast address. The stack's demuxer is in fact the only correct one to use, because neither broadcast- nor multicast-bound sockets care which NIC a packet was received on (for multicast a join is still needed to receive packets on a NIC). I also took the liberty of refactoring udp_test.go to consolidate a lot of duplicate code and make it easier to create repetitive tests that test the same feature for a variety of packet and socket types. For this purpose I created a "flowType" that represents two things: 1) the type of packet being sent or received and 2) the type of socket used for the test. E.g., a "multicastV4in6" flow represents a V4-mapped multicast packet run through a V6-dual socket. This allows writing significantly simpler tests. A nice example is testTTL(). PiperOrigin-RevId: 264766909
2019-08-21Merge 573e6e4b (automated)gVisor bot
2019-08-21Use tcpip.Subnet in tcpip.RouteTamir Duberstein
This is the first step in replacing some of the redundant types with the standard library equivalents. PiperOrigin-RevId: 264706552
2019-08-20Add tcpip.Route.String and tcpip.AddressMask.PrefixChris Kuiper
PiperOrigin-RevId: 264544163
2019-08-19Merge 3ffbdffd (automated)gVisor bot
2019-08-19Internal change.gVisor bot
PiperOrigin-RevId: 264218306
2019-08-16netstack: disconnect an unix socket only if the address family is AF_UNSPECAndrei Vagin
Linux allows to call connect for ANY and the zero port. PiperOrigin-RevId: 263892534
2019-08-16Merge f7114e0a (automated)gVisor bot
2019-08-16Add subnet checking to NIC.findEndpoint and consolidate with NIC.getRefChris Kuiper
This adds the same logic to NIC.findEndpoint that is already done in NIC.getRef. Since this makes the two functions very similar they were combined into one with the originals being wrappers. PiperOrigin-RevId: 263864708
2019-08-15Merge ef045b91 (automated)gVisor bot
2019-08-15Don't dereference errors passed to panic()Tamir Duberstein
These errors are always pointers; there's no sense in dereferencing them in the panic call. Changed one false positive for clarity. PiperOrigin-RevId: 263611579
2019-08-15Merge 816a9211 (automated)gVisor bot
2019-08-15netstack: move resumption logic into *_state.goTamir Duberstein
13a98df rearranged some of this code in a way that broke compilation of the netstack-only export at github.com/google/netstack because *_state.go files are not included in that export. This commit moves resumption logic back into *_state.go, fixing the compilation breakage. PiperOrigin-RevId: 263601629
2019-08-15Enabling pkg/tcpip/link support on arm64.Haibo Xu
Signed-off-by: Haibo Xu haibo.xu@arm.com Change-Id: Ib6b4aa2db19032e58bf0395f714e6883caee460a
2019-08-15Rename fdbased/mmap.go to fdbased/mmap_stub.go.Haibo Xu
Signed-off-by: Haibo Xu haibo.xu@arm.com Change-Id: Id4489554b9caa332695df8793d361f8332f6a13b
2019-08-15Rename rawfile/blockingpoll_unsafe.go to rawfile/blockingpoll_stub_unsafe.go.Haibo Xu
Signed-off-by: Haibo Xu haibo.xu@arm.com Change-Id: I2376e502c1a860d5e624c8a8e3afab5da4c53022
2019-08-14Merge d81d94ac (automated)gVisor bot
2019-08-14Replace uinptr with int64 when returning lengthsTamir Duberstein
This is in accordance with newer parts of the standard library. PiperOrigin-RevId: 263449916
2019-08-14Merge 69d1414a (automated)gVisor bot
2019-08-14Add tcpip.AddressWithPrefix.StringTamir Duberstein
PiperOrigin-RevId: 263436592
2019-08-14Merge 570fb1db (automated)gVisor bot
2019-08-14Improve SendMsg performance.Bhasker Hariharan
SendMsg before this change would copy all the data over into a new slice even if the underlying socket could only accept a small amount of data. This is really inefficient with non-blocking sockets and under high throughput where large writes could get ErrWouldBlock or if there was say a timeout associated with the sendmsg() syscall. With this change we delay copying bytes in till they are needed and only copy what can be potentially sent/held in the socket buffer. Reducing the need to repeatedly copy data over. Also a minor fix to change state FIN-WAIT-1 when shutdown(..., SHUT_WR) is called instead of when we transmit the actual FIN. Otherwise the socket could remain in CONNECTED state even though the user has called shutdown() on the socket. Updates #627 PiperOrigin-RevId: 263430505
2019-08-13gonet: Replace NewPacketConn with DialUDP.Ian Gudger
This better matches the standard library and allows creating connected PacketConns. PiperOrigin-RevId: 263187462
2019-08-12Merge eac690e3 (automated)gVisor bot
2019-08-12Fix netstack build error on non-AMD64.Ian Gudger
This stub had the wrong function signature. PiperOrigin-RevId: 262992682
2019-08-09Merge 5a38eb12 (automated)gVisor bot
2019-08-09Add congestion control states to sender.Bhasker Hariharan
This change just introduces different congestion control states and ensures the sender.state is updated to reflect the current state of the connection. It is not used for any decisions yet but this is required before algorithms like Eiffel/PRR can be implemented. Fixes #394 PiperOrigin-RevId: 262638292
2019-08-08Merge 13a98df4 (automated)gVisor bot
2019-08-08netstack: Don't start endpoint goroutines too soon on restore.Rahat Mahmood
Endpoint protocol goroutines were previously started as part of loading the endpoint. This is potentially too soon, as resources used by these goroutine may not have been loaded. Protocol goroutines may perform meaningful work as soon as they're started (ex: incoming connect) which can cause them to indirectly access resources that haven't been loaded yet. This CL defers resuming all protocol goroutines until the end of restore. PiperOrigin-RevId: 262409429
2019-08-07Merge 79cc4397 (automated)gVisor bot
2019-08-07Set target address in ARP ReplyTamir Duberstein
PiperOrigin-RevId: 262163794
2019-08-06Merge dfbc0b0a (automated)gVisor bot
2019-08-06Fix for a panic due to writing to a closed accept channel.Bhasker Hariharan
This can happen because endpoint.Close() closes the accept channel first and then drains/resets any accepted but not delivered connections. But there can be connections that are connected but not delivered to the channel as the channel was full. But closing the channel can cause these writes to fail with a write to a closed channel. The correct solution is to abort any connections in SYN-RCVD state and drain/abort all completed connections before closing the accept channel. PiperOrigin-RevId: 261951132
2019-08-02Merge 960a5e55 (automated)gVisor bot
2019-08-02Plumbing for iptables sockopts.Kevin Krakauer
PiperOrigin-RevId: 261413396
2019-08-02Merge 2906dffc (automated)gVisor bot
2019-08-02Automated rollback of changelist 261191548Rahat Mahmood
PiperOrigin-RevId: 261373749
2019-08-01Merge f2b25aea (automated)gVisor bot
2019-08-01Implement getsockopt(TCP_INFO).Rahat Mahmood
Export some readily-available fields for TCP_INFO and stub out the rest. PiperOrigin-RevId: 261191548
2019-07-31Merge 12c4eb29 (automated)gVisor bot
2019-07-31Fix ICMPv4 EchoReply packet checksumAustin Kiekintveld
The checksum was not being reset before being re-calculated and sent out. This caused the sent checksum to always be `0x0800`. Fixes #605. PiperOrigin-RevId: 260965059