summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2021-02-11Merge release-20210201.0-87-gc833eed80 (automated)gVisor bot
2021-02-11Implement semtimedop.Jing Chen
PiperOrigin-RevId: 357031904
2021-02-11Merge release-20210201.0-86-gae8d966f5 (automated)gVisor bot
2021-02-11Assign controlling terminal when tty is opened and support NOCTTYKevin Krakauer
PiperOrigin-RevId: 357015186
2021-02-11Merge release-20210201.0-84-g81ea0016e (automated)gVisor bot
2021-02-10Support setgid directories in tmpfs and kernfsKevin Krakauer
PiperOrigin-RevId: 356868412
2021-02-11Merge release-20210201.0-83-gff04d019e (automated)gVisor bot
2021-02-10RACK: Fix re-transmitting the segment twice when entering recovery.Nayana Bidari
TestRACKWithDuplicateACK is flaky as the reorder window can expire before receiving three duplicate ACKs which will result in sending the first unacknowledged segment twice: when reorder timer expired and again after receiving the third duplicate ACK. This CL will fix this behavior and will not resend the segment again if it was already re-transmittted when reorder timer expired. Update the TestRACKWithDuplicateACK to test that the first segment is considered as lost and is re-transmitted. PiperOrigin-RevId: 356855168
2021-02-11Merge release-20210201.0-82-g97a36d169 (automated)gVisor bot
2021-02-10Don't allow to umount the namespace root mountAndrei Vagin
Linux does the same thing. Reported-by: syzbot+6c79385c930c929d1d9e@syzkaller.appspotmail.com PiperOrigin-RevId: 356854562
2021-02-11Merge release-20210201.0-81-g96d3b3188 (automated)gVisor bot
2021-02-10Fix broken IFTTT link in tcpip.Ayush Ranjan
PiperOrigin-RevId: 356852625
2021-02-10Merge release-20210201.0-75-gb9db7db3b (automated)gVisor bot
2021-02-10Merge pull request #5267 from lubinszARM:pr_usr_lazy_fpgVisor bot
PiperOrigin-RevId: 356762859
2021-02-10Merge release-20210201.0-72-g298c129cc (automated)gVisor bot
2021-02-09Add support for setting SO_SNDBUF for unix domain sockets.Bhasker Hariharan
The limits for snd/rcv buffers for unix domain socket is controlled by the following sysctls on linux - net.core.rmem_default - net.core.rmem_max - net.core.wmem_default - net.core.wmem_max Today in gVisor we do not expose these sysctls but we do support setting the equivalent in netstack via stack.Options() method. But AF_UNIX sockets in gVisor can be used without netstack, with hostinet or even without any networking stack at all. Which means ideally these sysctls need to live as globals in gVisor. But rather than make this a big change for now we hardcode the limits in the AF_UNIX implementation itself (which in itself is better than where we were before) where it SO_SNDBUF was hardcoded to 16KiB. Further we bump the initial limit to a default value of 208 KiB to match linux from the paltry 16 KiB we use today. Updates #5132 PiperOrigin-RevId: 356665498
2021-02-10Merge release-20210201.0-70-gf6de413c3 (automated)gVisor bot
2021-02-09Add cleanup TODO for integer-based proc files.Dean Deng
PiperOrigin-RevId: 356645022
2021-02-09Merge release-20210201.0-67-g18e993eb4 (automated)gVisor bot
2021-02-09Move network internal code to internal packageGhanan Gowripalan
Utilities written to be common across IPv4/IPv6 are not planned to be available for public use. https://golang.org/doc/go1.4#internalpackages PiperOrigin-RevId: 356554862
2021-02-09Merge release-20210201.0-66-gd0c0549e6 (automated)gVisor bot
2021-02-09Deprecate Failed state in favor of Unreachable stateSam Balana
... as per RFC 7048. The Failed state is an internal state that is not specified by any RFC; replacing it with the Unreachable state enables us to expose this state while keeping our terminology consistent with RFC 4861 and RFC 7048. Unreachable state replaces all internal references for Failed state. However unlike the Failed state, change events are dispatched when moving into Unreachable state. This gives developers insight into whether a neighbor entry failed address resolution or whether it was explicitly removed. The Failed state will be removed entirely once all references to it are removed. This is done to avoid a Fuchsia roll failure. Updates #4667 PiperOrigin-RevId: 356554104
2021-02-09Merge release-20210201.0-65-g2b978d874 (automated)gVisor bot
2021-02-09Collapse code that always returns errorTamir Duberstein
PiperOrigin-RevId: 356536548
2021-02-09Merge release-20210201.0-64-gfe4f47896 (automated)gVisor bot
2021-02-09kernel: reparentLocked has to update children maps of old and new parentsAndrei Vagin
Reported-by: syzbot+9ffc71246fe72c73fc25@syzkaller.appspotmail.com PiperOrigin-RevId: 356536113
2021-02-09Merge release-20210201.0-63-gd6dbe6e5c (automated)gVisor bot
2021-02-09pipe: writeLocked has to return ErrWouldBlock if the pipe is fullAndrei Vagin
PiperOrigin-RevId: 356450303
2021-02-09Merge release-20210201.0-62-g3f802e718 (automated)gVisor bot
2021-02-09add IPv4 options processing for forwarding and reassemblyJulian Elischer
IPv4 forwarding and reassembly needs support for option processing and regular processing also needs options to be processed before being passed to the transport layer. This patch extends option processing to those cases and provides additional testing. A small change to the ICMP error generation API code was required to allow it to know when a packet was being forwarded or not. Updates #4586 PiperOrigin-RevId: 356446681
2021-02-09Merge release-20210201.0-61-g6671a42d6 (automated)gVisor bot
2021-02-08Remove unnecessary lockingGhanan Gowripalan
The thing the lock protects will never be accessed concurrently. PiperOrigin-RevId: 356423331
2021-02-09Merge release-20210201.0-60-g95500ece5 (automated)gVisor bot
2021-02-08Allow UDP sockets connect()ing to port 0Zeling Feng
We previously return EINVAL when connecting to port 0, however this is not the observed behavior on Linux. One of the observable effects after connecting to port 0 on Linux is that getpeername() will fail with ENOTCONN. PiperOrigin-RevId: 356413451
2021-02-09Merge release-20210201.0-59-gbf4968e17 (automated)gVisor bot
2021-02-08exec: don't panic if an elf file is malformedAndrei Vagin
Reported-by: syzbot+d54bc27a15aefe52c330@syzkaller.appspotmail.com PiperOrigin-RevId: 356406975
2021-02-09Merge release-20210201.0-58-g39251f31c (automated)gVisor bot
2021-02-08Support performing DAD for any addressGhanan Gowripalan
...as long as the network protocol supports duplicate address detection. This CL provides the facilities for a netstack integrator to perform DAD. DHCP recommends that clients effectively perform DAD before accepting an offer. As per RFC 2131 section 4.4.1 pg 38, The client SHOULD perform a check on the suggested address to ensure that the address is not already in use. For example, if the client is on a network that supports ARP, the client may issue an ARP request for the suggested request. The implementation of ARP-based IPv4 DAD effectively operates the same as IPv6's NDP DAD - using ARP requests and responses in place of NDP neighbour solicitations and advertisements, respectively. DAD performed by calls to (*Stack).CheckDuplicateAddress don't interfere with DAD performed when a new IPv6 address is added. This is so that integrator requests to check for duplicate addresses aren't unexpectedly aborted when addresses are removed. A network package internal package provides protocol agnostic DAD state management that specific protocols that provide DAD can use. Fixes #4550. Tests: - internal/ip_test.* - integration_test.TestDAD - arp_test.TestDADARPRequestPacket - ipv6.TestCheckDuplicateAddress PiperOrigin-RevId: 356405593
2021-02-09Merge release-20210201.0-57-gcfa4633c3 (automated)gVisor bot
2021-02-08[go-marshal] Add dynamic tag in go_marshal.Ayush Ranjan
This makes it easier to implement dynamically sized types in go-marshal. You really only need to implement MarshalBytes, UnmarshalBytes and SizeBytes to implement the entire interface. By using the `dynamic` tag, the autogenerator will generate the rest of the methods for us. This change also simplifies how KernelIPTGetEntries implements Marshallable using the newly added utility. PiperOrigin-RevId: 356397114
2021-02-09Merge release-20210201.0-56-ge51f775cb (automated)gVisor bot
2021-02-08[go-marshal] Remove binary package reference from syscalls package.Ayush Ranjan
Fixes a bug in our getsockopt(2) implementation which was incorrectly using binary.Size() instead of Marshallable.SizeBytes(). PiperOrigin-RevId: 356396551
2021-02-08Merge release-20210201.0-55-gfe63db2e9 (automated)gVisor bot
2021-02-08RACK: Detect lossNayana Bidari
Detect packet loss using reorder window and re-transmit them after the reorder timer expires. PiperOrigin-RevId: 356321786
2021-02-07Merge release-20210125.0-98-g3853a94f1 (automated)gVisor bot
2021-02-06Remove linkAddrCacheGhanan Gowripalan
It was replaced by NUD/neighborCache. Fixes #4658. PiperOrigin-RevId: 356085221
2021-02-07Merge release-20210125.0-97-g554c405e8 (automated)gVisor bot
2021-02-06Synchronously send packets over pipe link endpointGhanan Gowripalan
Before this change, packets were delivered asynchronously to the remote end of a pipe. This was to avoid a deadlock during link resolution where the stack would attempt to double-lock a mutex (see removed comments in the parent commit for details). As of https://github.com/google/gvisor/commit/4943347137, we do not hold locks while sending link resolution probes so the deadlock will no longer occur. PiperOrigin-RevId: 356066224
2021-02-06Merge release-20210125.0-96-g11ce8ba99 (automated)gVisor bot
2021-02-06Use fine grained locks while sending NDP packetsGhanan Gowripalan
Previously when sending NDP DAD or RS messages, we would hold a shared lock which lead to deadlocks (due to synchronous packet loooping (e.g. pipe and loopback link endpoints)) and lock contention. Writing packets may be an expensive operation which could prevent other goroutines from doing meaningful work if a shared lock is held while writing packets. This change upates the NDP DAD/RS timers to not hold shared locks while sending packets. PiperOrigin-RevId: 356053146