| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Compare
if (!thread_group_leader(tracee))
tracee = rcu_dereference(tracee->group_leader);
in security/yama/yama_lsm.c:ptracer_exception_found().
PiperOrigin-RevId: 381074242
|
|
|
|
PiperOrigin-RevId: 380967023
|
|
There are unnecessarily short timeouts in several places.
Note: a later change will switch tcp_test to fake clocks intead of the built-in
`time` package.
PiperOrigin-RevId: 380935400
|
|
|
|
Add Equals method to compare syserror and unix.Errno errors to linuxerr errors.
This will facilitate removal of syserror definitions in a followup, and
finding needed conversions from unix.Errno to linuxerr.
PiperOrigin-RevId: 380909667
|
|
|
|
PiperOrigin-RevId: 380904249
|
|
|
|
Fixes #2726
PiperOrigin-RevId: 380753516
|
|
|
|
tcpdump is largely supported. We've also chose not to implement writeable
AF_PACKET sockets, and there's a bug specifically for promiscuous mode (#3333).
Fixes #173.
PiperOrigin-RevId: 380733686
|
|
|
|
Getting state of a stopped container would fail and could lead containerd
to not detecting that the container had actually stopped. Now stopped and
deleted containers return `stopped` state.
Also makes other messages more consistent when container is stopped. Some
where still sending messages to runsc and failing in different ways. Now
they go through `initState` state machine like the other messages.
There are a few changes to improve debugability with it as well.
Fixes #5861
PiperOrigin-RevId: 380698513
|
|
|
|
Updates #5940.
PiperOrigin-RevId: 380668609
|
|
|
|
It was possible for a SYN to arrive after the endpoint sent an ACK as part of
the transition to TIME-WAIT, but before returning from handleSegmentsLocked().
This caused the SYN to be dequeued and ACK'd despite the change in
EndpointState.
Deflakes TestTCPTimeWaitNewSyn.
Tested with:
blaze test --config=gotsan --runs_per_test 10000 \
//third_party/gvisor/pkg/tcpip/transport/tcp:tcp_x_test -j 2000 \
// --test_filter TestTCPTimeWaitNewSyn
PiperOrigin-RevId: 380639808
|
|
|
|
epsByNIC.registerEndpoint can add a multiportEndpoint to its map of
nic->multiportEndpoint even if multiport.Endpoint.singleRegisterEndpoint
failed. Same for transportDemuxer.singleRegisterEndpoint which ends up adding an
entry to nic->epsByNIC even if epsByNIC.registerEndpoint fails.
These breaks an invariant which the code assumes that a
multiportEndpoint/endpointsByNIC always have at least one valid entry.
PiperOrigin-RevId: 380310115
|
|
|
|
RFC 4191 supports the notion of a preference value for default routers
and more-specific routes, so update the OffLinkRouteUpdate event to
include this preference value so integrators may prioritize routes
based on a route's advertised preference value.
Note, more-specific route discovery is not supported yet, but will be in
a later change.
Updates #6172.
Test: ndp_test.TestRouterDiscovery
PiperOrigin-RevId: 380243716
|
|
|
|
Change the p9 server to use *errors.Error defined in pkg linuxerr. Done
separate from the client so that we ensure different p9 server/client versions
work with each other.
PiperOrigin-RevId: 380084491
|
|
|
|
IPv6 SO_ORIGINAL_DST is supported, and the flag check as-written will detect
when other flags are needed.
Fixes #3549.
PiperOrigin-RevId: 380059115
|
|
|
|
...and pass it explicitly.
This reverts commit b63e61828d0652ad1769db342c17a3529d2d24ed.
PiperOrigin-RevId: 380039167
|
|
|
|
Also makes the behavior of raw sockets WRT fragmentation clearer, and makes the
ICMPv4 header-length check explicit.
Fixes #3160.
PiperOrigin-RevId: 380033450
|
|
|
|
Fixes #3159.
PiperOrigin-RevId: 379814096
|
|
|
|
Move Error struct to pkg/errors package for use in multiple places.
Move linuxerr static definitions under pkg/errors/linuxerr.
Add a lookup list for quick lookup of *errors.Error by errno. This is useful
when converting syserror errors and unix.Errno/syscall.Errrno values to
*errors.Error.
Update benchmarks routines to include conversions.
The below benchmarks show *errors.Error usage to be comparable to using
unix.Errno.
BenchmarkAssignUnix
BenchmarkAssignUnix-32 787875022 1.284 ns/op
BenchmarkAssignLinuxerr
BenchmarkAssignLinuxerr-32 1000000000 1.209 ns/op
BenchmarkAssignSyserror
BenchmarkAssignSyserror-32 759269229 1.429 ns/op
BenchmarkCompareUnix
BenchmarkCompareUnix-32 1000000000 1.310 ns/op
BenchmarkCompareLinuxerr
BenchmarkCompareLinuxerr-32 1000000000 1.241 ns/op
BenchmarkCompareSyserror
BenchmarkCompareSyserror-32 147196165 8.248 ns/op
BenchmarkSwitchUnix
BenchmarkSwitchUnix-32 373233556 3.664 ns/op
BenchmarkSwitchLinuxerr
BenchmarkSwitchLinuxerr-32 476323929 3.294 ns/op
BenchmarkSwitchSyserror
BenchmarkSwitchSyserror-32 39293408 29.62 ns/op
BenchmarkReturnUnix
BenchmarkReturnUnix-32 1000000000 0.5042 ns/op
BenchmarkReturnLinuxerr
BenchmarkReturnLinuxerr-32 1000000000 0.8152 ns/op
BenchmarkConvertUnixLinuxerr
BenchmarkConvertUnixLinuxerr-32 739948875 1.547 ns/op
BenchmarkConvertUnixLinuxerrZero
BenchmarkConvertUnixLinuxerrZero-32 977733974 1.489 ns/op
PiperOrigin-RevId: 379806801
|
|
|
|
UpperHalf is shared with all address spaces.
PiperOrigin-RevId: 379790539
|
|
|
|
PiperOrigin-RevId: 379766106
|
|
|
|
This change prepares for a later change which actually handles the
Prf field in RAs to discover default routers with preference values,
as per RFC 4191.
Updates #6172.
Test: header_test.TestNDPRouterAdvert
PiperOrigin-RevId: 379421710
|
|
|
|
This change prepares for a later change which supports the NDP
Route Information option to discover more-specific routes, as
per RFC 4191.
Updates #6172.
PiperOrigin-RevId: 379361330
|
|
|
|
PiperOrigin-RevId: 379337677
|
|
|
|
There are many references to unimplemented iptables features that link to #170,
but that bug is about Istio support specifically. Istio is supported, so the
references should change.
Some TODOs are addressed, some removed because they are not features requested
by users, and some are left as implementation notes.
Fixes #170.
PiperOrigin-RevId: 379328488
|
|
|
|
Before this change, the NDPDispatcher was allowed to "cancel" the
discovery of default routers/prefixes and auto-generate addresses.
No use case exists for this today so we drop this for now. If a
use case comes up in the future, we should instead invalidate the
discovered configuration through the stack instead of during
discovery.
PiperOrigin-RevId: 379327009
|
|
|
