summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2020-11-19Remove racy stringification of socket fds from /proc/net/*.Rahat Mahmood
PiperOrigin-RevId: 343398191
2020-11-19Add a helpful message in stuck task logs.Dean Deng
This also makes the formatting nicer; the caller will add ":\n" to the end of the message. PiperOrigin-RevId: 343397099
2020-11-19Add types to parse MLD messagesGhanan Gowripalan
Preparing for upcoming CLs that add MLD functionality. Bug #4861 Test: header.TestMLD PiperOrigin-RevId: 343391556
2020-11-19Fix possible panic due to bad data.Julian Elischer
Found by a Fuzzer. Reported-by: syzbot+619fa10be366d553ef7f@syzkaller.appspotmail.com PiperOrigin-RevId: 343379575
2020-11-19Propagate IP address prefix from host to netstackFabricio Voznika
Closes #4022 PiperOrigin-RevId: 343378647
2020-11-19Require sync.Mutex to lock and unlock from the same goroutineMichael Pratt
We would like to track locks ordering to detect ordering violations. Detecting violations is much simpler if mutexes must be unlocked by the same goroutine that locked them. Thus, as a first step to tracking lock ordering, add this lock/unlock requirement to gVisor's sync.Mutex. This is more strict than the Go standard library's sync.Mutex, but initial testing indicates only a single lock that is used across goroutines. The new sync.CrossGoroutineMutex relaxes the requirement (but will not provide lock order checking). Due to the additional overhead, enforcement is only enabled with the "checklocks" build tag. Build with this tag using: bazel build --define=gotags=checklocks ... From my spot-checking, this has no changed inlining properties when disabled. Updates #4804 PiperOrigin-RevId: 343370200
2020-11-19Don't hold AddressEndpoints for multicast addressesGhanan Gowripalan
Group addressable endpoints can simply check if it has joined the multicast group without maintaining address endpoints. This also helps remove the dependency on AddressableEndpoint from GroupAddressableEndpoint. Now that group addresses are not tracked with address endpoints, we can avoid accidentally obtaining a route with a multicast local address. PiperOrigin-RevId: 343336912
2020-11-19Remove unused NoChecksumOptionBruno Dal Bo
Migration to unified socket options left this behind. PiperOrigin-RevId: 343305434
2020-11-19Fix some code not using NewPacketBuffer for creating a PacketBuffer.Ting-Yu Wang
PiperOrigin-RevId: 343299993
2020-11-18[vfs] kernfs: Do not panic if destroyed dentry is cached.Ayush Ranjan
If a kernfs user does not cache dentries, then cacheLocked will destroy the dentry. The current DecRef implementation will be racy in this case as the following can happen: - Goroutine 1 calls DecRef and decreases ref count from 1 to 0. - Goroutine 2 acquires d.fs.mu for reading and calls IncRef and increasing the ref count from 0 to 1. - Goroutine 2 releases d.fs.mu and calls DecRef again decreasing ref count from 1 to 0. - Goroutine 1 now acquires d.fs.mu and calls cacheLocked which destroys the dentry. - Goroutine 2 now acquires d.fs.mu and calls cacheLocked to find that the dentry is already destroyed! Earlier we would panic in this case, we could instead just return instead of adding complexity to handle this race. This is similar to what the gofer client does. We do not want to lock d.fs.mu in the case that the filesystem caches dentries (common case as procfs and sysfs do this) to prevent congestion due to lock contention. PiperOrigin-RevId: 343229496
2020-11-18[netstack] Move SO_KEEPALIVE and SO_ACCEPTCONN option to SocketOptions.Ayush Ranjan
PiperOrigin-RevId: 343217712
2020-11-18Remove unused methods from stack.RouteGhanan Gowripalan
PiperOrigin-RevId: 343211553
2020-11-18Port filesystem metrics to VFS2.Jamie Liu
PiperOrigin-RevId: 343196927
2020-11-18[netstack] Move SO_REUSEPORT and SO_REUSEADDR option to SocketOptions.Ayush Ranjan
This changes also introduces: - `SocketOptionsHandler` interface which can be implemented by endpoints to handle endpoint specific behavior on SetSockOpt. This is analogous to what Linux does. - `DefaultSocketOptionsHandler` which is a default implementation of the above. This is embedded in all endpoints so that we don't have to uselessly implement empty functions. Endpoints with specific behavior can override the embedded method by manually defining its own implementation. PiperOrigin-RevId: 343158301
2020-11-18Automated rollback of changelist 342700744Nayana Bidari
PiperOrigin-RevId: 343152780
2020-11-18[netstack] Move SO_NO_CHECK option to SocketOptions.Ayush Ranjan
PiperOrigin-RevId: 343146856
2020-11-18Fix loopback subnet routing errorGhanan Gowripalan
Packets should be properly routed when sending packets to addresses in the loopback subnet which are not explicitly assigned to the loopback interface. Tests: - integration_test.TestLoopbackAcceptAllInSubnetUDP - integration_test.TestLoopbackAcceptAllInSubnetTCP PiperOrigin-RevId: 343135643
2020-11-18Merge pull request #4791 from lubinszARM:pr_pt_uppergVisor bot
PiperOrigin-RevId: 343130667
2020-11-18Add a few syslog messages.Etienne Perot
PiperOrigin-RevId: 343123278
2020-11-18[netstack] Move SO_PASSCRED option to SocketOptions.Ayush Ranjan
This change also makes the following fixes: - Make SocketOptions use atomic operations instead of having to acquire/drop locks upon each get/set option. - Make documentation more consistent. - Remove tcpip.SocketOptions from socketOpsCommon because it already exists in transport.Endpoint. - Refactors get/set socket options tests to be easily extendable. PiperOrigin-RevId: 343103780
2020-11-18Introduce stack.WritePacketToRemote, remove LinkEndpoint.WriteRawPacketBruno Dal Bo
Redefine stack.WritePacket into stack.WritePacketToRemote which lets the NIC decide whether to append link headers. PiperOrigin-RevId: 343071742
2020-11-17Remove sniffer from gonet_test.Bhasker Hariharan
This was added by mistake in cl/342868552. PiperOrigin-RevId: 343021431
2020-11-17Fix endpoint.Read() when endpoint is in StateError.Bhasker Hariharan
If the endpoint is in StateError but e.hardErrorLocked() returns nil then return ErrClosedForRecieve. This can happen if a concurrent write on the same endpoint was in progress when the endpoint transitioned to an error state. PiperOrigin-RevId: 343018257
2020-11-17Merge pull request #4840 from lubinszARM:pr_fpsimd_1gVisor bot
PiperOrigin-RevId: 343000335
2020-11-17fs/fuse: don't dereference fuse.DeviceFD.fs if it is nilAndrei Vagin
PiperOrigin-RevId: 342992936
2020-11-17Allow short writes from gofers.Nicolas Lacasse
They were returning io.ErrShortWrite, but that is not handled at higher levels and resulted in a panic. We can just return the short write directly from the p9 call without ErrShortWrite. PiperOrigin-RevId: 342960441
2020-11-17tmpfs: make sure that a dentry will not be destroyed before the open() callAndrei Vagin
If we don't hold a reference, the dentry can be destroyed by another thread. Reported-by: syzbot+f2132e50060c41f6d41f@syzkaller.appspotmail.com PiperOrigin-RevId: 342951940
2020-11-17Add support for TTY in multi-containerFabricio Voznika
Fixes #2714 PiperOrigin-RevId: 342950412
2020-11-17Add per-sniffer instance log prefixBruno Dal Bo
A prefix associated with a sniffer instance can help debug situations where more than one NIC (i.e. more than one sniffer) exists. PiperOrigin-RevId: 342950027
2020-11-17Add consistent precondition formatting for verityChong Cai
Also add the lock order for verity fs, and add a lock to protect dentry hash. PiperOrigin-RevId: 342946537
2020-11-17Merge pull request #4836 from lubinszARM:pr_exception_el0_el1gVisor bot
PiperOrigin-RevId: 342943430
2020-11-17Fix possible deadlock in UDP.Write().Bhasker Hariharan
In UDP endpoint.Write() sendUDP is called with e.mu Rlocked. But if this happens to send a datagram over loopback which ends up generating an ICMP response of say ErrNoPortReachable, the handling of the response in HandleControlPacket also acquires e.mu using RLock. This is mostly fine unless there is a competing caller trying to acquire e.mu in exclusive mode using Lock(). This will deadlock as a caller waiting in Lock() disallows an new RLocks() to ensure it can actually acquire the Lock. This is documented here https://golang.org/pkg/sync/#RWMutex. This change releases the endpoint mutex before calling sendUDP to resolve the possibility of the deadlock. Reported-by: syzbot+537989797548c66e8ee3@syzkaller.appspotmail.com Reported-by: syzbot+eb0b73b4ab486f7673ba@syzkaller.appspotmail.com PiperOrigin-RevId: 342894148
2020-11-17Fix SO_ERROR behavior for TCP in gVisor.Bhasker Hariharan
Fixes the behaviour of SO_ERROR for tcp sockets where in linux it returns sk->sk_err and if sk->sk_err is 0 then it returns sk->sk_soft_err. In gVisor TCP we endpoint.HardError is the equivalent of sk->sk_err and endpoint.LastError holds soft errors. This change brings this into alignment with Linux such that both hard/soft errors are cleared when retrieved using getsockopt(.. SO_ERROR) is called on a socket. Fixes #3812 PiperOrigin-RevId: 342868552
2020-11-17arm64 kvm: optimize all fpsimd related codeRobin Luk
Optimize and bug fix all fpsimd related code. Signed-off-by: Robin Luk <lubin.lu@antgroup.com>
2020-11-17arm64 kvm: add the processing functions for all el0/el1 exceptionsRobin Luk
I added 2 unified processing functions for all exceptions of el/el0 Signed-off-by: Robin Luk <lubin.lu@antgroup.com>
2020-11-16Minor flipcall refactoring.Jamie Liu
PiperOrigin-RevId: 342768550
2020-11-16Reset watchdog timer between sendfile() iterations.Jamie Liu
As part of this, change Task.interrupted() to not drain Task.interruptChan, and do so explicitly using new function Task.unsetInterrupted() instead. PiperOrigin-RevId: 342768365
2020-11-16Allow RLIMIT_RSS to be setFabricio Voznika
Closes #4746 PiperOrigin-RevId: 342747165
2020-11-16Remove ARP address workaroundGhanan Gowripalan
- Make AddressableEndpoint optional for NetworkEndpoint. Not all NetworkEndpoints need to support addressing (e.g. ARP), so AddressableEndpoint should only be implemented for protocols that support addressing such as IPv4 and IPv6. With this change, tcpip.ErrNotSupported will be returned by the stack when attempting to modify addresses on a network endpoint that does not support addressing. Now that packets are fully handled at the network layer, and (with this change) addresses are optional for network endpoints, we no longer need the workaround for ARP where a fake ARP address was added to each NIC that performs ARP so that packets would be delivered to the ARP layer. PiperOrigin-RevId: 342722547
2020-11-16Clean up fragmentation.ProcessToshi Kikuchi
- Pass a PacketBuffer directly instead of releaseCB - No longer pass a VectorisedView, which is included in the PacketBuffer - Make it an error if data size is not equal to (last - first + 1) - Set the callback for the reassembly timeout on NewFragmentation PiperOrigin-RevId: 342702432
2020-11-16Automated rollback of changelist 342312166Bhasker Hariharan
PiperOrigin-RevId: 342700744
2020-11-16Automated rollback of changelist 340274194Dean Deng
PiperOrigin-RevId: 342669574
2020-11-13Log task goroutine IDs in the sentry watchdog.Jamie Liu
PiperOrigin-RevId: 342373580
2020-11-13Requested Comment/Message wording changesJulian Elischer
PiperOrigin-RevId: 342366891
2020-11-13Check for misuse of kernel.Task as context.Context.Jamie Liu
Checks in Task.block() and Task.Value() are conditional on race detection being enabled, since these functions are relatively hot. Checks in Task.SleepStart() and Task.UninterruptibleSleepStart() are enabled unconditionally, since these functions are not thought to lie on any critical paths, and misuse of these functions is required for b/168241471 to manifest. PiperOrigin-RevId: 342342175
2020-11-13Have fuse.DeviceFD hold reference on fuse.filesystem.Jamie Liu
This is actually just b/168751672 again; cl/332394146 was incorrectly reverted by cl/341411151. Document the reference holder to reduce the likelihood that this happens again. Also document a few other bugs observed in the process. PiperOrigin-RevId: 342339144
2020-11-13RACK: Detect DSACKNayana Bidari
Detect if the ACK is a duplicate and update in RACK. PiperOrigin-RevId: 342332569
2020-11-13Decrement TTL/Hop Limit when forwarding IP packetsGhanan Gowripalan
If the packet must no longer be forwarded because its TTL/Hop Limit reaches 0, send an ICMP Time Exceeded error to the source. Required as per relevant RFCs. See comments in code for RFC references. Fixes #1085 Tests: - ipv4_test.TestForwarding - ipv6.TestForwarding PiperOrigin-RevId: 342323610
2020-11-13Refactor loss recovery in TCP.Nayana Bidari
The current implementation of loss recovery algorithms SACK and NewReno are in the same file(snd.go). The functions have multiple checks to see which one is currently used by the endpoint. This CL will refactor and separate the implementation of existing recovery algorithms which will help us to implement new recovery algorithms(such as RACK) with less changes to the existing code. There is no change in the behavior. PiperOrigin-RevId: 342312166
2020-11-13Automated rollback of changelist 341640485Dean Deng
PiperOrigin-RevId: 342297902