Age | Commit message (Collapse) | Author |
|
Previously, any time a datagram-based network endpoint (e.g. UDP) was
bound, the bound NIC is always set based on the bound address (if
specified). However, we should only consider the endpoint bound to
an NIC if a NIC was explicitly bound to.
If an endpoint has been bound to an address and attempts to send packets
to an unconnected remote, the endpoint will default to sending packets
through the bound address' NIC if not explicitly bound to a NIC.
Updates #6565.
PiperOrigin-RevId: 396712415
|
|
Fixed a bug introduced in the following commit:
https://github.com/google/gvisor/commit/979d6e7d77b17e94defc29515180cc75d3560383
The commit introduced a bug which causes the recvmmsg dispatcher to never exit
as BlockingPoll is now called with two fds and poll will not return an error
anymore if one of the FD is closed. We need to explicitly check the events for
each FD to determine if the sentry FD is closed.
ReadV dispatcher does not have the same issue as Readv does not rely on sk_err
field of the underlying socket to determine if the socket is in an error
state. Recvmmsg OTOH seems to get confused and always returns EAGAIN if poll()
is called which queries the sk_err field and clears it.
PiperOrigin-RevId: 396676135
|
|
PiperOrigin-RevId: 396670516
|
|
...if bound to an address.
We previously checked the source of a packet instead of the destination
of a packet when bound to an address.
PiperOrigin-RevId: 396497647
|
|
PiperOrigin-RevId: 396476303
|
|
...as raw endpoints expect the packet's NICID to be set.
PiperOrigin-RevId: 396446552
|
|
Setting the ToS for IPv4 packets (SOL_IP, IP_TOS) should not affect the
Traffic Class of IPv6 packets (SOL_IPV6, IPV6_TCLASS).
Also only return the ToS value XOR Traffic Class as a packet cannot be
both an IPv4 and an IPv6 packet; It is invalid to return both the IPv4
ToS and IPv6 Traffic Class control messages when reading packets.
Updates #6389.
PiperOrigin-RevId: 396399096
|
|
Fixes #6558
PiperOrigin-RevId: 396393293
|
|
PiperOrigin-RevId: 396042572
|
|
Previously, gVisor did not represent loopback devices as an ethernet
device as Linux does. To maintain Linux API compatibility for packet
sockets, a workaround was used to add an ethernet header if a link
header was not already present in the packet buffer delivered to a
packet endpoint.
However, this workaround is a bug for non-ethernet based interfaces; not
all links use an ethernet header (e.g. pure L3/TUN interfaces).
As of 3b4bb947517d0d9010120aaa1c3989fd6abf278e, gVisor represents
loopback devices as an ethernet-based device so this workaround can
now be removed.
BUG: https://fxbug.dev/81592
Updates #6530, #6531.
PiperOrigin-RevId: 395819151
|
|
PiperOrigin-RevId: 395809193
|
|
This change removes NetworkDispatcher.DeliverOutboundPacket.
Since all packet writes go through the NIC (the only NetworkDispatcher),
we can deliver outgoing packets to interested packet endpoints before
writing the packet to the link endpoint as the stack expects that all
packets that get delivered to a link endpoint are transmitted on the
wire. That is, link endpoints no longer need to let the stack know when
it writes a packet as the stack already knows about the packet it writes
through a link endpoint.
PiperOrigin-RevId: 395761629
|
|
PiperOrigin-RevId: 395338926
|
|
PiperOrigin-RevId: 395325998
|
|
This defines common infrastructure for dynamically-configured security checks,
including an example usage in the clone(2) path.
PiperOrigin-RevId: 394797270
|
|
PiperOrigin-RevId: 394560866
|
|
If we want to take two endpoint locks, we need to be sure that we always
take them in the same order.
Accept() locks the listening endpoint to work with acceptedChan and then
it calls GetLocalAddress that locks an accepted endpoint. Actually, we
can release the listening endpoint lock before calling GetLocalAddress.
Reported-by: syzbot+f52bd603f51a4ae91054@syzkaller.appspotmail.com
PiperOrigin-RevId: 394553823
|
|
...through the loopback interface, only.
This change only supports sending on packet sockets through the loopback
interface as the loopback interface is the only interface used in packet
socket syscall tests - the other link endpoints are not excercised with
the existing test infrastructure.
Support for sending on packet sockets through the other interfaces will
be added as needed.
BUG: https://fxbug.dev/81592
PiperOrigin-RevId: 394368899
|
|
For a small receive buffer the first out-of-order segment will get accepted and
fill up the receive buffer today. This change now includes the size of the
out-of-order segment when checking whether to queue the out of order segment or
not.
PiperOrigin-RevId: 394351309
|
|
...from the UDP endpoint.
Datagram-based transport endpoints (e.g. UDP, RAW IP) can share a lot
of their write path due to the datagram-based nature of these endpoints.
Extract the common facilities from UDP so they can be shared with other
transport endpoints (in a later change).
Test: UDP syscall tests.
PiperOrigin-RevId: 394347774
|
|
PiperOrigin-RevId: 394331928
|
|
reflect.ValueOf takes an interface{}, so when passed a slice the compiler emits
a call to runtime.convTslice to heap-allocate a copy of the slice header.
PiperOrigin-RevId: 394310052
|
|
PiperOrigin-RevId: 394300607
|
|
PiperOrigin-RevId: 394296687
|
|
Reported-by: syzbot+1aab6800bd14829609b8@syzkaller.appspotmail.com
PiperOrigin-RevId: 394279838
|
|
PiperOrigin-RevId: 394261815
|
|
Fix syzcaller panic SIGBUS on error handling. Done by
adding an interface, errors.GuestError, which errors can
implement in order to be compared against each other.
PiperOrigin-RevId: 393867554
|
|
PiperOrigin-RevId: 393841270
|
|
PiperOrigin-RevId: 393831108
|
|
PiperOrigin-RevId: 393808461
|
|
Document this ordering in mm/mm.go.
PiperOrigin-RevId: 393413203
|
|
PiperOrigin-RevId: 393411409
|
|
...returning unsupported errors.
PiperOrigin-RevId: 393388991
|
|
... because it is still used by fuchsia.
PiperOrigin-RevId: 393246904
|
|
Remove freestanding functions that convert time values to raw integers;
centralize time->uint32 logic in methods on tcp.endpoint. Importantly,
the knowledge that TSVal is in milliseconds now lives in adjacent
functions rather than being spread around various files.
Incidental cleanup:
- Remove unused constant
- Remove redundant conversion
- Remove redundant parentheses
- Add missing error check
PiperOrigin-RevId: 393184768
|
|
PiperOrigin-RevId: 393104589
|
|
PiperOrigin-RevId: 393100095
|
|
PiperOrigin-RevId: 393095246
|
|
.. by advancing the clock so that NowMonotonic does not return 0.
PiperOrigin-RevId: 393005373
|
|
PiperOrigin-RevId: 393004533
|
|
PiperOrigin-RevId: 392982220
|
|
PiperOrigin-RevId: 392774712
|
|
Some tcp unit tests are affected by this change:
- Some retransmission tests assumed RTO=1s when connection is established. This
is no longer true because minRTO was set to 3s in tests so now RTO becomes 3s
after the first updateRTO call. Set minRTO=1s for these tests.
- Some RACK enabled tests are affected because now that RTT is initialized, and
the estimated RTT is quite small, spurious TLP might be sent out and causing
flakes, introduce an artificial delay for these tests so that the estimated
RTT is larger.
PiperOrigin-RevId: 392768725
|
|
PiperOrigin-RevId: 392554743
|
|
PiperOrigin-RevId: 392523879
|
|
Right now, the first slot starts with an address of a memory region and its size is faultBlockSize,
but the second slot starts with (physicalStart + faultBlockSize) & faultBlockMask.
It means they will overlap if a start address of a memory region are not aligned to faultBlockSize.
The kernel doesn't allow to add overlapped regions, but we ignore the EEXIST error.
Signed-off-by: Andrei Vagin <avagin@google.com>
|
|
PiperOrigin-RevId: 392102898
|
|
The old implementation was mostly correct but error prone - making way for the
issue in question here. In its error path, it would leak the intermediate file
being walked. Each return/break needed explicit cleanup.
This change implements a more clean way to cleaning up intermediate directories.
If the code were to evolve to be more complex, it would still work.
PiperOrigin-RevId: 392102826
|
|
We cannot hold mm.aioManager.mu while calling MUnmap, because MUnmap attempts
to aquire mm.mappingMu. This violates the lock order as documented in mm/mm.go.
PiperOrigin-RevId: 392102472
|
|
PiperOrigin-RevId: 392078690
|