Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 292369598
|
|
Splice must not allow negative offsets. Writes also must not allow offset +
size to overflow int64. Reads are similarly broken, but not just in splice
(b/148095030).
Reported-by: syzbot+0e1ff0b95fb2859b4190@syzkaller.appspotmail.com
PiperOrigin-RevId: 292361208
|
|
When sending NDP messages with an unspecified source address, the Source
Link Layer address must not be included.
Test: stack_test.TestDADResolve
PiperOrigin-RevId: 292341334
|
|
Do not start a new goroutine when calling
stack.NDPDispatcher.OnDuplicateAddressDetectionStatus.
PiperOrigin-RevId: 292268574
|
|
PiperOrigin-RevId: 292233574
|
|
Updates #1480
PiperOrigin-RevId: 292180192
|
|
For amd64, this has been done on cl/288342928.
PiperOrigin-RevId: 292170856
|
|
PiperOrigin-RevId: 292165063
|
|
For test case 'TestBounce', we use KVM_SET_VCPU_EVENTS to trigger sError
to leave guest.
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
Currently, Send() will copy data into a new byte slice without regard to the
original size. Size checks should be performed before the allocation takes
place.
Note that for the sake of performance, we avoid putting the buffer
allocation into the critical section. As a result, the size checks need to be
performed again within Enqueue() in case the limit has changed.
PiperOrigin-RevId: 292058147
|
|
WritableSource is a convenience interface used for files that can
be written to, e.g. /proc/net/ipv4/tpc_sack. It reads max of 4KB
and only from offset 0 which should cover most cases. It can be
extended as neeed.
Updates #1195
PiperOrigin-RevId: 292056924
|
|
Updates #1487
Updates #1623
PiperOrigin-RevId: 292040835
|
|
Update link address for senders of NDP Neighbor Solicitations when the NS
contains an NDP Source Link Layer Address option.
Tests:
- ipv6.TestNeighorSolicitationWithSourceLinkLayerOption
- ipv6.TestNeighorSolicitationWithInvalidSourceLinkLayerOption
PiperOrigin-RevId: 292028553
|
|
FD table now holds both VFS1 and VFS2 types and uses the correct
one based on what's set.
Parts of this CL are just initial changes (e.g. sys_read.go,
runsc/main.go) to serve as a template for the remaining changes.
Updates #1487
Updates #1623
PiperOrigin-RevId: 292023223
|
|
PiperOrigin-RevId: 292021389
|
|
Test: stack_test.TestDADResolve
PiperOrigin-RevId: 292003124
|
|
Special files can have additional requirements for granularity.
For example, read from eventfd returns EINVAL if a size is less 8 bytes.
Reported-by: syzbot+3905f5493bec08eb7b02@syzkaller.appspotmail.com
PiperOrigin-RevId: 292002926
|
|
PiperOrigin-RevId: 291997879
|
|
Test command:
$ ip route get 1.1.1.1
Fixes: #1099
Signed-off-by: Jianfeng Tan <henry.tjf@antfin.com>
COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/1121 from tanjianfeng:fix-1099 e6919f3d4ede5aa51a48b3d2be0d7a4b482dd53d
PiperOrigin-RevId: 291990716
|
|
PiperOrigin-RevId: 291986033
|
|
This isn't in the libc wrapper, but it is in the syscall itself.
Discovered by @xiaobo55x in #1625.
PiperOrigin-RevId: 291973931
|
|
Tests:
- header.TestNDPSourceLinkLayerAddressOptionEthernetAddress
- header.TestNDPSourceLinkLayerAddressOptionSerialize
- header.TestNDPOptionsIterCheck
- header.TestNDPOptionsIter
PiperOrigin-RevId: 291856429
|
|
PiperOrigin-RevId: 291821850
|
|
In general, we've learned that logging must be avoided at all
costs in the hot path. It's unlikely that the optimizations
here were significant in any case, since buffer would certainly
escape.
This also adds a test to ensure that the caller identification
works as expected, and so that logging can be benchmarked.
Original:
BenchmarkGoogleLogging-6 1222255 949 ns/op
With this change:
BenchmarkGoogleLogging-6 517323 2346 ns/op
Fixes #184
PiperOrigin-RevId: 291815420
|
|
Because the abi will depend on the core types for marshalling (usermem,
context, safemem, safecopy), these need to be flattened from the sentry
directory. These packages contain no sentry-specific details.
PiperOrigin-RevId: 291811289
|
|
PiperOrigin-RevId: 291803499
|
|
The preferred Copyright holder is "The gVisor Authors".
PiperOrigin-RevId: 291786657
|
|
Fixes #1656
PiperOrigin-RevId: 291777279
|
|
PiperOrigin-RevId: 291774815
|
|
This is to aid later implementation for /dev/net/tun device.
PiperOrigin-RevId: 291746025
|
|
PiperOrigin-RevId: 291745021
|
|
gonet.Conn can be created with both gonet.NewConn and gonet.Dial.
gonet.PacketConn was created only by gonet.DialUDP. This prevented
us from being able to use PacketConn in udp.NewForwarder() context.
This simple constructor - NewPacketConn, allows user to create
correct structure from that context.
|
|
Fixes #1656
PiperOrigin-RevId: 291703760
|
|
Checksum computation is one of the most expensive bits of
packet processing. Manual unrolling of the loop provides
significant improvement in checksum speed.
Updates #1656
BenchmarkChecksum/checksum_64-12 49834124 23.6 ns/op
BenchmarkChecksum/checksum_128-12 27111997 44.1 ns/op
BenchmarkChecksum/checksum_256-12 11416683 91.5 ns/op
BenchmarkChecksum/checksum_512-12 6375298 174 ns/op
BenchmarkChecksum/checksum_1024-12 3403852 338 ns/op
BenchmarkChecksum/checksum_1500-12 2343576 493 ns/op
BenchmarkChecksum/checksum_2048-12 1730521 656 ns/op
BenchmarkChecksum/checksum_4096-12 920469 1327 ns/op
BenchmarkChecksum/checksum_8192-12 445885 2637 ns/op
BenchmarkChecksum/checksum_16384-12 226342 5268 ns/op
BenchmarkChecksum/checksum_32767-12 114210 10503 ns/op
BenchmarkChecksum/checksum_32768-12 99138 10610 ns/op
BenchmarkChecksum/checksum_65535-12 53438 21158 ns/op
BenchmarkChecksum/checksum_65536-12 52993 21067 ns/op
BenchmarkUnrolledChecksum/checksum_64-12 61035639 19.1 ns/op
BenchmarkUnrolledChecksum/checksum_128-12 36067015 33.6 ns/op
BenchmarkUnrolledChecksum/checksum_256-12 19731220 60.4 ns/op
BenchmarkUnrolledChecksum/checksum_512-12 9091291 116 ns/op
BenchmarkUnrolledChecksum/checksum_1024-12 4976406 226 ns/op
BenchmarkUnrolledChecksum/checksum_1500-12 3685224 328 ns/op
BenchmarkUnrolledChecksum/checksum_2048-12 2579108 447 ns/op
BenchmarkUnrolledChecksum/checksum_4096-12 1350475 887 ns/op
BenchmarkUnrolledChecksum/checksum_8192-12 658248 1780 ns/op
BenchmarkUnrolledChecksum/checksum_16384-12 335869 3534 ns/op
BenchmarkUnrolledChecksum/checksum_32767-12 168650 7095 ns/op
BenchmarkUnrolledChecksum/checksum_32768-12 168075 7098 ns/op
BenchmarkUnrolledChecksum/checksum_65535-12 75085 14277 ns/op
BenchmarkUnrolledChecksum/checksum_65536-12 75921 14127 ns/op
PiperOrigin-RevId: 291643290
|
|
PiperOrigin-RevId: 291471892
|
|
PiperOrigin-RevId: 291426657
|
|
Note that in VFS2, filesystem device numbers are per-vfs.FilesystemImpl rather
than global, avoiding the need for a "registry" type to handle save/restore.
(This is more consistent with Linux anyway: compare e.g.
mm/shmem.c:shmem_mount() => fs/super.c:mount_nodev() => (indirectly)
set_anon_super().)
PiperOrigin-RevId: 291425193
|
|
Increase the timeout to 1s when waiting for async NDP events to help
reduce flakiness. This will not significantly increase test times as the
async events continue to receive an event on a channel. The increased
timeout allows more time for an event to be sent on the channel as the
previous timeout of 100ms caused some flakes.
Test: Existing tests pass
PiperOrigin-RevId: 291420936
|
|
Go 1.14+ sends SIGURG to Ms to attempt asynchronous preemption of a G. Since it
can't guarantee that a SIGURG is only related to preemption, it continues to
forward them to signal.Notify (see runtime.sighandler).
We should ignore these signals, as applications shouldn't receive them. Note
that this means that truly external SIGURG can no longer be sent to the
application (as with SIGCHLD).
PiperOrigin-RevId: 291415357
|
|
This pattern (delete from map when dropping) is also used in epoll.RemoveEntry,
and seems like generally a good idea.
PiperOrigin-RevId: 291268208
|
|
PiperOrigin-RevId: 291249314
|
|
The kernel may return EINTR from:
kvm_create_vm
kvm_init_mmu_notifier
mmu_notifier_register
do_mmu_notifier_register
mm_take_all_locks
Go 1.14's preemptive scheduling signals make hitting this much more likely.
PiperOrigin-RevId: 291212669
|
|
PiperOrigin-RevId: 291041576
|
|
- Wrap NIC's fields that should only be accessed while holding the mutex in
an anonymous struct with the embedded mutex.
- Make sure NIC's spoofing and promiscuous mode flags are only read while
holding the NIC's mutex.
- Use the correct endpoint when sending DAD messages.
- Do not hold the NIC's lock when sending DAD messages.
This change does not introduce any behaviour changes.
Tests: Existing tests continue to pass.
PiperOrigin-RevId: 291036251
|
|
PiperOrigin-RevId: 291019296
|
|
PiperOrigin-RevId: 291006713
|
|
|
|
*net.UDPAddr
PacketConn.LocalAddr() already returns *net.UDPAddr correctly.
|
|
Also renames TMutex to Mutex.
These custom mutexes aren't any worse than the standard library versions (same
code), so having both seems redundant.
PiperOrigin-RevId: 290873587
|
|
Updates #231
PiperOrigin-RevId: 290868875
|