Age | Commit message (Collapse) | Author |
|
Linux prevents setting `IP_MULTICAST_IF` to a device when
`SO_BINDTODEVICE` is set to another device. gVsior allows this.
PiperOrigin-RevId: 401267471
|
|
gVisor is a strong host, preventing packets from being sent from a
device using the another device's address as the source. Linux is a weak
host which allows this.
Updates #6686.
PiperOrigin-RevId: 401260128
|
|
PiperOrigin-RevId: 401251635
|
|
- Inline `IfAddrHelper` into its sole user
- Implement pretty-printing `sockaddr_ll`
- Make test class members private, add const accessors
- Log all interface addresses on SetUp for b/137899561
Simplify some things while I'm here.
PiperOrigin-RevId: 401112402
|
|
PiperOrigin-RevId: 400952164
|
|
PiperOrigin-RevId: 400258924
|
|
|
|
PiperOrigin-RevId: 398849334
|
|
Some /proc files are static in gVisor, but can be updated in native
linux. To test the values of these files, move them to a separate test
and run it using "container" tag to avoid faulty comparisons in native.
Since a separate IPC namespace is used, update shm comparisons to check
the actual value, not an interval.
|
|
An ICMP endpoint's write path can use the datagram-based endpoint.
Updates #6565.
Test: Datagram-based generic socket + ICMP/ping syscall tests.
PiperOrigin-RevId: 398539844
|
|
Fixes #6495
PiperOrigin-RevId: 398121921
|
|
Before this change, when a new connection was created after receiving
an ACK that matched a SYN-cookie, it was always delivered asynchronously
to the accept queue. There was a chance that the listening endpoint
would process a SYN from another client before the delivery happened,
and the listening endpoint would not know yet that the queue was about
to be full, once the delivery happened.
Now, when an ACK matching a SYN-cookie is received, the new endpoint is
created and moved to the accept queue synchronously, while holding the
accept lock.
Fixes #6545
PiperOrigin-RevId: 398107254
|
|
Updates #6621
PiperOrigin-RevId: 397898852
|
|
Once a packet socket is bound to a network protocol, it cannot be
unbound from that protocol; the network protocol binding may only be
updated to a different network protocol.
To comply with Linux.
PiperOrigin-RevId: 397810878
|
|
PiperOrigin-RevId: 397631833
|
|
...to change the network protocol a packet socket may receive packets
from.
This CL is a portion of an originally larger CL that was split with
https://github.com/google/gvisor/commit/a8ad692fd36cbaf7f5a6b9af39d601053dbee338
being the dependent CL. That CL (accidentally) included the change in
the endpoint's `afterLoad` method to take the required lock when
accessing the endpoint's netProto field. That change should have been in
this CL.
The CL that made the change mentioned in the commit message is
cl/396946187.
PiperOrigin-RevId: 397412582
|
|
...even protocols the stack is unaware of.
While I am here, annotate checklocks on stack.packetEndpointList.
PiperOrigin-RevId: 397226754
|
|
...so that a later change can add a new packet_socket syscall test
target that holds raw/dgram packet socket generic common tests. The
current packet_socket syscall test target holds tests specific to
dgram packet sockets.
While I am here, remove the defines for the packet_socket_raw_test
target as no code is guarded with `__linux__` in the target's sources.
PiperOrigin-RevId: 397217761
|
|
In the general case, files may have offsets between MaxInt64 and MaxUint64; in
Linux pgoff is consistently represented by an unsigned long, and in gVisor the
offset types in memmap.MappableRange are uint64. However, regular file mmap is
constrained to int64 offsets (on 64-bit systems) by
mm/mmap.c:file_mmap_size_max() => MAX_LFS_FILESIZE == LLONG_MAX.
As a related fix, check for chunkStart overflow in fsutil.HostFileMapper; chunk
offsets are uint64s, but as noted above some file types may use uint64 offsets
beyond MaxInt64.
Reported-by: syzbot+71342a1585aed97ed9f7@syzkaller.appspotmail.com
PiperOrigin-RevId: 397136751
|
|
...to match Linux behaviour.
Fixes #5711.
PiperOrigin-RevId: 397132671
|
|
...and EAFNOSUPPORT for unexpected address family.
To comply with Linux.
Updates #6021, #6575.
PiperOrigin-RevId: 396893590
|
|
A raw IP endpoint's write and socket option get/set path can use the
datagram-based endpoint.
This change extracts tests from UDP that may also run on Raw IP sockets.
Updates #6565.
Test: Raw IP + datagram-based socket syscall tests.
PiperOrigin-RevId: 396729727
|
|
Code to get the loopback interface's index is scattered throughout the
syscall tests. Implement the code once and use that in tests (where
applicable).
While I am here, trim the dependencies/includes for network namespace
tests.
PiperOrigin-RevId: 396718124
|
|
Previously, any time a datagram-based network endpoint (e.g. UDP) was
bound, the bound NIC is always set based on the bound address (if
specified). However, we should only consider the endpoint bound to
an NIC if a NIC was explicitly bound to.
If an endpoint has been bound to an address and attempts to send packets
to an unconnected remote, the endpoint will default to sending packets
through the bound address' NIC if not explicitly bound to a NIC.
Updates #6565.
PiperOrigin-RevId: 396712415
|
|
SOL_UDP is used when get/set-ing socket options to specify the socket
level. When creating normal UDP sockets, the protocol need not be
specified. When creating RAW IP sockets for UDP, use IPPROTO_UDP.
PiperOrigin-RevId: 396675986
|
|
...if bound to an address.
We previously checked the source of a packet instead of the destination
of a packet when bound to an address.
PiperOrigin-RevId: 396497647
|
|
Setting the ToS for IPv4 packets (SOL_IP, IP_TOS) should not affect the
Traffic Class of IPv6 packets (SOL_IPV6, IPV6_TCLASS).
Also only return the ToS value XOR Traffic Class as a packet cannot be
both an IPv4 and an IPv6 packet; It is invalid to return both the IPv4
ToS and IPv6 Traffic Class control messages when reading packets.
Updates #6389.
PiperOrigin-RevId: 396399096
|
|
Previously, gVisor did not represent loopback devices as an ethernet
device as Linux does. To maintain Linux API compatibility for packet
sockets, a workaround was used to add an ethernet header if a link
header was not already present in the packet buffer delivered to a
packet endpoint.
However, this workaround is a bug for non-ethernet based interfaces; not
all links use an ethernet header (e.g. pure L3/TUN interfaces).
As of 3b4bb947517d0d9010120aaa1c3989fd6abf278e, gVisor represents
loopback devices as an ethernet-based device so this workaround can
now be removed.
BUG: https://fxbug.dev/81592
Updates #6530, #6531.
PiperOrigin-RevId: 395819151
|
|
...through the loopback interface, only.
This change only supports sending on packet sockets through the loopback
interface as the loopback interface is the only interface used in packet
socket syscall tests - the other link endpoints are not excercised with
the existing test infrastructure.
Support for sending on packet sockets through the other interfaces will
be added as needed.
BUG: https://fxbug.dev/81592
PiperOrigin-RevId: 394368899
|
|
Reported-by: syzbot+1aab6800bd14829609b8@syzkaller.appspotmail.com
PiperOrigin-RevId: 394279838
|
|
These tests are permanently broken on Linux after 36e2c7421f02 "fs: don't allow
splice read/write without explicit ops".
PiperOrigin-RevId: 394161079
|
|
Fix syzcaller panic SIGBUS on error handling. Done by
adding an interface, errors.GuestError, which errors can
implement in order to be compared against each other.
PiperOrigin-RevId: 393867554
|
|
fixed and enabled SetForegroundProcessGroup and SetForegroundProcessGroupEmptyProcessGroup.
|
|
PiperOrigin-RevId: 392774712
|
|
PiperOrigin-RevId: 392760305
|
|
-Added a test to check if the process in background is blocking SIGTTOU
-Some minor formatting fixes
|
|
Earlier the tests were checking for equality of system-wide metrics before and
after some network related operations. That is inherently racy for native tests
because depending on the testing infrastructure, multiple tests might run
parallely hence trampling over each other's metrics.
Tests should only compare metrics that are increasing in nature. The comparison
should not be a hard comparison, instead a less-than/greater-than relation test.
I have changed the checks and also removed tests for tcpCurrEstab metric which
has "SYNTAX Gauge" and hence can not be tested reliably.
PiperOrigin-RevId: 391460081
|
|
PiperOrigin-RevId: 391416650
|
|
Test the correct sending of the SIGTTOU in setForegroundProcess
|
|
Add support for msgctl and enable tests.
Fixes #135
|
|
Updates #135
|
|
This is a new kernel feature that are controlled by the net.core.mibs_allocation
sysctl.
PiperOrigin-RevId: 391215784
|
|
PiperOrigin-RevId: 390399815
|
|
Send buffer size in TCP indicates the amount of bytes available for the sender
to transmit. This change will allow TCP to update the send buffer size when
- TCP enters established state.
- ACK is received.
The auto tuning is disabled when the send buffer size is set with the
SO_SNDBUF option.
PiperOrigin-RevId: 390312274
|
|
+ Do not check for CAP_NET_RAW on Fuchsia
Fuchsia does not support capabilities the same way Linux does. Instead
emulate the check for CAP_NET_RAW by checking if a packet socket may
be created.
Bug: https://fxbug.dev/79016, https://fxbug.dev/81592
PiperOrigin-RevId: 390263666
|
|
Allow creation and management of subcontainers through cgroupfs
directory syscalls. Also add a mechanism to specify a default root
container to start new jobs in.
This implements the filesystem support for subcontainers, but doesn't
implement hierarchical resource accounting or task migration.
PiperOrigin-RevId: 390254870
|
|
Previously, this check always failed because we did not provide MAP_SHARED
or MAP_PRIVATE.
PiperOrigin-RevId: 390251086
|
|
PiperOrigin-RevId: 390245901
|
|
Previous, this test was the same as OldnameIsEmpty. This CL makes the test check
what happens if the old name does not exist.
PiperOrigin-RevId: 390243070
|
|
+ Do not check for CAP_NET_RAW on Fuchsia
Fuchsia does not support capabilities the same way Linux does. Instead
emulate the check for CAP_NET_RAW by checking if a raw IP sockets may
be created.
PiperOrigin-RevId: 389663218
|