summaryrefslogtreecommitdiffhomepage
path: root/test/syscalls/linux
AgeCommit message (Collapse)Author
2019-06-06Internal change.Googler
PiperOrigin-RevId: 251902567
2019-06-05Shutdown host sockets on internal shutdownMichael Pratt
This is required to make the shutdown visible to peers outside the sandbox. The readClosed / writeClosed fields were dropped, as they were preventing a shutdown socket from reading the remainder of queued bytes. The host syscalls will return the appropriate errors for shutdown. The control message tests have been split out of socket_unix.cc to make the (few) remaining tests accessible to testing inherited host UDS, which don't support sending control messages. Updates #273 PiperOrigin-RevId: 251763060
2019-06-05Adjust route when looping multicast packetsChris Kuiper
Multicast packets are special in that their destination address does not identify a specific interface. When sending out such a packet the multicast address is the remote address, but for incoming packets it is the local address. Hence, when looping a multicast packet, the route needs to be tweaked to reflect this. PiperOrigin-RevId: 251739298
2019-06-05Give test instantiations meaningful names.Ian Gudger
PiperOrigin-RevId: 251737069
2019-06-05Implement dumpability tracking and checksMichael Pratt
We don't actually support core dumps, but some applications want to get/set dumpability, which still has an effect in procfs. Lack of support for set-uid binaries or fs creds simplifies things a bit. As-is, processes started via CreateProcess (i.e., init and sentryctl exec) have normal dumpability. I'm a bit torn on whether sentryctl exec tasks should be dumpable, but at least since they have no parent normal UID/GID checks should protect them. PiperOrigin-RevId: 251712714
2019-06-03gvisor/sock/unix: pass creds when a message is sent between unconnected socketsAndrei Vagin
and don't report a sender address if it doesn't have one PiperOrigin-RevId: 251371284
2019-06-03Remove duplicate socket testsMichael Pratt
socket_unix_abstract.cc: Subset of socket_abstract.cc socket_unix_filesystem.cc: Subset of socket_filesystem.cc PiperOrigin-RevId: 251297117
2019-05-30Add VmData field to /proc/{pid}/statuschris.zn
VmData is the size of private data segments. It has the same meaning as in Linux. Change-Id: Iebf1ae85940a810524a6cde9c2e767d4233ddb2a PiperOrigin-RevId: 250593739
2019-05-30gvisor: socket() returns EPROTONOSUPPORT if protocol is not supportedAndrei Vagin
PiperOrigin-RevId: 250426407
2019-05-30Always wait on tracee childrenMichael Pratt
After bf959931ddb88c4e4366e96dd22e68fa0db9527c ("wait/ptrace: assume __WALL if the child is traced") (Linux 4.7), tracees are always eligible for waiting, regardless of type. PiperOrigin-RevId: 250399527
2019-05-24Extract SleepSafe from test_utilTamir Duberstein
Allows socket tests that rely on test_util to compile on Fuchsia. PiperOrigin-RevId: 249884084 Change-Id: I17617e3f1baaba4c85c689f40db4a42a8de1597e
2019-05-22Add WCLONE / WALL support to waitidMichael Pratt
The previous commit adds WNOTHREAD support to waitid, so we may as well complete the upstream change. Linux added WCLONE, WALL, WNOTHREAD support to waitid(2) in 91c4e8ea8f05916df0c8a6f383508ac7c9e10dba ("wait: allow sys_waitid() to accept __WNOTHREAD/__WCLONE/__WALL"). i.e., Linux 4.7. PiperOrigin-RevId: 249560587 Change-Id: Iff177b0848a3f7bae6cb5592e44500c5a942fbeb
2019-05-22Add support for wait(WNOTHREAD)Michael Pratt
PiperOrigin-RevId: 249537694 Change-Id: Iaa4bca73a2d8341e03064d59a2eb490afc3f80da
2019-05-22UDP and TCP raw socket support.Kevin Krakauer
PiperOrigin-RevId: 249511348 Change-Id: I34539092cc85032d9473ff4dd308fc29dc9bfd6b
2019-05-21Clean up pipe internals and add fcntl supportAdin Scannell
Pipe internals are made more efficient by avoiding garbage collection. A pool is now used that can be shared by all pipes, and buffers are chained via an intrusive list. The documentation for pipe structures and methods is also simplified and clarified. The pipe tests are now parameterized, so that they are run on all different variants (named pipes, small buffers, default buffers). The pipe buffer sizes are exposed by fcntl, which is now supported by this change. A size change test has been added to the suite. These new tests uncovered a bug regarding the semantics of open named pipes with O_NONBLOCK, which is also fixed by this CL. This fix also addresses the lack of the O_LARGEFILE flag for named pipes. PiperOrigin-RevId: 249375888 Change-Id: I48e61e9c868aedb0cadda2dff33f09a560dee773
2019-05-21Fix inconsistencies in ELF anonymous mappingsMichael Pratt
* A segment with filesz == 0, memsz > 0 should be an anonymous only mapping. We were failing to load such an ELF. * Anonymous pages are always mapped RW, regardless of the segment protections. PiperOrigin-RevId: 249355239 Change-Id: I251e5c0ce8848cf8420c3aadf337b0d77b1ad991
2019-05-21Add basic plumbing for splice and stub implementation.Adin Scannell
This does not actually implement an efficient splice or sendfile. Rather, it adds a generic plumbing to the file internals so that this can be added. All file implementations use the stub fileutil.NoSplice implementation, which causes sendfile and splice to fall back to an internal copy. A basic splice system call interface is added, along with a test. PiperOrigin-RevId: 249335960 Change-Id: Ic5568be2af0a505c19e7aec66d5af2480ab0939b
2019-05-20Fix incorrect tmpfs timestamp updatesMichael Pratt
* Creation of files, directories (and other fs objects) in a directory should always update ctime. * Same for removal. * atime should not be updated on lookup, only readdir. I've also renamed some misleading functions that update mtime and ctime. PiperOrigin-RevId: 249115063 Change-Id: I30fa275fa7db96d01aa759ed64628c18bb3a7dc7
2019-05-17Fix gofer rename ctime and cleanup stat_times testMichael Pratt
There is a lot of redundancy that we can simplify in the stat_times test. This will make it easier to add new tests. However, the simplification reveals that cached uattrs on goferfs don't properly update ctime on rename. PiperOrigin-RevId: 248773425 Change-Id: I52662728e1e9920981555881f9a85f9ce04041cf
2019-05-16Add test for duplicate proc entries.Ian Gudger
The issue with duplicate /proc/sys entries seems to have been fixed in: PiperOrigin-RevId 229305982 Git hash dc8450b5676d4c4ac9bcfa23cabd862e0060527d Fixes google/gvisor#125 PiperOrigin-RevId: 248571903 Change-Id: I76ff3b525c93dafb92da6e5cf56e440187f14579
2019-05-10Modernize mknod testMichael Pratt
PiperOrigin-RevId: 247704588 Change-Id: I1e63e2b310145695fbe38429b91e44d72473fcd6
2019-05-09Implement fallocate(2)Fabricio Voznika
Closes #225 PiperOrigin-RevId: 247508791 Change-Id: I04f47cf2770b30043e5a272aba4ba6e11d0476cc
2019-05-08Fix types that are subtly incorrect.Googler
PiperOrigin-RevId: 247294093 Change-Id: Iac8c76e50bbc15c240ae7da7f5786f9968e7057c
2019-05-05Fix raw socket behavior and tests.Kevin Krakauer
Some behavior was broken due to the difficulty of running automated raw socket tests. Change-Id: I152ca53916bb24a0208f2dc1c4f5bc87f4724ff6 PiperOrigin-RevId: 246747067
2019-05-03gvisor: run bazel in a docker containerAndrei Vagin
bazel has a lot of dependencies and users don't want to install them just to build gvisor. These changes allows to run bazel in a docker container. A bazel cache is on the local file system (~/.cache/bazel), so incremental builds should be fast event after recreating a bazel container. Here is an example how to build runsc: make BAZEL_OPTIONS="build runsc:runsc" bazel Change-Id: I8c0a6d0c30e835892377fb6dd5f4af7a0052d12a PiperOrigin-RevId: 246570877
2019-05-03Skip flaky ClockGettime.CputimeId take 2Fabricio Voznika
The test also times out when GCE machine has 2 CPUs. I cannot repro it locally with a 2 CPU cgroup though. Let's skip the test when there are 2 CPUs to stop the flakiness and retest it once the fix is available. PiperOrigin-RevId: 246523363 Change-Id: I9d9d922a5be3aa7bc91dff5a1807ca99f3f4a4f9
2019-05-03Proper cleanup of sockets that used REUSEPORTChris Kuiper
Fixed a small logic error that broke proper accounting of MultiPortEndpoints. PiperOrigin-RevId: 246502126 Change-Id: I1a7d6ea134f811612e545676212899a3707bc2c2
2019-05-02Support reception of multicast data on more than one socketChris Kuiper
This requires two changes: 1) Support for more than one socket to join a given multicast group. 2) Duplicate delivery of incoming multicast packets to all sockets listening for it. In addition, I tweaked the code (and added a test) to disallow duplicates IP_ADD_MEMBERSHIP calls for the same group and NIC. This is how Linux does it. PiperOrigin-RevId: 246437315 Change-Id: Icad8300b4a8c3f501d9b4cd283bd3beabef88b72
2019-05-02Replace dynamic macros with constants in memfd test.Kevin Krakauer
PiperOrigin-RevId: 246433167 Change-Id: Idb9b6c20ee1da193176288dfd2f9d85ec0e69c54
2019-04-29Implement the MSG_CTRUNC msghdr flag for Unix sockets.Ian Gudger
Updates google/gvisor#206 PiperOrigin-RevId: 245880573 Change-Id: Ifa715e98d47f64b8a32b04ae9378d6cd6bd4025e
2019-04-29Skip flaky ClockGettime.CputimeIdFabricio Voznika
Test times out when it runs on a single core. Skip until the bug in the Go runtime is fixed. PiperOrigin-RevId: 245866466 Change-Id: Ic3e72131c27136d58b71f6b11acc78abf55895d4
2019-04-29Change copyright notice to "The gVisor Authors"Michael Pratt
Based on the guidelines at https://opensource.google.com/docs/releasing/authors/. 1. $ rg -l "Google LLC" | xargs sed -i 's/Google LLC.*/The gVisor Authors./' 2. Manual fixup of "Google Inc" references. 3. Add AUTHORS file. Authors may request to be added to this file. 4. Point netstack AUTHORS to gVisor AUTHORS. Drop CONTRIBUTORS. Fixes #209 PiperOrigin-RevId: 245823212 Change-Id: I64530b24ad021a7d683137459cafc510f5ee1de9
2019-04-29Allow and document bug ids in gVisor codebase.Nicolas Lacasse
PiperOrigin-RevId: 245818639 Change-Id: I03703ef0fb9b6675955637b9fe2776204c545789
2019-04-29Appease googletest deprecationTamir Duberstein
PiperOrigin-RevId: 245788366 Change-Id: I17bbecf8493132dbe95564c34c45b838194bfabb
2019-04-29createAt should return all errors from FindInode except ENOENT.Nicolas Lacasse
Previously, createAt was eating all errors from FindInode except for EACCES and proceeding with the creation. This is incorrect, as FindInode can return many other errors (like ENAMETOOLONG) that should stop creation. This CL changes createAt to return all errors encountered except for ENOENT, which we can ignore because we are about to create the thing. PiperOrigin-RevId: 245773222 Change-Id: I1b317021de70f0550fb865506f6d8147d4aebc56
2019-04-26Remove syscall tests' dependency on glogTamir Duberstein
PiperOrigin-RevId: 245469859 Change-Id: I0610e477cc3a884275852e83028ecfb501f2c039
2019-04-26Fix reference counting bug in /proc/PID/fdinfo/.Kevin Krakauer
PiperOrigin-RevId: 245452217 Change-Id: I7164d8f57fe34c17e601079eb9410a6d95af1869
2019-04-26Change name of sticky test arg.Kevin Krakauer
PiperOrigin-RevId: 245451875 Change-Id: Icee2c4ed74564e77454c60d60f456454443ccadf
2019-04-25Don't enforce NAME_MAX in fs.Dirent.walk().Jamie Liu
Maximum filename length is filesystem-dependent, and obtained via statfs::f_namelen. This limit is usually 255 bytes (NAME_MAX), but not always. For example, VFAT supports filenames of up to 255... UCS-2 characters, which Linux conservatively takes to mean UTF-8-encoded bytes: fs/fat/inode.c:fat_statfs(), FAT_LFN_LEN * NLS_MAX_CHARSET_SIZE. As a result, Linux's VFS does not enforce NAME_MAX: $ rg --maxdepth=1 '\WNAME_MAX\W' fs/ include/linux/ fs/libfs.c 38: buf->f_namelen = NAME_MAX; 64: if (dentry->d_name.len > NAME_MAX) include/linux/relay.h 74: char base_filename[NAME_MAX]; /* saved base filename */ include/linux/fscrypt.h 149: * filenames up to NAME_MAX bytes, since base64 encoding expands the length. include/linux/exportfs.h 176: * understanding that it is already pointing to a a %NAME_MAX+1 sized Remove this check from core VFS, and add it to ramfs (and by extension tmpfs), where it is actually applicable: mm/shmem.c:shmem_dir_inode_operations.lookup == simple_lookup *does* enforce NAME_MAX. PiperOrigin-RevId: 245324748 Change-Id: I17567c4324bfd60e31746a5270096e75db963fac
2019-04-25s,sys/poll.h/,poll.h,gTamir Duberstein
See https://git.musl-libc.org/cgit/musl/tree/include/sys/poll.h PiperOrigin-RevId: 245312375 Change-Id: If749ae3f94ccedc82eb6b594b32155924a354b58
2019-04-24Add Unix socket tests for the MSG_CTRUNC msghdr flag.Ian Gudger
TCP tests and the implementation will come in followup CLs. Updates google/gvisor#206 Updates google/gvisor#207 PiperOrigin-RevId: 245121470 Change-Id: Ib50b62724d3ba0cbfb1374e1f908798431ee2b21
2019-04-22Bugfix: fix fstatat symbol link to dirWei Zhang
For a symbol link to some directory, eg. `/tmp/symlink -> /tmp/dir` `fstatat("/tmp/symlink")` should return symbol link data, but `fstatat("/tmp/symlink/")` (symlink with trailing slash) should return directory data it points following linux behaviour. Currently fstatat() a symlink with trailing slash will get "not a directory" error which is wrong. Signed-off-by: Wei Zhang <zhangwei198900@gmail.com> Change-Id: I63469b1fb89d083d1c1255d32d52864606fbd7e2 PiperOrigin-RevId: 244783916
2019-04-19tcpip/transport/tcp: read side only shutdown of an endpointBen Burkert
Support shutdown on only the read side of an endpoint. Reads performed after a call to Shutdown with only the ShutdownRead flag will return ErrClosedForReceive without data. Break out the shutdown(2) with SHUT_RD syscall test into to two tests. The first tests that no packets are sent when shutting down the read side of a socket. The second tests that, after shutting down the read side of a socket, unread data can still be read, or an EOF if there is no more data to read. Change-Id: I9d7c0a06937909cbb466b7591544a4bcaebb11ce PiperOrigin-RevId: 244459430
2019-04-19Add support for the MSG_TRUNC msghdr flag.Ian Gudger
The MSG_TRUNC flag is set in the msghdr when a message is truncated. Fixes google/gvisor#200 PiperOrigin-RevId: 244440486 Change-Id: I03c7d5e7f5935c0c6b8d69b012db1780ac5b8456
2019-04-18Keep symlink target open while in test that compares inode ids.Nicolas Lacasse
Inode ids are only guaranteed to be stable across save/restore if the file is held open. This CL fixes a simple stat test to allow it to compare symlink and target by inode id, as long as the link target is held open. PiperOrigin-RevId: 244238343 Change-Id: I74c5115915b1cc032a4c16515a056a480f218f00
2019-04-17Don't allow sigtimedwait to catch unblockable signalsMichael Pratt
The existing logic attempting to do this is incorrect. Unary ^ has higher precedence than &^, so mask always has UnblockableSignals cleared, allowing dequeueSignalLocked to dequeue unblockable signals (which allows userspace to ignore them). Switch the logic so that unblockable signals are always masked. PiperOrigin-RevId: 244058487 Change-Id: Ib19630ac04068a1fbfb9dc4a8eab1ccbdb21edc3
2019-04-17Use FD limit and file size limit from hostFabricio Voznika
FD limit and file size limit is read from the host, instead of using hard-coded defaults, given that they effect the sandbox process. Also limit the direct cache to use no more than half if the available FDs. PiperOrigin-RevId: 244050323 Change-Id: I787ad0fdf07c49d589e51aebfeae477324fe26e6
2019-04-10Internal changeMichael Pratt
PiperOrigin-RevId: 242978508 Change-Id: I0ea59ac5ba1dd499e87c53f2e24709371048679b
2019-04-10rlimits test: don't exceed nr_open.Kevin Krakauer
Even superuser cannot raise RLIMIT_NOFILE above /proc/sys/fs/nr_open, so start the test by lowering the limits before raising. Change-Id: Ied6021c64178a6cb9098088a1a3384db523a226f PiperOrigin-RevId: 242965249
2019-04-10Allow threads with CAP_SYS_RESOURCE to raise hard rlimits.Kevin Krakauer
PiperOrigin-RevId: 242919489 Change-Id: Ie3267b3bcd8a54b54bc16a6556369a19e843376f