summaryrefslogtreecommitdiffhomepage
path: root/test/syscalls/linux
AgeCommit message (Collapse)Author
2019-07-16Internal change.gVisor bot
PiperOrigin-RevId: 258424489
2019-07-15Replace vector of arrays with array of arrays.Kevin Krakauer
C++ does not like vectors of arrays (because arrays are not copy-constructable). PiperOrigin-RevId: 258270980
2019-07-15Fix initialization of badhandler_low_water_mark in SigaltstackTest.Neel Natu
It is now correctly initialized to the top of the signal stack. Previously it was initialized to the address of 'stack.ss_sp' on the main thread stack. PiperOrigin-RevId: 258248363
2019-07-12Add IPPROTO_RAW, which allows raw sockets to write IP headers.Kevin Krakauer
iptables also relies on IPPROTO_RAW in a way. It opens such a socket to manipulate the kernel's tables, but it doesn't actually use any of the functionality. Blegh. PiperOrigin-RevId: 257903078
2019-07-12Stub out support for TCP_MAXSEG.Bhasker Hariharan
Adds support to set/get the TCP_MAXSEG value but does not really change the segment sizes emitted by netstack or alter the MSS advertised by the endpoint. This is currently being added only to unblock iperf3 on gVisor. Plumbing this correctly requires a bit more work which will come in separate CLs. PiperOrigin-RevId: 257859112
2019-07-12Merge pull request #282 from zhangningdlut:chris_test_procgVisor bot
PiperOrigin-RevId: 257855479
2019-07-09tss: block userspace access to all I/O ports.Liu Hua
A userspace process (CPL=3) can access an i/o port if the bit corresponding to the port is set to 0 in the I/O permission bitmap. Configure the I/O permission bitmap address beyond the last valid byte in the TSS so access to all i/o ports is blocked. Signed-off-by: Liu Hua <sdu.liu@huawei.com> Change-Id: I3df76980c3735491db768f7210e71703f86bb989 PiperOrigin-RevId: 257336518
2019-07-08Don't mask errors in createAt loop.Nicolas Lacasse
The error set in the loop in createAt was being masked by other errors declared with ":=". This allowed an ErrResolveViaReadlink error to escape, which can cause a sentry panic. Added test case which repros without the fix. PiperOrigin-RevId: 257061767
2019-07-03netstack/udp: connect with the AF_UNSPEC address family means disconnectAndrei Vagin
PiperOrigin-RevId: 256433283
2019-07-02Mark timers_test flaky because setrlimit(RLIMIT_CPU) is broken in some kernels.Neel Natu
https://bugzilla.redhat.com/show_bug.cgi?id=1568337 PiperOrigin-RevId: 256276198
2019-07-01Check remaining traversal limit when creating a file through a symlink.Nicolas Lacasse
This fixes the case when an app tries to create a file that already exists, and is a symlink to itself. A test was added. PiperOrigin-RevId: 256044811
2019-06-28Fix suggestions from clang.Nicolas Lacasse
PiperOrigin-RevId: 255679603
2019-06-27Complete pipe support on overlayfsFabricio Voznika
Get/Set pipe size and ioctl support were missing from overlayfs. It required moving the pipe.Sizer interface to fs so that overlay could get access. Fixes #318 PiperOrigin-RevId: 255511125
2019-06-27Fix various spelling issues in the documentationMichael Pratt
Addresses obvious typos, in the documentation only. COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/443 from Pixep:fix/documentation-spelling 4d0688164eafaf0b3010e5f4824b35d1e7176d65 PiperOrigin-RevId: 255477779
2019-06-27Merge pull request #461 from brb-g:128_procseekendgVisor bot
PiperOrigin-RevId: 255462850
2019-06-26Follow symlinks when creating a file, and create the target.Nicolas Lacasse
If we have a symlink whose target does not exist, creating the symlink (either via 'creat' or 'open' with O_CREAT flag) should create the target of the symlink. Previously, gVisor would error with EEXIST in this case PiperOrigin-RevId: 255232944
2019-06-24fs: synchronize concurrent writes into files with O_APPENDAndrei Vagin
For files with O_APPEND, a file write operation gets a file size and uses it as offset to call an inode write operation. This means that all other operations which can change a file size should be blocked while the write operation doesn't complete. PiperOrigin-RevId: 254873771
2019-06-24Implement /proc/net/tcp.Rahat Mahmood
PiperOrigin-RevId: 254854346
2019-06-24Use correct statx syscall number for amd64.Nicolas Lacasse
The previous number was for the arm architecture. Also change the statx tests to force them to run on gVisor, which would have caught this issue. PiperOrigin-RevId: 254846831
2019-06-24Add regression test for #128 (fixed in ab6774ce)brb-g
Tests run at HEAD (35719d52): ``` $ bazel test $(bazel query 'filter(".*getdents.*", //test/syscalls:all)') <snip> //test/syscalls:getdents_test_native PASSED in 0.3s //test/syscalls:getdents_test_runsc_ptrace PASSED in 4.9s //test/syscalls:getdents_test_runsc_ptrace_overlay PASSED in 4.7s //test/syscalls:getdents_test_runsc_ptrace_shared PASSED in 5.2s //test/syscalls:getdents_test_runsc_kvm FAILED in 4.0s ``` Tests run at ab6774ce~1 (6f933a93): ``` $ bazel test $(bazel query 'filter(".*getdents.*", //test/syscalls:all)') //test/syscalls:getdents_test_native PASSED in 0.2s //test/syscalls:getdents_test_runsc_kvm FAILED in 4.2s /usr/local/google/home/brb/.cache/bazel/_bazel_brb/967240a6aae7d353a221d73f4375e038/execroot/__main__/bazel-out/k8-fastbuild/testlogs/test/syscalls/getdents_test_runsc_kvm/test.log //test/syscalls:getdents_test_runsc_ptrace FAILED in 5.3s /usr/local/google/home/brb/.cache/bazel/_bazel_brb/967240a6aae7d353a221d73f4375e038/execroot/__main__/bazel-out/k8-fastbuild/testlogs/test/syscalls/getdents_test_runsc_ptrace/test.log //test/syscalls:getdents_test_runsc_ptrace_overlay FAILED in 4.9s /usr/local/google/home/brb/.cache/bazel/_bazel_brb/967240a6aae7d353a221d73f4375e038/execroot/__main__/bazel-out/k8-fastbuild/testlogs/test/syscalls/getdents_test_runsc_ptrace_overlay/test.log //test/syscalls:getdents_test_runsc_ptrace_shared FAILED in 5.2s /usr/local/google/home/brb/.cache/bazel/_bazel_brb/967240a6aae7d353a221d73f4375e038/execroot/__main__/bazel-out/k8-fastbuild/testlogs/test/syscalls/getdents_test_runsc_ptrace_shared/test.log ``` (I think all runsc_kvm tests are broken on my machine -- I'll rerun them if you can point me at the documentation to set it up)
2019-06-24Return ENOENT when reading /proc/{pid}/task of an exited processchris.zn
There will be a deadloop when we use getdents to read /proc/{pid}/task of an exited process Like this: Process A is running Process B: open /proc/{pid of A}/task Process A exits Process B: getdents /proc/{pid of A}/task Then, process B will fall into deadloop, and return "." and ".." in loops and never ends. This patch returns ENOENT when use getdents to read /proc/{pid}/task if the process is just exited. Signed-off-by: chris.zn <chris.zn@antfin.com>
2019-06-22Implement statx.Nicolas Lacasse
We don't have the plumbing for btime yet, so that field is left off. The returned mask indicates that btime is absent. Fixes #343 PiperOrigin-RevId: 254575752
2019-06-20Close FD on TcpSocketTest loop failure.Ian Gudger
This helps prevent the blocking call from getting stuck and causing a test timeout. PiperOrigin-RevId: 254325926
2019-06-20Deflake TestSIGALRMToMainThread.Neel Natu
Bump up the threshold on number of SIGALRMs received by worker threads from 50 to 200. Even with the new threshold we still expect that the majority of SIGALRMs are received by the thread group leader. PiperOrigin-RevId: 254289787
2019-06-20Implement madvise(MADV_DONTFORK)Neel Natu
PiperOrigin-RevId: 254253777
2019-06-19Mark tcp_socket test flaky (for real)Michael Pratt
The tag on the binary has no effect. It must be on the test. PiperOrigin-RevId: 254103480
2019-06-19Deflake mount_test.Nicolas Lacasse
Inode ids are only stable across Save/Restore if we have an open FD on the inode. All tests that compare inode ids must therefor hold an FD open. PiperOrigin-RevId: 254086603
2019-06-19Abort loop on failureMichael Pratt
As-is, on failure these will infinite loop, resulting in test timeout instead of failure. PiperOrigin-RevId: 254074989
2019-06-19Mark tcp_socket test flaky.Neel Natu
PiperOrigin-RevId: 253997465
2019-06-18Use return values from syscalls in eventfd tests.Rahat Mahmood
PiperOrigin-RevId: 253890611
2019-06-18Replace usage of deprecated strtoul/strtoullBrad Burlage
PiperOrigin-RevId: 253864770
2019-06-18Fix PipeTest_Streaming timeoutFabricio Voznika
Test was calling Size() inside read and write loops. Size() makes 2 syscalls to return the pipe size, making the test do a lot more work than it should. PiperOrigin-RevId: 253824690
2019-06-13Fix deadlock in fasync.Ian Gudger
The deadlock can occur when both ends of a connected Unix socket which has FIOASYNC enabled on at least one end are closed at the same time. One end notifies that it is closing, calling (*waiter.Queue).Notify which takes waiter.Queue.mu (as a read lock) and then calls (*FileAsync).Callback, which takes FileAsync.mu. The other end tries to unregister for notifications by calling (*FileAsync).Unregister, which takes FileAsync.mu and calls (*waiter.Queue).EventUnregister which takes waiter.Queue.mu. This is fixed by moving the calls to waiter.Waitable.EventRegister and waiter.Waitable.EventUnregister outside of the protection of any mutex used in (*FileAsync).Callback. The new test is related, but does not cover this particular situation. Also fix a data race on FileAsync.e.Callback. (*FileAsync).Callback checked FileAsync.e.Callback under the protection of FileAsync.mu, but the waiter calling (*FileAsync).Callback could not and did not. This is fixed by making FileAsync.e.Callback immutable before passing it to the waiter for the first time. Fixes #346 PiperOrigin-RevId: 253138340
2019-06-13Implement getsockopt() SO_DOMAIN, SO_PROTOCOL and SO_TYPE.Rahat Mahmood
SO_TYPE was already implemented for everything but netlink sockets. PiperOrigin-RevId: 253138157
2019-06-13Set optlen correctly when calling getsockopt.Bhasker Hariharan
PiperOrigin-RevId: 253096085
2019-06-12Add support for TCP_CONGESTION socket option.Bhasker Hariharan
This CL also cleans up the error returned for setting congestion control which was incorrectly returning EINVAL instead of ENOENT. PiperOrigin-RevId: 252889093
2019-06-11Eat sendfile partial errorAdin Scannell
For sendfile(2), we propagate a TCP error through the system call layer. This should be eaten if there is a partial result. This change also adds a test to ensure that there is no panic in this case, for both TCP sockets and unix domain sockets. PiperOrigin-RevId: 252746192
2019-06-10Fixes to listen backlog handling.Bhasker Hariharan
Changes netstack to confirm to current linux behaviour where if the backlog is full then we drop the SYN and do not send a SYN-ACK. Similarly we allow upto backlog connections to be in SYN-RCVD state as long as the backlog is not full. We also now drop a SYN if syn cookies are in use and the backlog for the listening endpoint is full. Added new tests to confirm the behaviour. Also reverted the change to increase the backlog in TcpPortReuseMultiThread syscall test. Fixes #236 PiperOrigin-RevId: 252500462
2019-06-06"Implement" mbind(2).Jamie Liu
We still only advertise a single NUMA node, and ignore mempolicy accordingly, but mbind() at least now succeeds and has effects reflected by get_mempolicy(). Also fix handling of nodemasks: round sizes to unsigned long (as documented and done by Linux), and zero trailing bits when copying them out. PiperOrigin-RevId: 251950859
2019-06-06Track and export socket state.Rahat Mahmood
This is necessary for implementing network diagnostic interfaces like /proc/net/{tcp,udp,unix} and sock_diag(7). For pass-through endpoints such as hostinet, we obtain the socket state from the backend. For netstack, we add explicit tracking of TCP states. PiperOrigin-RevId: 251934850
2019-06-06Try increase listen backlog.Rahat Mahmood
PiperOrigin-RevId: 251928000
2019-06-06Internal change.Googler
PiperOrigin-RevId: 251902567
2019-06-05Shutdown host sockets on internal shutdownMichael Pratt
This is required to make the shutdown visible to peers outside the sandbox. The readClosed / writeClosed fields were dropped, as they were preventing a shutdown socket from reading the remainder of queued bytes. The host syscalls will return the appropriate errors for shutdown. The control message tests have been split out of socket_unix.cc to make the (few) remaining tests accessible to testing inherited host UDS, which don't support sending control messages. Updates #273 PiperOrigin-RevId: 251763060
2019-06-05Adjust route when looping multicast packetsChris Kuiper
Multicast packets are special in that their destination address does not identify a specific interface. When sending out such a packet the multicast address is the remote address, but for incoming packets it is the local address. Hence, when looping a multicast packet, the route needs to be tweaked to reflect this. PiperOrigin-RevId: 251739298
2019-06-05Give test instantiations meaningful names.Ian Gudger
PiperOrigin-RevId: 251737069
2019-06-05Implement dumpability tracking and checksMichael Pratt
We don't actually support core dumps, but some applications want to get/set dumpability, which still has an effect in procfs. Lack of support for set-uid binaries or fs creds simplifies things a bit. As-is, processes started via CreateProcess (i.e., init and sentryctl exec) have normal dumpability. I'm a bit torn on whether sentryctl exec tasks should be dumpable, but at least since they have no parent normal UID/GID checks should protect them. PiperOrigin-RevId: 251712714
2019-06-03gvisor/sock/unix: pass creds when a message is sent between unconnected socketsAndrei Vagin
and don't report a sender address if it doesn't have one PiperOrigin-RevId: 251371284
2019-06-03Remove duplicate socket testsMichael Pratt
socket_unix_abstract.cc: Subset of socket_abstract.cc socket_unix_filesystem.cc: Subset of socket_filesystem.cc PiperOrigin-RevId: 251297117
2019-05-30Add VmData field to /proc/{pid}/statuschris.zn
VmData is the size of private data segments. It has the same meaning as in Linux. Change-Id: Iebf1ae85940a810524a6cde9c2e767d4233ddb2a PiperOrigin-RevId: 250593739
2019-05-30gvisor: socket() returns EPROTONOSUPPORT if protocol is not supportedAndrei Vagin
PiperOrigin-RevId: 250426407