Age | Commit message (Collapse) | Author |
|
The specific issue was:
- Test creates a raw ICMP socket
- Test sends an ICMP echo request (aka ping request) to itself via loopback
- Now two events race:
- The raw socket recieves the ICMP echo request
- Netstack receives the request and generates a reply (aka ping reply),
which it sends back over loopback, where it is eventually received by the
raw socket
- The test was written to expect packets in a specific order, but they can
come in any order.
PiperOrigin-RevId: 236179066
Change-Id: I02c07c919d3d28093add3d18dd9196fbbc870813
|
|
Broadly, this change:
* Enables sockets to be created via `socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)`.
* Passes the network-layer (IP) header up the stack to the transport endpoint,
which can pass it up to the socket layer. This allows a raw socket to return
the entire IP packet to users.
* Adds functions to stack.TransportProtocol, stack.Stack, stack.transportDemuxer
that enable incoming packets to be delivered to raw endpoints. New raw sockets
of other protocols (not ICMP) just need to register with the stack.
* Enables ping.endpoint to return IP headers when created via SOCK_RAW.
PiperOrigin-RevId: 235993280
Change-Id: I60ed994f5ff18b2cbd79f063a7fdf15d093d845a
|
|
PiperOrigin-RevId: 235940853
Change-Id: I9c5b4cf18b199fb74044a5edb131bfff59dec945
|
|
This solves two problems:
1. Using the host /tmp directly meant that concurrent tests could
collide attempting to use the same file, and that misbehaving tests
never have their /tmp output cleaned up.
2. Host /tmp is not world-accessible on all hosts. Some tests (e.g.,
sticky) access files in /tmp from other users, so we need to ensure
that its /tmp is world-accessible.
PiperOrigin-RevId: 235637873
Change-Id: I7555224685ac5b93af88c403196b09ce1bb2bfe7
|
|
PiperOrigin-RevId: 235578698
Change-Id: I608ff5e25eac97f6e1bda058511c1f82b0e3b736
|
|
This change adds support for the SO_BROADCAST socket option in gVisor Netstack.
This support includes getsockopt()/setsockopt() functionality for both UDP and
TCP endpoints (the latter being a NOOP), dispatching broadcast messages up and
down the stack, and route finding/creation for broadcast packets. Finally, a
suite of tests have been implemented, exercising this functionality through the
Linux syscall API.
PiperOrigin-RevId: 234850781
Change-Id: If3e666666917d39f55083741c78314a06defb26c
|
|
Ping sometimes uses this instead of SO_TIMESTAMP.
PiperOrigin-RevId: 234699590
Change-Id: Ibec9c34fa0d443a931557a2b1b1ecd83effe7765
|
|
PiperOrigin-RevId: 234690475
Change-Id: I1cbfb5aecd4697a4a26ec8524354aa8656cc3ba1
|
|
- Use new user namespace for namespace creation checks.
- Ensure userns is never nil since it's used by other namespaces.
PiperOrigin-RevId: 234673175
Change-Id: I4b9d9d1e63ce4e24362089793961a996f7540cd9
|
|
In addition to simplifying the implementation, this fixes two bugs:
- seqfile.NewSeqFile unconditionally creates an inode with mode 0444,
but {uid,gid}_map have mode 0644.
- idMapSeqFile.Write implements fs.FileOperations.Write ... but it
doesn't implement any other fs.FileOperations methods and is never
used as fs.FileOperations. idMapSeqFile.GetFile() =>
seqfile.SeqFile.GetFile() uses seqfile.seqFileOperations instead,
which rejects all writes.
PiperOrigin-RevId: 234638212
Change-Id: I4568f741ab07929273a009d7e468c8205a8541bc
|
|
This allows setting a default send interface for IPv4 multicast. IPv6 support
will come later.
PiperOrigin-RevId: 234251379
Change-Id: I65922341cd8b8880f690fae3eeb7ddfa47c8c173
|
|
PiperOrigin-RevId: 233516412
Change-Id: I7a0f1443de7eeebb5d8ad59e4759ca2e036a3c4d
|
|
PiperOrigin-RevId: 233458853
Change-Id: I92c734b8075aa31e040fe7b4770bcf608e271e7a
|
|
Also switch to the correct casing style for local address variables.
PiperOrigin-RevId: 233161128
Change-Id: Ibc4a10a5d3ab04c40907aa885e8237b255c65a79
|
|
Also includes a few fixes for IPv4 multicast support. IPv6 support is coming in
a followup CL.
PiperOrigin-RevId: 233008638
Change-Id: If7dae6222fef43fda48033f0292af77832d95e82
|
|
PiperOrigin-RevId: 232990964
Change-Id: Icfa426d5e83c7d3e56b0b92e6a9e1229bcb8361b
|
|
PiperOrigin-RevId: 232948478
Change-Id: Ib830121e5e79afaf5d38d17aeef5a1ef97913d23
|
|
PiperOrigin-RevId: 232914984
Change-Id: Id2643d7ad8e986ca9be76d860788a71db2674cda
|
|
PiperOrigin-RevId: 232776481
Change-Id: Ic19d4aa6322fef71621bad0e9fb8bdedf6694114
|
|
Multiple tests were creating the same directory before removing it, making it
possible for concurrent tests to fail because the directory already exists.
PiperOrigin-RevId: 232389814
Change-Id: I35d409fff4b3fd864b30fee742cb587b14975c23
|
|
PiperOrigin-RevId: 232071420
Change-Id: I5aa57f3dc4aac637d6f467445b4b3110fc08ac80
|
|
PiperOrigin-RevId: 231856279
Change-Id: I175db87374890a62a3a3c2ddef727668ff854ce4
|
|
Nothing reads them and they can simply get stale.
Generated with:
$ sed -i "s/licenses(\(.*\)).*/licenses(\1)/" **/BUILD
PiperOrigin-RevId: 231818945
Change-Id: Ibc3f9838546b7e94f13f217060d31f4ada9d4bf0
|
|
stdout can be (and, in automated testing, often is) a host pipe or
similar resource shared between multiple parallel tests, such that it
can become transiently full during testing.
PiperOrigin-RevId: 231413569
Change-Id: Id14991b5f71e53c894695899e65e1be4dd228cc6
|
|
PiperOrigin-RevId: 231404512
Change-Id: I31efcc23a0c4a48ef6fbba3ca07415d79290f55c
|
|
PiperOrigin-RevId: 231274510
Change-Id: I8f65157dbe18dae1c6235147fc4d27e0c844c833
|
|
PiperOrigin-RevId: 231263193
Change-Id: Ib732c9639462f7994d473050495d88c2855434af
|
|
PiperOrigin-RevId: 231020482
Change-Id: Idd9168678b18d03aac473adcc40902e27e06d0a1
|
|
The implementation of O_CLOEXEC is orthogonal to every property tested
by these tests; removing it significantly reduces the number of
redundant tests we run.
Also remove no-op calls to VecCat (calls with a single argument).
PiperOrigin-RevId: 230959537
Change-Id: I83fe7db24e481ef67ca1f1992228af423f640b5c
|
|
PiperOrigin-RevId: 230850177
Change-Id: I34eb24e8ff8dd9ce3e7f5eb2dc2ee58eeac49f07
|
|
Lots of tests use /tmp for the tests. Force /tmp to be
mounted over fsgofer instead of tmpfs.
PiperOrigin-RevId: 230788985
Change-Id: Id6597ed88133232d15e808c48126bf77cb32673e
|
|
Otherwise, C++11-compliant compilers may select PosixErrorOr(const T&)
as the relevant constructor, and fail because std::vector<Mapping> is
not copyable (because Mapping is not copyable).
This is a C++11 defect that is fixed in C++14 (and in C++11 mode for
Clang, but not GCC). See DR 1579,
http://www.open-std.org/jtc1/sc22/wg21/docs/cwg_defects.html#1579.
PiperOrigin-RevId: 230767401
Change-Id: I65f481f5188d91db6cbbbd65ed0a60bc55df3401
|
|
PiperOrigin-RevId: 230641540
Change-Id: Icccc3cdeec191138940f0ecea0a29798359d2b1f
|
|
netlink_autobind() sets a port id to a process ID, if this address is
available. Otherwise, it will set a port id to a random negative value.
PiperOrigin-RevId: 230631956
Change-Id: I11692e4fe9421e77d9406627b4e7772e4d9b105a
|
|
Compilation of this test fails in kokoro:
In file included from /usr/include/linux/netdevice.h:28:0,
from /usr/include/linux/if_arp.h:26,
from ./test/syscalls/linux/socket_netlink_util.h:18,
from test/syscalls/linux/socket_netdevice.cc:24:
/usr/include/linux/if.h:143:8: error: redefinition of 'struct ifmap'
struct ifmap {
^~~~~
In file included from test/syscalls/linux/socket_netdevice.cc:18:0:
/usr/include/net/if.h:111:8: note: previous definition of 'struct ifmap'
struct ifmap
^~~~~
In file included from /usr/include/linux/netdevice.h:28:0,
from /usr/include/linux/if_arp.h:26,
from ./test/syscalls/linux/socket_netlink_util.h:18,
from test/syscalls/linux/socket_netdevice.cc:24:
/usr/include/linux/if.h:177:8: error: redefinition of 'struct ifreq'
struct ifreq {
^~~~~
In file included from test/syscalls/linux/socket_netdevice.cc:18:0:
/usr/include/net/if.h:126:8: note: previous definition of 'struct ifreq'
struct ifreq
^~~~~
In file included from /usr/include/linux/netdevice.h:28:0,
from /usr/include/linux/if_arp.h:26,
from ./test/syscalls/linux/socket_netlink_util.h:18,
from test/syscalls/linux/socket_netdevice.cc:24:
/usr/include/linux/if.h:226:8: error: redefinition of 'struct ifconf'
struct ifconf {
^~~~~~
In file included from test/syscalls/linux/socket_netdevice.cc:18:0:
/usr/include/net/if.h:176:8: note: previous definition of 'struct ifconf'
struct ifconf
PiperOrigin-RevId: 230381931
Change-Id: I3c422c53e50cf2b90022778599d3a8a4a61fd1a3
|
|
PiperOrigin-RevId: 229781337
Change-Id: I1f946cff2771714fb1abd83a83ed454e9febda0a
|
|
Runsc wants to mount /tmp using internal tmpfs implementation for
performance. However, it risks hiding files that may exist under
/tmp in case it's present in the container. Now, it only mounts
over /tmp iff:
- /tmp was not explicitly asked to be mounted
- /tmp is empty
If any of this is not true, then /tmp maps to the container's
image /tmp.
Note: checkpoint doesn't have sentry FS mounted to check if /tmp
is empty. It simply looks for explicit mounts right now.
PiperOrigin-RevId: 229607856
Change-Id: I10b6dae7ac157ef578efc4dfceb089f3b94cde06
|
|
syscall test split testcase via shard count, reset
high bound as begin of next subslice, cause the slice
is half-open range.
Change-Id: I1954f57c93cbfd9be518153315da305a2de377a0
PiperOrigin-RevId: 229405199
|
|
More helper structs have been added to the fsutil package to make it easier to
implement fs.InodeOperations and fs.FileOperations.
PiperOrigin-RevId: 229305982
Change-Id: Ib6f8d3862f4216745116857913dbfa351530223b
|
|
test/syscalls/linux/wait.cc:626:8: warning: lambda capture 'this' is not
used
302
[this, stack] { ASSERT_THAT(FreeStack(stack), SyscallSucceeds()); });
303
^~~~~
test/syscalls/linux/priority.cc:195:17: warning: lambda capture
'kParentPriority' is not required to be captured for this use
273
ScopedThread([kParentPriority, kChildPriority]() {
274
^~~~~~~~~~~~~~~~
PiperOrigin-RevId: 229275900
Change-Id: I6f0c88efc7891c6c729378a2fa70f70b1b9046a7
|
|
PiperOrigin-RevId: 229238781
Change-Id: Ib5a1e46293583efcb09e255fcd400c3fcc53ef1b
|
|
PiperOrigin-RevId: 229214698
Change-Id: Ib4ea2e330e61ee34bf913938d6120a52ecc38ce1
|
|
- Fix a few cases where async-signal-unsafe code is executed in a forked
process pre-execve.
- Ensure that the return value of fork() is always checked.
PiperOrigin-RevId: 228949310
Change-Id: I3096cb7d7394b8d9ab81b0e0245f2060713ef589
|
|
PiperOrigin-RevId: 228949227
Change-Id: I8f47bcd56aab706081218ec7498af8049ccd6d63
|
|
PiperOrigin-RevId: 228945914
Change-Id: Idfa0a3c27434655b5f9ac241f1726e0bc9ef0392
|
|
PiperOrigin-RevId: 228805981
Change-Id: I4f4c4a5d8de325dff38f6dfb92108fc848d823fd
|
|
Removing check to RLIMIT_NOFILE in select call.
Adding unit test to select suite to document behavior.
Moving setrlimit class from mlock to a util file for reuse.
Fixing flaky test based on comments from Jamie.
PiperOrigin-RevId: 228726131
Change-Id: Ie9dbe970bbf835ba2cca6e17eec7c2ee6fadf459
|
|
Instead just find the syscall_test_runner binary in the shell script.
PiperOrigin-RevId: 228621230
Change-Id: I274ee0874e47d53f59474b1ac730ee45e3dff977
|
|
PiperOrigin-RevId: 228574092
Change-Id: Id93abcca1ce964eb595907df9355702d469bc33b
|
|
PiperOrigin-RevId: 228403149
Change-Id: Iab212e49d9eb27d785bddc9fd447835ce8c485ae
|