| Age | Commit message (Collapse) | Author |
|---|
|
PiperOrigin-RevId: 332961666
|
|
Calls to recv sometimes fail with EAGAIN, so call select beforehand.
PiperOrigin-RevId: 332943156
|
|
"DefaultValueEqZero" is only valid if the test is in a
sandbox. Our CI VMs often have "/proc/sys/net/ipv4/ip_forward" set
to 1.
PiperOrigin-RevId: 332910859
|
|
PiperOrigin-RevId: 332907453
|
|
`recv` calls with MSG_DONTWAIT can fail with EAGAIN randomly
in tests. Fix this by calling `select` on sockets with a timeout
prior to attempting a `recv`.
PiperOrigin-RevId: 332873735
|
|
PiperOrigin-RevId: 332760843
|
|
Unfortunately, I think TSC misalignment means that we can't really expect any
consistent correspondence between a TSC-based VDSO and the sentry's view of
time on the KVM platform.
PiperOrigin-RevId: 332576147
|
|
PiperOrigin-RevId: 332546659
|
|
Updates #1199
PiperOrigin-RevId: 332539197
|
|
This is more consistent with Linux (see comment on MM.NewSharedAnonMappable()).
We don't do the same thing on VFS1 for reasons documented by the updated
comment.
PiperOrigin-RevId: 332514849
|
|
Updates #3549.
PiperOrigin-RevId: 332501660
|
|
SO_LINGER is a socket level option and should be stored on all endpoints even
though it is used to linger only for TCP endpoints.
PiperOrigin-RevId: 332369252
|
|
This change includes overlay, special regular gofer files, and hostfs.
Fixes #3589.
PiperOrigin-RevId: 332330860
|
|
PiperOrigin-RevId: 332281930
|
|
PiperOrigin-RevId: 332097286
|
|
When a broadcast packet is received by the stack, the packet should be
delivered to each endpoint that may be interested in the packet. This
includes all any address and specified broadcast address listeners.
Test: integration_test.TestReuseAddrAndBroadcast
PiperOrigin-RevId: 332060652
|
|
PiperOrigin-RevId: 331940975
|
|
Make setting STATX_SIZE a no-op, if it is valid for the given permissions and
file type.
Also update proc tests, which were overfitted before.
Fixes #3842.
Updates #1193.
PiperOrigin-RevId: 331861087
|
|
PiperOrigin-RevId: 331824411
|
|
Currently the returned offset is an index, and we can't
use it to find the next fd to serialize, because getdents
should iterate correctly despite mutation of fds. Instead,
we can return the next fd to serialize plus 2 (which
accounts for "." and "..") as the offset.
Fixes: #3894
Signed-off-by: Tiwei Bie <tiwei.btw@antgroup.com>
|
|
These operations require CAP_SYS_ADMIN in the root user namespace. There's no
easy way to check that other than trying the operation and seeing what happens.
PiperOrigin-RevId: 331242256
|
|
Overlayfs does not persist a directory's inode number even while it is mounted.
See fs/overlayfs/inode.c:ovl_map_dev_ino(). VFS2 generates a new inode number
for directories everytime in lookup.
PiperOrigin-RevId: 331045037
|
|
Overlayfs intentionally does not compute nlink for directories (because it can
be really expensive). Linux returns 1, VFS2 returns 2 and VFS1 actually
calculates the correct value.
PiperOrigin-RevId: 330967139
|
|
- BindSocketThenOpen test was expecting the incorrect error when opening
a socket. Fixed that.
- VirtualFilesystem.BindEndpointAt should not require pop.Path.Begin.Ok()
because the filesystem implementations do not need to walk to the parent
dentry. This check also exists for MknodAt, MkdirAt, RmdirAt, SymlinkAt and
UnlinkAt but those filesystem implementations also need to walk to the parent
denty. So that check is valid. Added some syscall tests to test this.
PiperOrigin-RevId: 330625220
|
|
PiperOrigin-RevId: 330554450
|
|
Accept on gVisor will return an error if a socket in the accept queue was closed
before Accept() was called. Linux will return the new fd even if the returned
socket is already closed by the peer say due to a RST being sent by the peer.
This seems to be intentional in linux more details on the github issue.
Fixes #3780
PiperOrigin-RevId: 329828404
|
|
PiperOrigin-RevId: 329638946
|
|
These were problematic for vfs2 gofers before correctly implementing separate
read/write handles.
PiperOrigin-RevId: 329613261
|
|
Updates #2972
PiperOrigin-RevId: 329584905
|
|
PiperOrigin-RevId: 329526153
|
|
These mostly guard linux-only headers; check for linux instead.
PiperOrigin-RevId: 329362762
|
|
An earlier change considered the loopback bound to all addresses in an
assigned subnet. This should have only be done for IPv4 to maintain
compatability with Linux:
```
$ ip addr show dev lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group ...
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
$ ping 2001:db8::1
PING 2001:db8::1(2001:db8::1) 56 data bytes
^C
--- 2001:db8::1 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3062ms
$ ping 2001:db8::2
PING 2001:db8::2(2001:db8::2) 56 data bytes
^C
--- 2001:db8::2 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2030ms
$ sudo ip addr add 2001:db8::1/64 dev lo
$ ping 2001:db8::1
PING 2001:db8::1(2001:db8::1) 56 data bytes
64 bytes from 2001:db8::1: icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from 2001:db8::1: icmp_seq=2 ttl=64 time=0.074 ms
64 bytes from 2001:db8::1: icmp_seq=3 ttl=64 time=0.073 ms
64 bytes from 2001:db8::1: icmp_seq=4 ttl=64 time=0.071 ms
^C
--- 2001:db8::1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3075ms
rtt min/avg/max/mdev = 0.055/0.068/0.074/0.007 ms
$ ping 2001:db8::2
PING 2001:db8::2(2001:db8::2) 56 data bytes
From 2001:db8::1 icmp_seq=1 Destination unreachable: No route
From 2001:db8::1 icmp_seq=2 Destination unreachable: No route
From 2001:db8::1 icmp_seq=3 Destination unreachable: No route
From 2001:db8::1 icmp_seq=4 Destination unreachable: No route
^C
--- 2001:db8::2 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3070ms
```
Test: integration_test.TestLoopbackAcceptAllInSubnet
PiperOrigin-RevId: 329011566
|
|
This mainly involved enabling kernfs' client filesystems to provide a
StatFS implementation.
Fixes #3411, #3515.
PiperOrigin-RevId: 329009864
|
|
Also, add corresponding EOF tests for splice/sendfile.
Discovered by syzkaller.
PiperOrigin-RevId: 328975990
|
|
Reported-by: syzbot+074ec22c42305725b79f@syzkaller.appspotmail.com
PiperOrigin-RevId: 328963899
|
|
Updates #3780.
PiperOrigin-RevId: 328922573
|
|
Fixes *.sh Java runtime tests, where splice()-ing from a pipe to /dev/zero
would not actually empty the pipe.
There was no guarantee that the data would actually be consumed on a splice
operation unless the output file's implementation of Write/PWrite actually
called VFSPipeFD.CopyIn. Now, whatever bytes are "written" are consumed
regardless of whether CopyIn is called or not.
Furthermore, the number of bytes in the IOSequence for reads is now capped at
the amount of data actually available. Before, splicing to /dev/zero would
always return the requested splice size without taking the actual available
data into account.
This change also refactors the case where an input file is spliced into an
output pipe so that it follows a similar pattern, which is arguably cleaner
anyway.
Updates #3576.
PiperOrigin-RevId: 328843954
|
|
PiperOrigin-RevId: 328843560
|
|
PiperOrigin-RevId: 328824023
|
|
BadSocketPair test will return several errnos (EPREM, ESOCKTNOSUPPORT,
EAFNOSUPPORT) meaning the test is just too specific. Checking the syscall
fails is appropriate.
PiperOrigin-RevId: 328813071
|
|
...while we figure out of we want to consider the loopback interface
bound to all IPs in an assigned IPv6 subnet, or not (to maintain
compatibility with Linux).
PiperOrigin-RevId: 328807974
|
|
More implementation+testing to follow.
#3549.
PiperOrigin-RevId: 328770160
|
|
ioctl calls with TIOCSCTTY fail if the calling process already has a
controlling terminal, which occurs on a 5.4 kernel like our Ubuntu 18 CI.
Thus, run tests calling ioctl TTOCSCTTY in clean subprocess.
Also, while we're here, switch out non-inclusive master/slave for main/replica.
PiperOrigin-RevId: 328756598
|
|
Added a few tests for write(2) and pwrite(2)
1. Regular Files
For write(2)
- write zero bytes should not move the offset
- write non-zero bytes should increment the offset the exact amount
- write non-zero bytes after a lseek() should move the offset the exact amount after the seek
- write non-zero bytes with O_APPEND should move the offset the exact amount after original EOF
For pwrite(2), offset is not affected when
- pwrite zero bytes
- pwrite non-zero bytes
For EOF, added a test asserting the EOF (indicated by lseek(SEEK_END)) is updated properly after writing non-zero bytes
2. Symlink
Added one pwite64() call for symlink that is written as a counterpart of the existing test using pread64()
|
|
This is needed to support the overlay opaque attribute.
PiperOrigin-RevId: 328552985
|
|
PiperOrigin-RevId: 328467152
|
|
In Linux, a kernel configuration is set that compiles the kernel with a
custom function that is called at the beginning of every basic block, which
updates the memory-mapped coverage information. The Go coverage tool does not
allow us to inject arbitrary instructions into basic blocks, but it does
provide data that we can convert to a kcov-like format and transfer them to
userspace through a memory mapping.
Note that this is not a strict implementation of kcov, which is especially
tricky to do because we do not have the same coverage tools available in Go
that that are available for the actual Linux kernel. In Linux, a kernel
configuration is set that compiles the kernel with a custom function that is
called at the beginning of every basic block to write program counters to the
kcov memory mapping. In Go, however, coverage tools only give us a count of
basic blocks as they are executed. Every time we return to userspace, we
collect the coverage information and write out PCs for each block that was
executed, providing userspace with the illusion that the kcov data is always
up to date. For convenience, we also generate a unique synthetic PC for each
block instead of using actual PCs. Finally, we do not provide thread-specific
coverage data (each kcov instance only contains PCs executed by the thread
owning it); instead, we will supply data for any file specified by --
instrumentation_filter.
Also, fix issue in nogo that was causing pkg/coverage:coverage_nogo
compilation to fail.
PiperOrigin-RevId: 328426526
|
|
iptables sockopts were kludged into an unnecessary check, this properly
relegates them to the {get,set}SockOptIP functions.
PiperOrigin-RevId: 328395135
|
|
When SO_LINGER option is enabled, the close will not return until all the
queued messages are sent and acknowledged for the socket or linger timeout is
reached. If the option is not set, close will return immediately. This option
is mainly supported for connection oriented protocols such as TCP.
PiperOrigin-RevId: 328350576
|
|
We still deviate a bit from linux in how long we will actually wait in
FIN-WAIT-2. Linux seems to cap it with TIME_WAIT_LEN and it's not completely
obvious as to why it's done that way. For now I think we can ignore that and
fix it if it really is an issue.
PiperOrigin-RevId: 328324922
|
