summaryrefslogtreecommitdiffhomepage
path: root/test
AgeCommit message (Collapse)Author
2019-06-11Eat sendfile partial errorAdin Scannell
For sendfile(2), we propagate a TCP error through the system call layer. This should be eaten if there is a partial result. This change also adds a test to ensure that there is no panic in this case, for both TCP sockets and unix domain sockets. PiperOrigin-RevId: 252746192
2019-06-11gvisor/test: create a per-testcase directory for runsc logsAndrei Vagin
Otherwise it's hard to find a directory for a specific test case. PiperOrigin-RevId: 252636901
2019-06-10Fixes to listen backlog handling.Bhasker Hariharan
Changes netstack to confirm to current linux behaviour where if the backlog is full then we drop the SYN and do not send a SYN-ACK. Similarly we allow upto backlog connections to be in SYN-RCVD state as long as the backlog is not full. We also now drop a SYN if syn cookies are in use and the backlog for the listening endpoint is full. Added new tests to confirm the behaviour. Also reverted the change to increase the backlog in TcpPortReuseMultiThread syscall test. Fixes #236 PiperOrigin-RevId: 252500462
2019-06-06BUILD: Use runsc to generate versionAdin Scannell
This also ensures BUILD files are correctly formatted. PiperOrigin-RevId: 251990267
2019-06-06"Implement" mbind(2).Jamie Liu
We still only advertise a single NUMA node, and ignore mempolicy accordingly, but mbind() at least now succeeds and has effects reflected by get_mempolicy(). Also fix handling of nodemasks: round sizes to unsigned long (as documented and done by Linux), and zero trailing bits when copying them out. PiperOrigin-RevId: 251950859
2019-06-06Remove tmpfs restriction from testFabricio Voznika
runsc supports UDS over gofer mounts and tmpfs is not needed for this test. PiperOrigin-RevId: 251944870
2019-06-06Track and export socket state.Rahat Mahmood
This is necessary for implementing network diagnostic interfaces like /proc/net/{tcp,udp,unix} and sock_diag(7). For pass-through endpoints such as hostinet, we obtain the socket state from the backend. For netstack, we add explicit tracking of TCP states. PiperOrigin-RevId: 251934850
2019-06-06Add overlay dimension to FS related syscall testsFabricio Voznika
PiperOrigin-RevId: 251929314
2019-06-06Try increase listen backlog.Rahat Mahmood
PiperOrigin-RevId: 251928000
2019-06-06Internal change.Googler
PiperOrigin-RevId: 251902567
2019-06-05Shutdown host sockets on internal shutdownMichael Pratt
This is required to make the shutdown visible to peers outside the sandbox. The readClosed / writeClosed fields were dropped, as they were preventing a shutdown socket from reading the remainder of queued bytes. The host syscalls will return the appropriate errors for shutdown. The control message tests have been split out of socket_unix.cc to make the (few) remaining tests accessible to testing inherited host UDS, which don't support sending control messages. Updates #273 PiperOrigin-RevId: 251763060
2019-06-05Adjust route when looping multicast packetsChris Kuiper
Multicast packets are special in that their destination address does not identify a specific interface. When sending out such a packet the multicast address is the remote address, but for incoming packets it is the local address. Hence, when looping a multicast packet, the route needs to be tweaked to reflect this. PiperOrigin-RevId: 251739298
2019-06-05Give test instantiations meaningful names.Ian Gudger
PiperOrigin-RevId: 251737069
2019-06-05Implement dumpability tracking and checksMichael Pratt
We don't actually support core dumps, but some applications want to get/set dumpability, which still has an effect in procfs. Lack of support for set-uid binaries or fs creds simplifies things a bit. As-is, processes started via CreateProcess (i.e., init and sentryctl exec) have normal dumpability. I'm a bit torn on whether sentryctl exec tasks should be dumpable, but at least since they have no parent normal UID/GID checks should protect them. PiperOrigin-RevId: 251712714
2019-06-03gvisor/sock/unix: pass creds when a message is sent between unconnected socketsAndrei Vagin
and don't report a sender address if it doesn't have one PiperOrigin-RevId: 251371284
2019-06-03Remove duplicate socket testsMichael Pratt
socket_unix_abstract.cc: Subset of socket_abstract.cc socket_unix_filesystem.cc: Subset of socket_filesystem.cc PiperOrigin-RevId: 251297117
2019-05-30Add VmData field to /proc/{pid}/statuschris.zn
VmData is the size of private data segments. It has the same meaning as in Linux. Change-Id: Iebf1ae85940a810524a6cde9c2e767d4233ddb2a PiperOrigin-RevId: 250593739
2019-05-30gvisor: socket() returns EPROTONOSUPPORT if protocol is not supportedAndrei Vagin
PiperOrigin-RevId: 250426407
2019-05-30Always wait on tracee childrenMichael Pratt
After bf959931ddb88c4e4366e96dd22e68fa0db9527c ("wait/ptrace: assume __WALL if the child is traced") (Linux 4.7), tracees are always eligible for waiting, regardless of type. PiperOrigin-RevId: 250399527
2019-05-24Extract SleepSafe from test_utilTamir Duberstein
Allows socket tests that rely on test_util to compile on Fuchsia. PiperOrigin-RevId: 249884084 Change-Id: I17617e3f1baaba4c85c689f40db4a42a8de1597e
2019-05-22Add WCLONE / WALL support to waitidMichael Pratt
The previous commit adds WNOTHREAD support to waitid, so we may as well complete the upstream change. Linux added WCLONE, WALL, WNOTHREAD support to waitid(2) in 91c4e8ea8f05916df0c8a6f383508ac7c9e10dba ("wait: allow sys_waitid() to accept __WNOTHREAD/__WCLONE/__WALL"). i.e., Linux 4.7. PiperOrigin-RevId: 249560587 Change-Id: Iff177b0848a3f7bae6cb5592e44500c5a942fbeb
2019-05-22Add support for wait(WNOTHREAD)Michael Pratt
PiperOrigin-RevId: 249537694 Change-Id: Iaa4bca73a2d8341e03064d59a2eb490afc3f80da
2019-05-22UDP and TCP raw socket support.Kevin Krakauer
PiperOrigin-RevId: 249511348 Change-Id: I34539092cc85032d9473ff4dd308fc29dc9bfd6b
2019-05-21Clean up pipe internals and add fcntl supportAdin Scannell
Pipe internals are made more efficient by avoiding garbage collection. A pool is now used that can be shared by all pipes, and buffers are chained via an intrusive list. The documentation for pipe structures and methods is also simplified and clarified. The pipe tests are now parameterized, so that they are run on all different variants (named pipes, small buffers, default buffers). The pipe buffer sizes are exposed by fcntl, which is now supported by this change. A size change test has been added to the suite. These new tests uncovered a bug regarding the semantics of open named pipes with O_NONBLOCK, which is also fixed by this CL. This fix also addresses the lack of the O_LARGEFILE flag for named pipes. PiperOrigin-RevId: 249375888 Change-Id: I48e61e9c868aedb0cadda2dff33f09a560dee773
2019-05-21Fix inconsistencies in ELF anonymous mappingsMichael Pratt
* A segment with filesz == 0, memsz > 0 should be an anonymous only mapping. We were failing to load such an ELF. * Anonymous pages are always mapped RW, regardless of the segment protections. PiperOrigin-RevId: 249355239 Change-Id: I251e5c0ce8848cf8420c3aadf337b0d77b1ad991
2019-05-21Add basic plumbing for splice and stub implementation.Adin Scannell
This does not actually implement an efficient splice or sendfile. Rather, it adds a generic plumbing to the file internals so that this can be added. All file implementations use the stub fileutil.NoSplice implementation, which causes sendfile and splice to fall back to an internal copy. A basic splice system call interface is added, along with a test. PiperOrigin-RevId: 249335960 Change-Id: Ic5568be2af0a505c19e7aec66d5af2480ab0939b
2019-05-20Fix incorrect tmpfs timestamp updatesMichael Pratt
* Creation of files, directories (and other fs objects) in a directory should always update ctime. * Same for removal. * atime should not be updated on lookup, only readdir. I've also renamed some misleading functions that update mtime and ctime. PiperOrigin-RevId: 249115063 Change-Id: I30fa275fa7db96d01aa759ed64628c18bb3a7dc7
2019-05-17Fix gofer rename ctime and cleanup stat_times testMichael Pratt
There is a lot of redundancy that we can simplify in the stat_times test. This will make it easier to add new tests. However, the simplification reveals that cached uattrs on goferfs don't properly update ctime on rename. PiperOrigin-RevId: 248773425 Change-Id: I52662728e1e9920981555881f9a85f9ce04041cf
2019-05-16Add test for duplicate proc entries.Ian Gudger
The issue with duplicate /proc/sys entries seems to have been fixed in: PiperOrigin-RevId 229305982 Git hash dc8450b5676d4c4ac9bcfa23cabd862e0060527d Fixes google/gvisor#125 PiperOrigin-RevId: 248571903 Change-Id: I76ff3b525c93dafb92da6e5cf56e440187f14579
2019-05-14Update out of date commentMichael Pratt
PiperOrigin-RevId: 248265524 Change-Id: Ib9082f08d24ba10535079cf89c714fb22a4fdf10
2019-05-10Modernize mknod testMichael Pratt
PiperOrigin-RevId: 247704588 Change-Id: I1e63e2b310145695fbe38429b91e44d72473fcd6
2019-05-09Implement fallocate(2)Fabricio Voznika
Closes #225 PiperOrigin-RevId: 247508791 Change-Id: I04f47cf2770b30043e5a272aba4ba6e11d0476cc
2019-05-08Fix types that are subtly incorrect.Googler
PiperOrigin-RevId: 247294093 Change-Id: Iac8c76e50bbc15c240ae7da7f5786f9968e7057c
2019-05-05Fix raw socket behavior and tests.Kevin Krakauer
Some behavior was broken due to the difficulty of running automated raw socket tests. Change-Id: I152ca53916bb24a0208f2dc1c4f5bc87f4724ff6 PiperOrigin-RevId: 246747067
2019-05-03gvisor: run bazel in a docker containerAndrei Vagin
bazel has a lot of dependencies and users don't want to install them just to build gvisor. These changes allows to run bazel in a docker container. A bazel cache is on the local file system (~/.cache/bazel), so incremental builds should be fast event after recreating a bazel container. Here is an example how to build runsc: make BAZEL_OPTIONS="build runsc:runsc" bazel Change-Id: I8c0a6d0c30e835892377fb6dd5f4af7a0052d12a PiperOrigin-RevId: 246570877
2019-05-03Skip flaky ClockGettime.CputimeId take 2Fabricio Voznika
The test also times out when GCE machine has 2 CPUs. I cannot repro it locally with a 2 CPU cgroup though. Let's skip the test when there are 2 CPUs to stop the flakiness and retest it once the fix is available. PiperOrigin-RevId: 246523363 Change-Id: I9d9d922a5be3aa7bc91dff5a1807ca99f3f4a4f9
2019-05-03Proper cleanup of sockets that used REUSEPORTChris Kuiper
Fixed a small logic error that broke proper accounting of MultiPortEndpoints. PiperOrigin-RevId: 246502126 Change-Id: I1a7d6ea134f811612e545676212899a3707bc2c2
2019-05-02Support reception of multicast data on more than one socketChris Kuiper
This requires two changes: 1) Support for more than one socket to join a given multicast group. 2) Duplicate delivery of incoming multicast packets to all sockets listening for it. In addition, I tweaked the code (and added a test) to disallow duplicates IP_ADD_MEMBERSHIP calls for the same group and NIC. This is how Linux does it. PiperOrigin-RevId: 246437315 Change-Id: Icad8300b4a8c3f501d9b4cd283bd3beabef88b72
2019-05-02Replace dynamic macros with constants in memfd test.Kevin Krakauer
PiperOrigin-RevId: 246433167 Change-Id: Idb9b6c20ee1da193176288dfd2f9d85ec0e69c54
2019-04-29Implement the MSG_CTRUNC msghdr flag for Unix sockets.Ian Gudger
Updates google/gvisor#206 PiperOrigin-RevId: 245880573 Change-Id: Ifa715e98d47f64b8a32b04ae9378d6cd6bd4025e
2019-04-29Skip flaky ClockGettime.CputimeIdFabricio Voznika
Test times out when it runs on a single core. Skip until the bug in the Go runtime is fixed. PiperOrigin-RevId: 245866466 Change-Id: Ic3e72131c27136d58b71f6b11acc78abf55895d4
2019-04-29Change copyright notice to "The gVisor Authors"Michael Pratt
Based on the guidelines at https://opensource.google.com/docs/releasing/authors/. 1. $ rg -l "Google LLC" | xargs sed -i 's/Google LLC.*/The gVisor Authors./' 2. Manual fixup of "Google Inc" references. 3. Add AUTHORS file. Authors may request to be added to this file. 4. Point netstack AUTHORS to gVisor AUTHORS. Drop CONTRIBUTORS. Fixes #209 PiperOrigin-RevId: 245823212 Change-Id: I64530b24ad021a7d683137459cafc510f5ee1de9
2019-04-29Allow and document bug ids in gVisor codebase.Nicolas Lacasse
PiperOrigin-RevId: 245818639 Change-Id: I03703ef0fb9b6675955637b9fe2776204c545789
2019-04-29Appease googletest deprecationTamir Duberstein
PiperOrigin-RevId: 245788366 Change-Id: I17bbecf8493132dbe95564c34c45b838194bfabb
2019-04-29createAt should return all errors from FindInode except ENOENT.Nicolas Lacasse
Previously, createAt was eating all errors from FindInode except for EACCES and proceeding with the creation. This is incorrect, as FindInode can return many other errors (like ENAMETOOLONG) that should stop creation. This CL changes createAt to return all errors encountered except for ENOENT, which we can ignore because we are about to create the thing. PiperOrigin-RevId: 245773222 Change-Id: I1b317021de70f0550fb865506f6d8147d4aebc56
2019-04-26Remove syscall tests' dependency on glogTamir Duberstein
PiperOrigin-RevId: 245469859 Change-Id: I0610e477cc3a884275852e83028ecfb501f2c039
2019-04-26Fix reference counting bug in /proc/PID/fdinfo/.Kevin Krakauer
PiperOrigin-RevId: 245452217 Change-Id: I7164d8f57fe34c17e601079eb9410a6d95af1869
2019-04-26Change name of sticky test arg.Kevin Krakauer
PiperOrigin-RevId: 245451875 Change-Id: Icee2c4ed74564e77454c60d60f456454443ccadf
2019-04-25Don't enforce NAME_MAX in fs.Dirent.walk().Jamie Liu
Maximum filename length is filesystem-dependent, and obtained via statfs::f_namelen. This limit is usually 255 bytes (NAME_MAX), but not always. For example, VFAT supports filenames of up to 255... UCS-2 characters, which Linux conservatively takes to mean UTF-8-encoded bytes: fs/fat/inode.c:fat_statfs(), FAT_LFN_LEN * NLS_MAX_CHARSET_SIZE. As a result, Linux's VFS does not enforce NAME_MAX: $ rg --maxdepth=1 '\WNAME_MAX\W' fs/ include/linux/ fs/libfs.c 38: buf->f_namelen = NAME_MAX; 64: if (dentry->d_name.len > NAME_MAX) include/linux/relay.h 74: char base_filename[NAME_MAX]; /* saved base filename */ include/linux/fscrypt.h 149: * filenames up to NAME_MAX bytes, since base64 encoding expands the length. include/linux/exportfs.h 176: * understanding that it is already pointing to a a %NAME_MAX+1 sized Remove this check from core VFS, and add it to ramfs (and by extension tmpfs), where it is actually applicable: mm/shmem.c:shmem_dir_inode_operations.lookup == simple_lookup *does* enforce NAME_MAX. PiperOrigin-RevId: 245324748 Change-Id: I17567c4324bfd60e31746a5270096e75db963fac
2019-04-25s,sys/poll.h/,poll.h,gTamir Duberstein
See https://git.musl-libc.org/cgit/musl/tree/include/sys/poll.h PiperOrigin-RevId: 245312375 Change-Id: If749ae3f94ccedc82eb6b594b32155924a354b58