Age | Commit message (Collapse) | Author |
|
Enables commands such as:
$ iptables -A INPUT -d 127.0.0.1 -j ACCEPT
$ iptables -t nat -A PREROUTING ! -d 127.0.0.1 -j REDIRECT
Also adds a bunch of REDIRECT+destination tests.
|
|
PiperOrigin-RevId: 296526279
|
|
PiperOrigin-RevId: 296519566
|
|
TCP/IP will work with netstack networking. hostinet doesn't work, and sockets
will have the same behavior as it is now.
Before the userspace is able to create device, the default loopback device can
be used to test.
/proc/net and /sys/net will still be connected to the root network stack; this
is the same behavior now.
Issue #1833
PiperOrigin-RevId: 296309389
|
|
PiperOrigin-RevId: 296104390
|
|
So that they can be included by Fuchsia's syscall tests
PiperOrigin-RevId: 296030383
|
|
Added the ability to get/set the IP_RECVTCLASS socket option on UDP endpoints.
If enabled, traffic class from the incoming Network Header passed as ancillary
data in the ControlMessages.
Adding Get/SetSockOptBool to decrease the overhead of getting/setting simple
options. (This was absorbed in a CL that will be landing before this one).
Test:
* Added unit test to udp_test.go that tests getting/setting as well as
verifying that we receive expected TOS from incoming packet.
* Added a syscall test for verifying getting/setting
* Removed test skip for existing syscall test to enable end to end test.
PiperOrigin-RevId: 295840218
|
|
PiperOrigin-RevId: 295835807
|
|
- Retry if fallocate returns EINTR.
- If fallocate fails, don't try to fstat and confirm the result.
PiperOrigin-RevId: 295789790
|
|
PiperOrigin-RevId: 295785052
|
|
$ iptables -N foochain
$ iptables -A INPUT -j foochain
|
|
PiperOrigin-RevId: 294957297
|
|
PiperOrigin-RevId: 294952610
|
|
- Adds creation of user chains via `-N <chainname>`
- Adds `-j RETURN` support for built-in chains, which triggers the
chain's underflow rule (usually the default policy).
- Adds tests for chain creation, default policies, and `-j RETURN' from
built-in chains.
|
|
So that they can be included by Fuchsia's syscall tests
PiperOrigin-RevId: 294654890
|
|
In particular, explain how to push updates to the images.
PiperOrigin-RevId: 294508879
|
|
PiperOrigin-RevId: 294265019
|
|
The readme didn't mention that users need to:
- `bazel build` when working on iptables tests
- enable raw sockets in /etc/docker/daemon.json.
PiperOrigin-RevId: 294260169
|
|
PiperOrigin-RevId: 294250370
|
|
Note that these are only implemented for tmpfs, and other impls will still
return EOPNOTSUPP.
PiperOrigin-RevId: 293899385
|
|
- Move shared helpers V4Multicast and V4Broadcast to socket_test_util
- Add unnamed namespace so socket_ipv4_tcp_unbound_external_networking_test.cc
and socket_ipv4_udp_unbound_external_networking_test.cc can be compiled
together
- Add test files to "exports_files" so they can be included by Fuchsia's syscall
test setup
PiperOrigin-RevId: 293880429
|
|
PiperOrigin-RevId: 293676954
|
|
When ignored, the trap should be executed which generates
a SIGSEGV as in the above case.
PiperOrigin-RevId: 293618489
|
|
These were out-of-band notes that can help provide additional context
and simplify automated imports.
PiperOrigin-RevId: 293525915
|
|
From RFC 793 s3.9 p58 Event Processing:
If RECEIVE Call arrives in CLOSED state and the user has access to such a
connection, the return should be "error: connection does not exist"
Fixes #1598
PiperOrigin-RevId: 293494287
|
|
PiperOrigin-RevId: 293411655
|
|
PiperOrigin-RevId: 293409718
|
|
PiperOrigin-RevId: 293271055
|
|
PiperOrigin-RevId: 293243342
|
|
Tests 65k connection attempts on common types of sockets to check for port
leaks.
Also fixes a bug where dual-stack sockets wouldn't properly re-queue
segments received while closing.
PiperOrigin-RevId: 293241166
|
|
The timer ID is copied out to the argument.
Fixes #1738
PiperOrigin-RevId: 293210801
|
|
So it can be included in fuchsia's syscall tests
PiperOrigin-RevId: 293208306
|
|
Internal pipes are supported similarly to how internal UDS is done.
It is also controlled by the same flag.
Fixes #1102
PiperOrigin-RevId: 293150045
|
|
* Tests are picked for a shard differently. It now picks one test from each
block, instead of picking the whole block. This makes the same kind of tests
spreads across different shards.
* Reduce the number of connect() calls in TCPListenClose.
PiperOrigin-RevId: 293019281
|
|
PiperOrigin-RevId: 292973224
|
|
If the support is Ignored, then the call is still executed. We
simply rely on it to fall through to the int3. Therefore, we
must also bail on the vendor check.
PiperOrigin-RevId: 292620558
|
|
Fixes: //test/syscalls:32bit_test_runsc_kvm
Ref change: 5d569408ef94c753b7aae9392b5e4ebf7e5ea50d
PiperOrigin-RevId: 292563926
|
|
PiperOrigin-RevId: 292458933
|
|
PiperOrigin-RevId: 292445329
|
|
This avoids conflicting definitions of GetSocketPairs() in outer namespace when
multiple such cc files are complied for one binary.
PiperOrigin-RevId: 292420885
|
|
PiperOrigin-RevId: 292419699
|
|
When sending a RST on shutdown we need to double check the
state after acquiring the work mutex as the endpoint could
have transitioned out of a connected state from the time
we checked it and we acquired the workMutex.
I added two tests but sadly neither reproduce the panic. I am
going to leave the tests in as they are good to have anyway.
PiperOrigin-RevId: 292393800
|
|
Splice must not allow negative offsets. Writes also must not allow offset +
size to overflow int64. Reads are similarly broken, but not just in splice
(b/148095030).
Reported-by: syzbot+0e1ff0b95fb2859b4190@syzkaller.appspotmail.com
PiperOrigin-RevId: 292361208
|
|
The name of the runner binary target changed from "runner" to "runner-image",
causing iptables tests to fail.
PiperOrigin-RevId: 292242263
|
|
PiperOrigin-RevId: 292233574
|
|
Special files can have additional requirements for granularity.
For example, read from eventfd returns EINVAL if a size is less 8 bytes.
Reported-by: syzbot+3905f5493bec08eb7b02@syzkaller.appspotmail.com
PiperOrigin-RevId: 292002926
|
|
Test command:
$ ip route get 1.1.1.1
Fixes: #1099
Signed-off-by: Jianfeng Tan <henry.tjf@antfin.com>
COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/1121 from tanjianfeng:fix-1099 e6919f3d4ede5aa51a48b3d2be0d7a4b482dd53d
PiperOrigin-RevId: 291990716
|
|
This isn't in the libc wrapper, but it is in the syscall itself.
Discovered by @xiaobo55x in #1625.
PiperOrigin-RevId: 291973931
|
|
And Type* over Type *. This is basically a whitespace only change.
gVisor code already prefers left-alignment of pointers and references, but
clang-format formats for consistency with the majority of a file, and some
files leaned the wrong way. This is a one-time pass to make us completely
conforming.
Autogenerated with:
$ find . \( -name "*.cc" -or -name "*.c" -or -name "*.h" \) \
| xargs clang-format -i -style="{BasedOnStyle: Google, \
DerivePointerAlignment: false, PointerAlignment: Left}"
PiperOrigin-RevId: 291972421
|
|
PiperOrigin-RevId: 291869423
|