Age | Commit message (Collapse) | Author |
|
Before checking if there is space in the accept queue, the listener
should verify that the cookie is valid. If it is not, instead of
silently dropping the packet, reply with an RST.
Fixes #6683
PiperOrigin-RevId: 400807346
|
|
Updates #6683
PiperOrigin-RevId: 400745768
|
|
PiperOrigin-RevId: 400258924
|
|
This obsoletes the need for the pendingMu and pending, since they are redundant
with acceptMu and pendingAccepted.
Fixes #6671.
PiperOrigin-RevId: 400162391
|
|
Enhance the backlog test to exercise the syn queue.
Updates #6671.
PiperOrigin-RevId: 400094530
|
|
This prevents an iptables failure from deadlocking the test.
PiperOrigin-RevId: 399822238
|
|
|
|
PiperOrigin-RevId: 398849334
|
|
Some /proc files are static in gVisor, but can be updated in native
linux. To test the values of these files, move them to a separate test
and run it using "container" tag to avoid faulty comparisons in native.
Since a separate IPC namespace is used, update shm comparisons to check
the actual value, not an interval.
|
|
An ICMP endpoint's write path can use the datagram-based endpoint.
Updates #6565.
Test: Datagram-based generic socket + ICMP/ping syscall tests.
PiperOrigin-RevId: 398539844
|
|
Fixes #6495
PiperOrigin-RevId: 398121921
|
|
Before this change, when a new connection was created after receiving
an ACK that matched a SYN-cookie, it was always delivered asynchronously
to the accept queue. There was a chance that the listening endpoint
would process a SYN from another client before the delivery happened,
and the listening endpoint would not know yet that the queue was about
to be full, once the delivery happened.
Now, when an ACK matching a SYN-cookie is received, the new endpoint is
created and moved to the accept queue synchronously, while holding the
accept lock.
Fixes #6545
PiperOrigin-RevId: 398107254
|
|
Updates #6621
PiperOrigin-RevId: 397898852
|
|
Once a packet socket is bound to a network protocol, it cannot be
unbound from that protocol; the network protocol binding may only be
updated to a different network protocol.
To comply with Linux.
PiperOrigin-RevId: 397810878
|
|
PiperOrigin-RevId: 397631833
|
|
...to change the network protocol a packet socket may receive packets
from.
This CL is a portion of an originally larger CL that was split with
https://github.com/google/gvisor/commit/a8ad692fd36cbaf7f5a6b9af39d601053dbee338
being the dependent CL. That CL (accidentally) included the change in
the endpoint's `afterLoad` method to take the required lock when
accessing the endpoint's netProto field. That change should have been in
this CL.
The CL that made the change mentioned in the commit message is
cl/396946187.
PiperOrigin-RevId: 397412582
|
|
...even protocols the stack is unaware of.
While I am here, annotate checklocks on stack.packetEndpointList.
PiperOrigin-RevId: 397226754
|
|
...so that a later change can add a new packet_socket syscall test
target that holds raw/dgram packet socket generic common tests. The
current packet_socket syscall test target holds tests specific to
dgram packet sockets.
While I am here, remove the defines for the packet_socket_raw_test
target as no code is guarded with `__linux__` in the target's sources.
PiperOrigin-RevId: 397217761
|
|
In the general case, files may have offsets between MaxInt64 and MaxUint64; in
Linux pgoff is consistently represented by an unsigned long, and in gVisor the
offset types in memmap.MappableRange are uint64. However, regular file mmap is
constrained to int64 offsets (on 64-bit systems) by
mm/mmap.c:file_mmap_size_max() => MAX_LFS_FILESIZE == LLONG_MAX.
As a related fix, check for chunkStart overflow in fsutil.HostFileMapper; chunk
offsets are uint64s, but as noted above some file types may use uint64 offsets
beyond MaxInt64.
Reported-by: syzbot+71342a1585aed97ed9f7@syzkaller.appspotmail.com
PiperOrigin-RevId: 397136751
|
|
...to match Linux behaviour.
Fixes #5711.
PiperOrigin-RevId: 397132671
|
|
Replaced the current AddAddressWithOptions method with
AddAddressWithProperties which passes all address properties in
a single AddressProperties type. More properties that need to be
configured in the future are expected, so adding a type makes adding
them easier.
PiperOrigin-RevId: 396930729
|
|
...and EAFNOSUPPORT for unexpected address family.
To comply with Linux.
Updates #6021, #6575.
PiperOrigin-RevId: 396893590
|
|
A raw IP endpoint's write and socket option get/set path can use the
datagram-based endpoint.
This change extracts tests from UDP that may also run on Raw IP sockets.
Updates #6565.
Test: Raw IP + datagram-based socket syscall tests.
PiperOrigin-RevId: 396729727
|
|
Code to get the loopback interface's index is scattered throughout the
syscall tests. Implement the code once and use that in tests (where
applicable).
While I am here, trim the dependencies/includes for network namespace
tests.
PiperOrigin-RevId: 396718124
|
|
Previously, any time a datagram-based network endpoint (e.g. UDP) was
bound, the bound NIC is always set based on the bound address (if
specified). However, we should only consider the endpoint bound to
an NIC if a NIC was explicitly bound to.
If an endpoint has been bound to an address and attempts to send packets
to an unconnected remote, the endpoint will default to sending packets
through the bound address' NIC if not explicitly bound to a NIC.
Updates #6565.
PiperOrigin-RevId: 396712415
|
|
SOL_UDP is used when get/set-ing socket options to specify the socket
level. When creating normal UDP sockets, the protocol need not be
specified. When creating RAW IP sockets for UDP, use IPPROTO_UDP.
PiperOrigin-RevId: 396675986
|
|
...if bound to an address.
We previously checked the source of a packet instead of the destination
of a packet when bound to an address.
PiperOrigin-RevId: 396497647
|
|
Otherwise it can fail:
$ bazel cquery pkg/p9/... --output=starlark --starlark:file=tools/show_paths.bzl
...
ERROR: Starlark evaluation error for //pkg/p9/p9test:mockgen:
Traceback (most recent call last):
File "tools/show_paths.bzl", line 8, column 32, in format
Error: 'NoneType' value has no field or method 'get'
PiperOrigin-RevId: 396457764
|
|
Setting the ToS for IPv4 packets (SOL_IP, IP_TOS) should not affect the
Traffic Class of IPv6 packets (SOL_IPV6, IPV6_TCLASS).
Also only return the ToS value XOR Traffic Class as a packet cannot be
both an IPv4 and an IPv6 packet; It is invalid to return both the IPv4
ToS and IPv6 Traffic Class control messages when reading packets.
Updates #6389.
PiperOrigin-RevId: 396399096
|
|
PiperOrigin-RevId: 396155387
|
|
Previously, gVisor did not represent loopback devices as an ethernet
device as Linux does. To maintain Linux API compatibility for packet
sockets, a workaround was used to add an ethernet header if a link
header was not already present in the packet buffer delivered to a
packet endpoint.
However, this workaround is a bug for non-ethernet based interfaces; not
all links use an ethernet header (e.g. pure L3/TUN interfaces).
As of 3b4bb947517d0d9010120aaa1c3989fd6abf278e, gVisor represents
loopback devices as an ethernet-based device so this workaround can
now be removed.
BUG: https://fxbug.dev/81592
Updates #6530, #6531.
PiperOrigin-RevId: 395819151
|
|
NewTempAbsPathInDir("/tmp") prevents the generated socket address from
exceeding sizeof(addr.sun_path). However, existing systems that are built with
the ANDROID configuration have their temp directory in a different location.
This change allows those systems to run tests that depend on UniqueUnixAddr.
PiperOrigin-RevId: 395336483
|
|
PiperOrigin-RevId: 394481127
|
|
...through the loopback interface, only.
This change only supports sending on packet sockets through the loopback
interface as the loopback interface is the only interface used in packet
socket syscall tests - the other link endpoints are not excercised with
the existing test infrastructure.
Support for sending on packet sockets through the other interfaces will
be added as needed.
BUG: https://fxbug.dev/81592
PiperOrigin-RevId: 394368899
|
|
Reported-by: syzbot+1aab6800bd14829609b8@syzkaller.appspotmail.com
PiperOrigin-RevId: 394279838
|
|
These tests are permanently broken on Linux after 36e2c7421f02 "fs: don't allow
splice read/write without explicit ops".
PiperOrigin-RevId: 394161079
|
|
PiperOrigin-RevId: 394004809
|
|
Fix syzcaller panic SIGBUS on error handling. Done by
adding an interface, errors.GuestError, which errors can
implement in order to be compared against each other.
PiperOrigin-RevId: 393867554
|
|
PiperOrigin-RevId: 393783192
|
|
|
|
fixed and enabled SetForegroundProcessGroup and SetForegroundProcessGroupEmptyProcessGroup.
|
|
PiperOrigin-RevId: 392774712
|
|
PiperOrigin-RevId: 392760305
|
|
-Added a test to check if the process in background is blocking SIGTTOU
-Some minor formatting fixes
|
|
Earlier the tests were checking for equality of system-wide metrics before and
after some network related operations. That is inherently racy for native tests
because depending on the testing infrastructure, multiple tests might run
parallely hence trampling over each other's metrics.
Tests should only compare metrics that are increasing in nature. The comparison
should not be a hard comparison, instead a less-than/greater-than relation test.
I have changed the checks and also removed tests for tcpCurrEstab metric which
has "SYNTAX Gauge" and hence can not be tested reliably.
PiperOrigin-RevId: 391460081
|
|
PiperOrigin-RevId: 391416650
|
|
Test the correct sending of the SIGTTOU in setForegroundProcess
|
|
The test expects that pread reads the full buffer, it means that the pread
offset has to be equal or less than file_size - buffer_size.
PiperOrigin-RevId: 391356863
|
|
Add support for msgctl and enable tests.
Fixes #135
|
|
Updates #135
|