summaryrefslogtreecommitdiffhomepage
path: root/test
AgeCommit message (Collapse)Author
2020-04-28Fix Unix socket permissions.Dean Deng
Enforce write permission checks in BoundEndpointAt, which corresponds to the permission checks in Linux (net/unix/af_unix.c:unix_find_other). Also, create bound socket files with the correct permissions in VFS2. Fixes #2324. PiperOrigin-RevId: 308949084
2020-04-28Internal change.gVisor bot
PiperOrigin-RevId: 308940886
2020-04-28Don't unlink named pipes in pipe test.Jamie Liu
TempPath's destructor runs at the end of the named pipe creation functions, deleting the named pipe. If the named pipe is backed by a "non-virtual" filesystem (!fs.Inode.IsVirtual()), this causes the following save attempt to fail because there are FDs holding the deleted named pipe open. PiperOrigin-RevId: 308861999
2020-04-24Propagate PID limit from OCI to sandbox cgroupFabricio Voznika
Closes #2489 PiperOrigin-RevId: 308362434
2020-04-24Add ICMP6 param problem testEyal Soha
Tested: When run on Linux, a correct ICMPv6 response is received. On netstack, no ICMPv6 response is received. PiperOrigin-RevId: 308343113
2020-04-24Better error message from ExpectFrameEyal Soha
Display the errors as diffs between the expected and wanted frame. PiperOrigin-RevId: 308333271
2020-04-24Improve and update packetimpact README.mdEyal Soha
PiperOrigin-RevId: 308328860
2020-04-24Standardize all Docker images.Adin Scannell
This change moves all Docker images to a standard location, and abstracts the build process so that they can be maintained in an automated fashion. This also allows the images to be architecture-independent. All images will now be referred to by the test framework via the canonical `gvisor.dev/images/<name>`, where `<name>` is a function of the path within the source tree. In a subsequent change, continuous integration will be added so that the images will always be correct and available locally. In the end, using `bazel` for Docker containers is simply not possible. Given that we already have the need to use `make` with the base container (for Docker), we extend this approach to get more flexibility. This change also adds a self-documenting and powerful Makefile that is intended to replace the collection of scripts in scripts. Canonical (self-documenting) targets can be added here for targets that understand which images need to be loaded and/or built. PiperOrigin-RevId: 308322438
2020-04-23Fix Layer merge and add unit testsEyal Soha
mergo was improperly merging nil and empty strings PiperOrigin-RevId: 308170862
2020-04-23Fix test output so that filenames have the correct path.Eyal Soha
Tested: Intentionally introduce an error and then run: blaze test --test_output=streamed //third_party/gvisor/test/packetimpact/tests:tcp_outside_the_window_linux_test PiperOrigin-RevId: 308114194
2020-04-23Simplify Docker test infrastructure.Adin Scannell
This change adds a layer of abstraction around the internal Docker APIs, and eliminates all direct dependencies on Dockerfiles in the infrastructure. A subsequent change will automated the generation of local images (with efficient caching). Note that this change drops the use of bazel container rules, as that experiment does not seem to be viable. PiperOrigin-RevId: 308095430
2020-04-23Run failing packetimpact test and expect failure.Eyal Soha
This will make it easier to notice if a code change causes an existing test to pass. PiperOrigin-RevId: 308057978
2020-04-22tcp: handle listen after shutdown properlyAndrei Vagin
Right now, sentry panics in this case: panic: close of nil channel goroutine 67 [running]: pkg/tcpip/transport/tcp/tcp.(*endpoint).listen(0xc0000ce000, 0x9, 0x0) pkg/tcpip/transport/tcp/endpoint.go:2208 +0x170 pkg/tcpip/transport/tcp/tcp.(*endpoint).Listen(0xc0000ce000, 0x9, 0xc0003a1ad0) pkg/tcpip/transport/tcp/endpoint.go:2179 +0x50 Fixes #2468 PiperOrigin-RevId: 307896725
2020-04-22Add comments about deepcopy in Layer.incoming()Eyal Soha
PiperOrigin-RevId: 307812340
2020-04-21Don't ignore override if it is longer than layerStatesgVisor bot
PiperOrigin-RevId: 307708653
2020-04-21Restore euid upon test finishKevin Krakauer
PiperOrigin-RevId: 307638329
2020-04-21Internal change.gVisor bot
PiperOrigin-RevId: 307622320
2020-04-20Add a functional vm_test for root_test.Adin Scannell
This change renames the tools/images directory to tools/vm for clarity, and adds a functional vm_test. Sharding is also added to the same test, and some documentation added around key flags & variables to describe how they work. Subsequent changes will add vm_tests for other cases, such as the runtime tests. PiperOrigin-RevId: 307492245
2020-04-20Merge pull request #2060 from xiaobo55x:rseqgVisor bot
PiperOrigin-RevId: 307453436
2020-04-19Don't accept segments outside the receive windowEyal Soha
Fixed to match RFC 793 page 69. Fixes #1607 PiperOrigin-RevId: 307334892
2020-04-19Convert tcp_user_timeout test from packetdrill to packetimpact.Eyal Soha
PiperOrigin-RevId: 307328289
2020-04-17prlimit: don't check credentials on selfKevin Krakauer
prlimit was erroneously comparing UIDs and GIDs when getting/setting a process' own limits. From the manpage: To set or get the resources of a process other than itself, the caller must have the CAP_SYS_RESOURCE capability, or the real, effective, and saved set user IDs of the target process must match the real user ID of the caller and the real, effective, and saved set group IDs of the target process must match the real group ID of the caller. PiperOrigin-RevId: 307127266
2020-04-17Add test name to boot and gofer log filesFabricio Voznika
This is to make easier to find corresponding logs in case test fails. PiperOrigin-RevId: 307104283
2020-04-17proc net test: Annotate disable-save test with NoRandomSave.Ting-Yu Wang
PiperOrigin-RevId: 307069884
2020-04-16Implement pipe(2) and pipe2(2) for VFS2.Jamie Liu
Updates #1035 PiperOrigin-RevId: 306968644
2020-04-16Reset pending connections on listener shutdown.Mithun Iyer
When the listening socket is read shutdown, we need to reset all pending and incoming connections. Ensure that the endpoint is not cleaned up from the demuxer and subsequent bind to same port does not go through. PiperOrigin-RevId: 306958038
2020-04-16Use multierr in packetimpact Connection.Close()Eyal Soha
PiperOrigin-RevId: 306930652
2020-04-16Test TCP behavior when receiving unacceptable segment in CLOSE_WAITgVisor bot
TCP, in CLOSE-WAIT state, MUST return ACK with proper SEQ and ACK numbers after recv a seg with OTW SEQ or unacc ACK number, and remain in same state. If the connection is in a synchronized state, any unacceptable segment (out of window sequence number or unacceptable acknowledgment number) must elicit only an empty acknowledgment segment containing the current send-sequence number and an acknowledgment indicating the next sequence number expected to be received, and the connection remains in the same state. PiperOrigin-RevId: 306897984
2020-04-15Add tests for segments outside the receive window.Eyal Soha
The tests are based on RFC 793 page 69. Updates #1607 PiperOrigin-RevId: 306768847
2020-04-15Use hex.Dump for Layer.String() of byte slices.Eyal Soha
PiperOrigin-RevId: 306726587
2020-04-15Use if_nametoindex to get interface index.Ting-Yu Wang
Removed the TODO to use netlink. PiperOrigin-RevId: 306721468
2020-04-15Refactor connections.go to make it easier to add new connection types.Eyal Soha
Rather than have a struct for the state of each type of connection, such as TCP/IPv4, UDP/IPv4, TCP/IPv6, etc, have a state for each layer, such as UDP, TCP, IPv4, IPv6. Those states can be composed into connections. Tested: Existing unit tests still pass/fail as expected. PiperOrigin-RevId: 306703180
2020-04-15Reset pending connections on listener closeMithun Iyer
Attempt to redeliver TCP segments that are enqueued into a closing TCP endpoint. This was being done for Established endpoints but not for those that are listening or performing connection handshake. Fixes #2417 PiperOrigin-RevId: 306598155
2020-04-14Test TCP should piggyback ACK in ESTAB stategVisor bot
TCP, in ESTABLISHED state, SHOULD piggyback acknowledgement with a segment being transmitted (whenever possible) without incurring undue delay PiperOrigin-RevId: 306474550
2020-04-14Merge pull request #2375 from lubinszARM:pr_exec_binarygVisor bot
PiperOrigin-RevId: 306432289
2020-04-13Add Sniffer.Drain() draining socket receive buffergVisor bot
Add Sniffer.Drain() which drains the socket's receive buffer by temporarily setting the socket to non-blocking, and receiving in a loop until EINTR, EWOULDBLOCK or EAGAIN. This method should be used when long periods of time elapses without receiving on the socket, because uninteresting packets may have piled up in the receive buffer, filling it up and causing packets critical to test operation to be dropped. PiperOrigin-RevId: 306380480
2020-04-13Don't allow read/write when offset+size overflows.Nicolas Lacasse
PiperOrigin-RevId: 306348346
2020-04-13Remove unnecessary threadsTamir Duberstein
The work being done in these threads is not asynchronous with respect to the test; that is, it is equivalent to issue non-blocking `connect` calls serially, since the work is done asynchronously with respect to the caller. Futhermore, this test was added to test closing a listener with completed but not delivered connections, which never required threading in the first place. PiperOrigin-RevId: 306339486
2020-04-13Merge pull request #2168 from xiaobo55x:ptrace_testgVisor bot
PiperOrigin-RevId: 306306809
2020-04-13Merge pull request #2288 from xiaobo55x:fork_testgVisor bot
PiperOrigin-RevId: 306306494
2020-04-13Merge pull request #2289 from xiaobo55x:syscall_cleanupgVisor bot
PiperOrigin-RevId: 306303148
2020-04-12Refactor parser to use a for loop instead of recursion.Eyal Soha
This makes the code shorter and less repetitive. TESTED: All unit tests still pass. PiperOrigin-RevId: 306161475
2020-04-11Improve error messages when parsing headers.Eyal Soha
Tested: Looked at output of failing tests. PiperOrigin-RevId: 306031407
2020-04-10Port extended attributes to VFS2.Dean Deng
As in VFS1, we only support the user.* namespace. Plumbing is added to tmpfs and goferfs. Note that because of the slightly different order of checks between VFS2 and Linux, one of the xattr tests needs to be relaxed slightly. Fixes #2363. PiperOrigin-RevId: 305985121
2020-04-10Test that RST is sent after ABORT in ESTABLISHED TCP state.Eyal Soha
PiperOrigin-RevId: 305879441
2020-04-10test: remove 1s delay after non-blocking socket pair acceptAndrei Vagin
It was added in cl/201419897 to deflake socket_ip_tcp_loopback_non_blocking_test_gvisor. It seems we don't need this hack, because the origin issue isn't reproducible without this hack. PiperOrigin-RevId: 305871748
2020-04-09Merge pull request #2253 from amscanne:nogogVisor bot
PiperOrigin-RevId: 305807868
2020-04-10Enable syscall ptrace test on arm64.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I5bb8fa7d580d173b1438d6465e1adb442216c8fa
2020-04-10Enable syscall fork_test on arm64.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I033692bcf4f8139df29e369a12b150d10fccbe32
2020-04-09Remove TODOs from Async IOFabricio Voznika
Block and drain requests in io_destroy(2). Note the reason to create read-only mapping. PiperOrigin-RevId: 305786312