summaryrefslogtreecommitdiffhomepage
path: root/test
AgeCommit message (Collapse)Author
2020-05-29Merge pull request #2807 from kevinGC:iptables-sourcegVisor bot
PiperOrigin-RevId: 313842690
2020-05-29Move TCP to CLOSED from SYN-RCVD on RST.Mithun Iyer
RST handling is broken when the TCP state transitions from SYN-SENT to SYN-RCVD in case of simultaneous open. An incoming RST should trigger cleanup of the endpoint. RFC793, section 3.9, page 70. Fixes #2814 PiperOrigin-RevId: 313828777
2020-05-29Implement IN_EXCL_UNLINK inotify option in vfs2.Dean Deng
Limited to tmpfs. Inotify support in other filesystem implementations to follow. Updates #1479 PiperOrigin-RevId: 313828648
2020-05-29Internal change.gVisor bot
PiperOrigin-RevId: 313821986
2020-05-29runner: fix goroutine leakGaurav Singh
Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>
2020-05-29Port inotify to vfs2, with support in tmpfs.Dean Deng
Support in other filesystem impls is still needed. Unlike in Linux and vfs1, we need to plumb inotify down to each filesystem implementation in order to keep track of links/inode structures properly. IN_EXCL_UNLINK still needs to be implemented, as well as a few inotify hooks that are not present in either vfs1 or vfs2. Those will be addressed in subsequent changes. Updates #1479. PiperOrigin-RevId: 313781995
2020-05-28Enable iptables source filtering (-s/--source)Kevin Krakauer
2020-05-28Move Cleanup to its own packageFabricio Voznika
PiperOrigin-RevId: 313663382
2020-05-28Add pcap logging to pcaketimpact.Ian Gudger
This makes debugging packetimpact tests much easier. PiperOrigin-RevId: 313662654
2020-05-26Implement splice(2) and tee(2) for VFS2.Jamie Liu
Updates #138 PiperOrigin-RevId: 313326354
2020-05-26Automated rollback of changelist 311424257gVisor bot
PiperOrigin-RevId: 313300554
2020-05-21Skip socket tests only if running on vfs1.Dean Deng
PiperOrigin-RevId: 312763249
2020-05-21Fix IsRunningWithVFS1() on the runsc-based test runner.Jamie Liu
Updates #1035 PiperOrigin-RevId: 312736450
2020-05-21Fix TestTmpFileFabricio Voznika
Split check for file in /tmp from working directory test. Fix readonly case which should not fail to create working dir. PiperOrigin-RevId: 312702930
2020-05-21Add IsRunningWithVFS1 to test utilFabricio Voznika
VFS2 is adding more functionality than VFS1. In order to test new functionality, it's required to skip some tests with VFS1. To skip tests, use: SKIP_IF(IsRunningWithVFS1()); The test will run in Linux and gVisor with VFS2 enabled. Updates #1035 PiperOrigin-RevId: 312698616
2020-05-20Avoid all caps FIONREAD as test name.Jay Zhuang
PiperOrigin-RevId: 312596169
2020-05-20Test that we have PAWS mechanismZeling Feng
If there is a Timestamps option in the arriving segment and SEG.TSval < TS.Recent and if TS.Recent is valid, then treat the arriving segment as not acceptable: Send an acknowledgement in reply as specified in RFC-793 page 69 and drop the segment. https://tools.ietf.org/html/rfc1323#page-19 PiperOrigin-RevId: 312590678
2020-05-20Internal change.gVisor bot
PiperOrigin-RevId: 312559963
2020-05-19Skip itimer "fairness" tests on ptrace.Jamie Liu
With additional logging, the issue described by the new comment looks like: D0518 21:28:08.416810 6777 task_signals.go:459] [ 8] Notified of signal 27 D0518 21:28:08.416852 6777 task_block.go:223] [ 8] Interrupt queued D0518 21:28:08.417013 6777 task_run.go:250] [ 8] Switching to sentry D0518 21:28:08.417033 6777 task_signals.go:220] [ 8] Signal 27: delivering to handler D0518 21:28:08.417127 6777 task_run.go:248] [ 8] Switching to app D0518 21:28:08.443765 6777 task_signals.go:519] [ 8] Refusing masked signal 27 // ED: note the ~26ms elapsed since TID 8 "switched to app" D0518 21:28:08.443814 6777 task_signals.go:465] [ 6] Notified of group signal 27 D0518 21:28:08.443832 6777 task_block.go:223] [ 6] Interrupt queued D0518 21:28:08.443914 6777 task_block.go:223] [ 6] Interrupt queued D0518 21:28:08.443859 6777 task_run.go:250] [ 8] Switching to sentry I0518 21:28:08.443936 6777 strace.go:576] [ 8] exe E rt_sigreturn() Slow context switches on ptrace are probably due to kernel scheduling delays. Slow context switches on KVM are less clear, so leave that bug and TODO open. PiperOrigin-RevId: 312322782
2020-05-19Fix flaky udp tests by polling before reading.Dean Deng
On native Linux, calling recv/read right after send/write sometimes returns EWOULDBLOCK, if the data has not made it to the receiving socket (even though the endpoints are on the same host). Poll before reading to avoid this. Making this change also uncovered a hostinet bug (gvisor.dev/issue/2726), which is noted in this CL. PiperOrigin-RevId: 312320587
2020-05-18Support TCP options for packetimpactZeling Feng
PiperOrigin-RevId: 312119730
2020-05-14Make utimes_test pass on VFS2.Jamie Liu
PiperOrigin-RevId: 311657502
2020-05-14Internal change.gVisor bot
PiperOrigin-RevId: 311645222
2020-05-14Merge pull request #2663 from lubinszARM:pr_sigfp_forkgVisor bot
PiperOrigin-RevId: 311573552
2020-05-13Fix TCP segment retransmit timeout handling.Mithun Iyer
As per RFC 1122 and Linux retransmit timeout handling: - The segment retransmit timeout needs to exponentially increase and cap at a predefined value. - TCP connection needs to timeout after a predefined number of segment retransmissions. - TCP connection should not timeout when the retranmission timeout exceeds MaxRTO, predefined upper bound. Fixes #2673 PiperOrigin-RevId: 311463961
2020-05-13Stub support for TCP_SYNCNT and TCP_WINDOW_CLAMP.Bhasker Hariharan
This change adds support for TCP_SYNCNT and TCP_WINDOW_CLAMP options in GetSockOpt/SetSockOpt. This change does not really change any behaviour in Netstack and only stores/returns the stored value. Actual honoring of these options will be added as required. Fixes #2626, #2625 PiperOrigin-RevId: 311453777
2020-05-13Resolve remaining TODOs for tmpfs.Nicolas Lacasse
Closes #1197 PiperOrigin-RevId: 311438223
2020-05-13Automated rollback of changelist 311285868Bhasker Hariharan
PiperOrigin-RevId: 311424257
2020-05-13Enable overlayfs_stale_read by default for runsc.Jamie Liu
Linux 4.18 and later make reads and writes coherent between pre-copy-up and post-copy-up FDs representing the same file on an overlay filesystem. However, memory mappings remain incoherent: - Documentation/filesystems/overlayfs.rst, "Non-standard behavior": "If a file residing on a lower layer is opened for read-only and then memory mapped with MAP_SHARED, then subsequent changes to the file are not reflected in the memory mapping." - fs/overlay/file.c:ovl_mmap() passes through to the underlying FD without any management of coherence in the overlay. - Experimentally on Linux 5.2: ``` $ cat mmap_cat_page.c #include <err.h> #include <fcntl.h> #include <stdio.h> #include <string.h> #include <sys/mman.h> #include <unistd.h> int main(int argc, char **argv) { if (argc < 2) { errx(1, "syntax: %s [FILE]", argv[0]); } const int fd = open(argv[1], O_RDONLY); if (fd < 0) { err(1, "open(%s)", argv[1]); } const size_t page_size = sysconf(_SC_PAGE_SIZE); void* page = mmap(NULL, page_size, PROT_READ, MAP_SHARED, fd, 0); if (page == MAP_FAILED) { err(1, "mmap"); } for (;;) { write(1, page, strnlen(page, page_size)); if (getc(stdin) == EOF) { break; } } return 0; } $ gcc -O2 -o mmap_cat_page mmap_cat_page.c $ mkdir lowerdir upperdir workdir overlaydir $ echo old > lowerdir/file $ sudo mount -t overlay -o "lowerdir=lowerdir,upperdir=upperdir,workdir=workdir" none overlaydir $ ./mmap_cat_page overlaydir/file old ^Z [1]+ Stopped ./mmap_cat_page overlaydir/file $ echo new > overlaydir/file $ cat overlaydir/file new $ fg ./mmap_cat_page overlaydir/file old ``` Therefore, while the VFS1 gofer client's behavior of reopening read FDs is only necessary pre-4.18, replacing existing memory mappings (in both sentry and application address spaces) with mappings of the new FD is required regardless of kernel version, and this latter behavior is common to both VFS1 and VFS2. Re-document accordingly, and change the runsc flag to enabled by default. New test: - Before this CL: https://source.cloud.google.com/results/invocations/5b222d2c-e918-4bae-afc4-407f5bac509b - After this CL: https://source.cloud.google.com/results/invocations/f28c747e-d89c-4d8c-a461-602b33e71aab PiperOrigin-RevId: 311361267
2020-05-13Replace test_runner.sh bash script with Go.Ian Gudger
PiperOrigin-RevId: 311285868
2020-05-12iptables: support gid match for owner matching.Nayana Bidari
- Added support for matching gid owner and invert flag for uid and gid. $ iptables -A OUTPUT -p tcp -m owner --gid-owner root -j ACCEPT $ iptables -A OUTPUT -p tcp -m owner ! --uid-owner root -j ACCEPT $ iptables -A OUTPUT -p tcp -m owner ! --gid-owner root -j DROP - Added tests for uid, gid and invert flags.
2020-05-11Internal change.gVisor bot
PiperOrigin-RevId: 311011004
2020-05-11Internal change.gVisor bot
PiperOrigin-RevId: 310949277
2020-05-11Internal change.gVisor bot
PiperOrigin-RevId: 310941717
2020-05-11passed the syscall test case 'fpsig_fork' on Arm64 platformBin Lu
Some functions were added for Arm64 platform: a, get_fp/set_fp b, inline_tgkill Test step: bazel test //test/syscalls:fpsig_fork_test_runsc_ptrace Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-05-08iptables - filter packets using outgoing interface.gVisor bot
Enables commands with -o (--out-interface) for iptables rules. $ iptables -A OUTPUT -o eth0 -j ACCEPT PiperOrigin-RevId: 310642286
2020-05-08Add UDP send/recv packetimpact tests.Bhasker Hariharan
Fixes #2654 PiperOrigin-RevId: 310642216
2020-05-08Send ACK to OTW SEQs/unacc ACKs in CLOSE_WAITZeling Feng
This fixed the corresponding packetimpact test. PiperOrigin-RevId: 310593470
2020-05-07Internal change.gVisor bot
PiperOrigin-RevId: 310409922
2020-05-06Internal change.gVisor bot
PiperOrigin-RevId: 310213705
2020-05-05gvisor/test: use RetryEINTR for connect()Andrei Vagin
connect() returns EINTR after S/R and usually we use RetryEINTR to workaround this. PiperOrigin-RevId: 310038525
2020-05-05Support TCP zero window probes.Mithun Iyer
As per RFC 1122 4.2.2.17, when the remote advertizes zero receive window, the sender needs to probe for the window-size to become non-zero starting from the next retransmission interval. The TCP connection needs to be kept open as long as the remote is acknowledging the zero window probes. We reuse the retransmission timers to support this. Fixes #1644 PiperOrigin-RevId: 310021575
2020-05-05Internal change.gVisor bot
PiperOrigin-RevId: 310001058
2020-05-04Port eventfd to VFS2.Nicolas Lacasse
And move sys_timerfd.go to just timerfd.go for consistency. Updates #1475. PiperOrigin-RevId: 309835029
2020-05-04Internal change.gVisor bot
PiperOrigin-RevId: 309832671
2020-05-04Deflake //third_party/gvisor/test/syscalls:proc_test_nativeAndrei Vagin
There is the known issue of the linux procfs, that two consequent calls of readdir can return the same entry twice if between these calls one or more entries have been removed from this directory. PiperOrigin-RevId: 309803066
2020-05-04Merge pull request #2275 from nybidari:iptablesgVisor bot
PiperOrigin-RevId: 309783486
2020-05-01Fix include type.Adin Scannell
PiperOrigin-RevId: 309506957
2020-05-01Support for connection tracking of TCP packets.Nayana Bidari
Connection tracking is used to track packets in prerouting and output hooks of iptables. The NAT rules modify the tuples in connections. The connection tracking code modifies the packets by looking at the modified tuples.
2020-05-01Internal change.gVisor bot
PiperOrigin-RevId: 309467878