Age | Commit message (Collapse) | Author |
|
Previously, sending on an unconnected UDP socket would ignore the
SO_BINDTODEVICE option. Send on the configured interface when an UDP socket
is bound to an interface through setsockop SO_BINDTODEVICE.
Add packetimpact tests exercising UDP reads and writes with every combination
of bound/unbound, broadcast/multicast/unicast destination, and bound/not-bound
to device.
PiperOrigin-RevId: 354299670
|
|
This CL adds support for the following fields:
- RTT, RTTVar, RTO
- send congestion window (sndCwnd) and send slow start threshold (sndSsthresh)
- congestion control state(CaState)
- ReorderSeen
PiperOrigin-RevId: 354195361
|
|
Fix the test to rely on more deterministic retransmission interval
computations by skipping the initial probe transmission time as that
can be non-deterministic given arbitrary time taken for the DUT to
receive a send command and initiate a send.
Fixes #5080
PiperOrigin-RevId: 354146256
|
|
Contrary to the comment on the socket test, the failure was due to an issue
with goferfs rather than kernfs.
PiperOrigin-RevId: 353918021
|
|
This also causes inotify events to be generated when reading files for exec.
This change also requires us to adjust splice+inotify tests due to
discrepancies between gVisor and Linux behavior. Note that these discrepancies
existed before; we just did not exercise them previously. See comment for more
details.
Fixes #5348.
PiperOrigin-RevId: 353907187
|
|
If data is sent over a stream socket that will not fit all at once, it will
be sent over multiple packets. SCM Rights should only be sent with the first
packet (see net/unix/af_unix.c:unix_stream_sendmsg in Linux).
Reported-by: syzbot+aa26482e9c4887aff259@syzkaller.appspotmail.com
PiperOrigin-RevId: 353886442
|
|
This CL moves {S,G}etsockopt of SO_SNDBUF from all endpoints to socketops. For
unix sockets, we do not support setting of this option.
PiperOrigin-RevId: 353871484
|
|
IN_CLOSE should only be generated when a file description loses its last
reference; not when a file descriptor is closed.
See fs/file_table.c:__fput.
Updates #5348.
PiperOrigin-RevId: 353810697
|
|
Individual test cases must not rely on being executed in a clean environment.
PiperOrigin-RevId: 353684155
|
|
The test was execve itself into `/bin/true`, so the test was
not actually executing.
PiperOrigin-RevId: 353676855
|
|
EXPECT*/ASSERT* functions are not async-signal-safe and should not
be called from the function passed to InForkedProcess. However,
these happen accidentally sometimes but do no cause InForkedProcess
to fail.
Detect and notify in such cases.
PiperOrigin-RevId: 353354540
|
|
Fixes #5113.
PiperOrigin-RevId: 353313374
|
|
- Added packetimpact tests for RACK.
PiperOrigin-RevId: 353282342
|
|
We have support for the output interface name, but not for the input
interface name.
This change adds the support for the input interface name, and adds the
test cases for it.
Fixes #5300
PiperOrigin-RevId: 353179389
|
|
Updates #5273
PiperOrigin-RevId: 353087710
|
|
For an active OPEN call with unspecified foreign socket, TCP MUST
return error: foreign socket unspecified
PiperOrigin-RevId: 352961691
|
|
PiperOrigin-RevId: 352905565
|
|
On ARM64, when ptrace stops on a system call, it uses the x7 register to
indicate whether the stop has been signalled from syscall entry or syscall
exit. This means that we can't get a value of this register and we can't change
it. More details are in the comment for tracehook_report_syscall in
arch/arm64/kernel/ptrace.c.
This happens only if we stop on a system call, so let's queue a signal, resume
a stub thread and catch it on a signal handling.
Fixes: #5238
PiperOrigin-RevId: 352668695
|
|
PiperOrigin-RevId: 352624174
|
|
IPv4 previously accepts the packet, while IPv6 panics. Neither is the behavior
in Linux.
splice() in Linux has different behavior than in gVisor. This change documents
it in the SpliceTooLong test.
Reported-by: syzbot+b550e78e5c24d1d521f2@syzkaller.appspotmail.com
PiperOrigin-RevId: 352091286
|
|
Updates #5273
PiperOrigin-RevId: 352088736
|
|
PiperOrigin-RevId: 352068182
|
|
io.Writer.Write requires err to be non-nil if n < len(v).
We could allow this but it will be irreversible if users depend on this
behavior.
Ported the test that discovered this.
PiperOrigin-RevId: 352065946
|
|
Also fix test expectation for UDP sendto() case in tuntap syscall test.
Fixes #5155
PiperOrigin-RevId: 352056612
|
|
- Remove the pipe package's dependence on the buffer package, which becomes
unused as a result. The buffer package is currently intended to serve two use
cases, pipes and temporary buffers, and does neither optimally as a result;
this change facilitates retooling the buffer package to better serve the
latter.
- Pass callbacks taking safemem.BlockSeq to the internal pipe I/O methods,
which makes most callbacks trivial.
- Fix VFS1's splice() and tee() to immediately return if a pipe returns a
partial write.
PiperOrigin-RevId: 351911375
|
|
Return EEXIST when overwritting a file as long as the caller has exec
permission on the parent directory, even if the caller doesn't have
write permission.
Also reordered the mount write check, which happens before permission
is checked.
Closes #5164
PiperOrigin-RevId: 351868123
|
|
Whether the variable was found is already returned by syscall.Getenv.
os.Getenv drops this value while os.Lookupenv passes it along.
PiperOrigin-RevId: 351674032
|
|
PiperOrigin-RevId: 351606635
|
|
gvisor-containerd-shim is not compatible with containerd 1.1 or earlier.
Starting from containerd 1.2, shim v2 is the preferred interface.
PiperOrigin-RevId: 351485556
|
|
This change implements TLP details enumerated in
https://tools.ietf.org/html/draft-ietf-tcpm-rack-08#section-7.5.1.
Fixes #5083
PiperOrigin-RevId: 351467357
|
|
These are primarily simplification and lint mistakes. However, minor
fixes are also included and tests added where appropriate.
PiperOrigin-RevId: 351425971
|
|
PiperOrigin-RevId: 350646249
|
|
Read now takes a destination io.Writer, count, options. Keeping the method name
Read, in contrast to the Write method.
This enables:
* direct transfer of views under VV
* zero copy
It also eliminates the need for sentry to keep a slice of view because
userspace had requested a read that is smaller than the view returned, removing
the complexity there.
Read/Peek/ReadPacket are now consolidated together and some duplicate code is
removed.
PiperOrigin-RevId: 350636322
|
|
PiperOrigin-RevId: 350509137
|
|
PiperOrigin-RevId: 350438564
|
|
IPv4 was always supported but UDP never supported joining/leaving IPv6
multicast groups via socket options.
Add: IPPROTO_IPV6, IPV6_JOIN_GROUP/IPV6_ADD_MEMBERSHIP
Remove: IPPROTO_IPV6, IPV6_LEAVE_GROUP/IPV6_DROP_MEMBERSHIP
Test: integration_test.TestUDPAddRemoveMembershipSocketOption
PiperOrigin-RevId: 350396072
|
|
PiperOrigin-RevId: 350246333
|
|
This includes minor fix-ups:
* Handle SIGTERM in runsc debug, to exit gracefully.
* Fix cmd.debug.go opening all profiles as RDONLY.
* Fix the test name in fio_test.go, and encode the block size in the test.
PiperOrigin-RevId: 350205718
|
|
Reported-by: syzbot+814105309d2ae8651084@syzkaller.appspotmail.com
PiperOrigin-RevId: 350159452
|
|
PiperOrigin-RevId: 349607959
|
|
Test failure happens when `echo` writes late:
* Server nc shuts down write when it sees EOF from stdin.
* Client nc closes the connection when it detects EOF from socket and no data
in internal write buffer.
Using `-q` flag to make server not shutting down write in the beginning, while
letting connection to be closed by client. As `-q` flag's default value varies
in different netcat versions, we always specify it to prevent future breakage.
PiperOrigin-RevId: 349504016
|
|
- Tweak the benchmarks to work with b.N where appropriate. In many cases,
b.N was simply being ignored. This creates an implicit dependency in the
user passing a reasonable benchtime (less than or equal to the actual
runtime of the test, or using the X syntax) otherwise the test runs
forever.
- In cases where the above is impossible, explicitly set benchtime from
the test wrapper, to prevent the above behavior (tensorflow).
- Drop the *Reverse variants, which are simply hey benchmarks. We should
just add a hey benchmark. The platforms benchmarks already include a
native platform, and thus these benchmarks are incredibly confusing.
(In other words, BenchmarkNginxReverse has nothing to do with an nginx
benchmark for runsc.)
- Remove the redunant Harness object, which contains no state, in order
to slightly simplify the code.
- Make Block and Heap profiling actually work, but setting appropriate
runtime parameters (and plumbing them through the config).
- Split the profiling into two phases: start and stop, since some will
need to be started early, and others will need to happen at the end.
PiperOrigin-RevId: 349495377
|
|
PiperOrigin-RevId: 349490873
|
|
PiperOrigin-RevId: 349458984
|
|
PiperOrigin-RevId: 349314945
|
|
The buildkite syscall tests start with a lot of C++ warnings. This
cleans that up a little.
|
|
open() has to return ENXIO in this case.
O_PATH isn't supported by vfs1.
PiperOrigin-RevId: 348820478
|
|
PiperOrigin-RevId: 348720223
|
|
PiperOrigin-RevId: 348089449
|
|
PiperOrigin-RevId: 348056159
|