summaryrefslogtreecommitdiffhomepage
path: root/test
AgeCommit message (Collapse)Author
2020-01-17Merge pull request #1541 from nybidari:iptablesgVisor bot
PiperOrigin-RevId: 290273561
2020-01-17Enable build of test/syscall tests on arm64.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I277d6c708bbf5c3edd7c3568941cfd01dc122e17
2020-01-16Disable xattr tests.Dean Deng
These can remain disabled until we actually support extended attributes. The following modifications were also made: 1. Disable save/restore on tests that change file permissions. Restore will not work properly for these tests, since it will try to open the file with read-write after it has been read- or write-only. 2. Change user.abc to user.test. PiperOrigin-RevId: 290123941
2020-01-14Changes TCP packet dispatch to use a pool of goroutines.Bhasker Hariharan
All inbound segments for connections in ESTABLISHED state are delivered to the endpoint's queue but for every segment delivered we also queue the endpoint for processing to a selected processor. This ensures that when there are a large number of connections in ESTABLISHED state the inbound packets are all handled by a small number of goroutines and significantly reduces the amount of work the goscheduler has to perform. We let connections in other states follow the current path where the endpoint's goroutine directly handles the segments. Updates #231 PiperOrigin-RevId: 289728325
2020-01-14Implement {g,s}etsockopt(IP_RECVTOS) for UDP socketsTamir Duberstein
PiperOrigin-RevId: 289718534
2020-01-13Merge branch 'iptables-write-input-drop' into iptables-write-filter-protoKevin Krakauer
2020-01-13Allow dual stack sockets to operate on AF_INETTamir Duberstein
Fixes #1490 Fixes #1495 PiperOrigin-RevId: 289523250
2020-01-13Merge branch 'master' into iptables-write-input-dropKevin Krakauer
2020-01-13tests: fix errors detected by asan.Andrei Vagin
PiperOrigin-RevId: 289467083
2020-01-13Add test for iptables TCP ruleNayana Bidari
Added tests for tcp protocol with input and output rules including options sport and dport Increased timeout in iptables_test as TCP tests were timing out with existing value.
2020-01-10Don't set RWF_HIPRI on InvalidOffset test.Brad Burlage
This test fails on ubuntu 18.04 because preadv2 for some reason returns EOPNOTSUPP instead of EINVAL. Instead of root-causing the failure, I'm dropping the flag in the preadv2 call since it isn't under test in this scenario. PiperOrigin-RevId: 289188358
2020-01-10Add tests for redirect portNayana Bidari
Fix indentation and change function names.
2020-01-10enable //test/syscalls:proc_test support on Arm64Bin Lu
Problems with different platform architectures have been solved. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-01-09Deflake a couple of TCP syscall tests when run under gotsan.Bhasker Hariharan
PiperOrigin-RevId: 289010316
2020-01-09Add test for redirect portNayana Bidari
Fix the indentation and print statements. Moved the NAT redirect tests to new file. Added negative test to check redirect rule on ports other than redirected port.
2020-01-09Added a test that we don't pass yetKevin Krakauer
2020-01-09Add test to check iptables redirect port ruleNayana Bidari
2020-01-08Working on filtering by protocol.Kevin Krakauer
2020-01-08Return correct length with MSG_TRUNC for unix sockets.Ian Lewis
This change calls a new Truncate method on the EndpointReader in RecvMsg for both netlink and unix sockets. This allows readers such as sockets to peek at the length of data without actually reading it to a buffer. Fixes #993 #1240 PiperOrigin-RevId: 288800167
2020-01-08Fix slice bounds out of range panic in parsing socket control message.Ting-Yu Wang
Panic found by syzakller. PiperOrigin-RevId: 288799046
2020-01-08Built dead-simple traversal, but now getting depedency cycle error :'(Kevin Krakauer
2020-01-08Take addresses as constTamir Duberstein
PiperOrigin-RevId: 288767927
2020-01-08Added test for unconditional DROP on the filter INPUT chainKevin Krakauer
2020-01-08NewlineKevin Krakauer
2020-01-08Revert filter_input changeKevin Krakauer
2020-01-08Minor fixes to comments and loggingKevin Krakauer
2020-01-08Write simple ACCEPT rules to the filter table.Kevin Krakauer
This gets us closer to passing the iptables tests and opens up iptables so it can be worked on by multiple people. A few restrictions are enforced for security (i.e. we don't want to let users write a bunch of iptables rules and then just not enforce them): - Only the filter table is writable. - Only ACCEPT rules with no matching criteria can be added.
2020-01-07fs/splice: don't report a partialResult error if there is no data lossAndrei Vagin
PiperOrigin-RevId: 288642552
2020-01-07Fix partial_bad_buffer write tests.Adin Scannell
The write tests are fitted to Linux-specific behavior, but it is not well-specified. Tweak the tests to allow for both acceptable outcomes. PiperOrigin-RevId: 288606386
2020-01-06Fix readme formatting.Kevin Krakauer
PiperOrigin-RevId: 288402480
2019-12-30Add test/util/save_util_linux.cc:MaybeSave to support arm64Bin Lu
There is no syscall_create_module on Arm64. Signed-off-by: Bin Lu <bin.lu@arm.com>
2019-12-26Automated rollback of changelist 287029703gVisor bot
PiperOrigin-RevId: 287217899
2019-12-24Enable IP_RECVTOS socket option for datagram socketsRyan Heacock
Added the ability to get/set the IP_RECVTOS socket option on UDP endpoints. If enabled, TOS from the incoming Network Header passed as ancillary data in the ControlMessages. Test: * Added unit test to udp_test.go that tests getting/setting as well as verifying that we receive expected TOS from incoming packet. * Added a syscall test PiperOrigin-RevId: 287029703
2019-12-19futex: wake one waiter if futex_wake is called with a non-positive valueAndrei Vagin
This change is needed to be compatible with the Linux kernel. There is no glibc wrapper for the futex system call, so it is easy to make a mistake and call syscall(__NR_futex, FUTEX_WAKE, addr) without the fourth argument. This works on Linux, because it wakes one waiter even if val is nonpositive. PiperOrigin-RevId: 286494396
2019-12-19Parameterize mmap tests.Dean Deng
This test suite has existed for quite a while and has become kind of messy. Various tests can be joined together by parameterizing. PiperOrigin-RevId: 286482240
2019-12-18net/tcp: allow to call listen without bindAndrei Vagin
When listen(2) is called on an unbound socket, the socket is automatically bound to a random free port with the local address set to INADDR_ANY. PiperOrigin-RevId: 286305906
2019-12-18Switch to netinet/tcp.h and poll.h to for better platform portability.Jay Zhuang
PiperOrigin-RevId: 286249699
2019-12-18Put GetSocketPairs() in unnamed namespaceJay Zhuang
This avoids conflicting definitions of GetSocketPairs() in outer namespace when multiple such cc files are complied for one binary. PiperOrigin-RevId: 286243045
2019-12-17Internal change.Kevin Krakauer
PiperOrigin-RevId: 286083614
2019-12-17Internal change.gVisor bot
PiperOrigin-RevId: 286003946
2019-12-17Explicitly export files needed by other packagesgVisor bot
PiperOrigin-RevId: 285968611
2019-12-16Implement checks for get/setxattr at the syscall layer.Dean Deng
Add checks for input arguments, file type, permissions, etc. that match the Linux implementation. A call to get/setxattr that passes all the checks will still currently return EOPNOTSUPP. Actual support will be added in following commits. Only allow user.* extended attributes for the time being. PiperOrigin-RevId: 285835159
2019-12-12Add iptables testing framework.Kevin Krakauer
It would be preferrable to test iptables via syscall tests, but there are some problems with that approach: * We're limited to loopback-only, as syscall tests involve only a single container. Other link interfaces (e.g. fdbased) should be tested. * We'd have to shell out to call iptables anyways, as the iptables syscall interface itself is too large and complex to work with alone. * Running the Linux/native version of the syscall test will require root, which is a pain to configure, is inherently unsafe, and could leave host iptables misconfigured. Using the go_test target allows there to be no new test runner. PiperOrigin-RevId: 285274275
2019-12-12unix: allow to bind unix sockets only to AF_UNIX addressesAndrei Vagin
Reported-by: syzbot+2c0bcfd87fb4e8b7b009@syzkaller.appspotmail.com PiperOrigin-RevId: 285228312
2019-12-11Add support for TCP_USER_TIMEOUT option.Bhasker Hariharan
The implementation follows the linux behavior where specifying a TCP_USER_TIMEOUT will cause the resend timer to honor the user specified timeout rather than the default rto based timeout. Further it alters when connections are timedout due to keepalive failures. It does not alter the behavior of when keepalives are sent. This is as per the linux behavior. PiperOrigin-RevId: 285099795
2019-12-11Add syscall tests for getxattr and setxattr.Dean Deng
Support for getxattr and setxattr are in subsequent commits. PiperOrigin-RevId: 285088817
2019-12-10Re-enable execveat test that was causing files in /bin to be deleted.Dean Deng
Test now no longer deletes files incorrectly, due to a fix in fs utils used by TempPath (github.com/google/gvisor/pull/1368). Fixes #1366 PiperOrigin-RevId: 284814605
2019-12-10Do not consider symlinks as directories in fs utils.Dean Deng
IsDirectory() is used in RecursivelyDelete(), which should not follow symlinks. The only other use (syscalls/linux/rename.cc) is not affected by this change. Updates #1366. PiperOrigin-RevId: 284803968
2019-12-10Disable execveat test that is causing files in /bin to be deleted.Dean Deng
Disable until gvisor.dev/issue/1366 is resolved. Updates #1366 PiperOrigin-RevId: 284786895
2019-12-10Add hostinet tests for sendmsg and recvmsg with TOS/TCLASS.Dean Deng
PiperOrigin-RevId: 284786069