Age | Commit message (Collapse) | Author |
|
Now if a process sends an unsupported netlink requests,
an error is returned from the send system call.
The linux kernel works differently in this case. It returns errors in the
nlmsgerr netlink message.
Reported-by: syzbot+571d99510c6f935202da@syzkaller.appspotmail.com
PiperOrigin-RevId: 262690453
|
|
Using the path_test.go file built by the Golang
devs as a base, tests have been created to verify
the functionality of common.Search().
A mock file system is created and fake test files
are generated to see if they get picked up by
common.Search().
Also included in this CL is a bug fix for
proctor-nodejs that was discovered using this test.
proctor-nodejs used to allow multiple "-" in its
test name filter. The regex has been updated to
prevent this.
PiperOrigin-RevId: 262647263
|
|
This can happen because endpoint.Close() closes the accept channel first and
then drains/resets any accepted but not delivered connections. But there can be
connections that are connected but not delivered to the channel as the channel
was full. But closing the channel can cause these writes to fail with a write to
a closed channel.
The correct solution is to abort any connections in SYN-RCVD state and
drain/abort all completed connections before closing the accept channel.
PiperOrigin-RevId: 261951132
|
|
If there is an offset, the file must support pread/pwrite. See
fs/splice.c:do_splice.
PiperOrigin-RevId: 261944932
|
|
After the refactoring of the proctor binaries, the Dockerfiles for each
language must be altered to copy the common folder into their image.
Additionally, Java has been changed to use the pre-built version of
JDK-11 from Ubuntu, instead of building it from the source. This allows
for a smaller image and faster test execution within the container.
PiperOrigin-RevId: 261805158
|
|
This change adds functionality for running more languages using
the runtimes test suite. It divides the languages into separate
test functions, which each call the helper testLang function in the
runtimes_test.go file. This allows them to be run individually
or as a group.
PiperOrigin-RevId: 261791935
|
|
(Don't worry, this is mostly tests.)
Implemented the following ioctls:
- TIOCSCTTY - set controlling TTY
- TIOCNOTTY - remove controlling tty, maybe signal some other processes
- TIOCGPGRP - get foreground process group. Also enables tcgetpgrp().
- TIOCSPGRP - set foreground process group. Also enabled tcsetpgrp().
Next steps are to actually turn terminal-generated control characters (e.g. C^c)
into signals to the proper process groups, and to send SIGTTOU and SIGTTIN when
appropriate.
PiperOrigin-RevId: 261387276
|
|
PiperOrigin-RevId: 261373749
|
|
This change removes the filepath.Walk() function from
proctor- go, php, and nodejs. The filepath.Walk() is
now defined in common.go in Search(). Each proctor binary
passes root directory and testFilter arguments to Search().
proctor-python.go no longer uses filepath.Walk() to search
for tests. There is a built-in list test function within
python's language test suite so that is being used instead.
PiperOrigin-RevId: 261242897
|
|
Export some readily-available fields for TCP_INFO and stub out the rest.
PiperOrigin-RevId: 261191548
|
|
Implements support for RTM_GETROUTE requests for netlink sockets.
Fixes #507
PiperOrigin-RevId: 261051045
|
|
proctor-go had a bug where it would incorrectly identify
a tool test as a disk test. Instead of searching for the
test on disk as the identification method, we now check if
the test name ends in ".go". If the test ends in ".go" it
is run as a disk test, otherwise the test is run as a tool test.
Python tests need to be run from within the directory they exist.
Functionality to split the test name from it's parent directory
has been added and a cmd.Dir argument has been set.
PiperOrigin-RevId: 261021693
|
|
Shared code among proctor-*.go files has been refactored
into common/common.go. The common package is imported in
each proctor binary and a struct is created to implement
the testRunner interface defined in common.go. This allows
for the proctor binaries to be updated without having to
copy/paste the same code across all files. There are no
usage or functionality changes.
PiperOrigin-RevId: 260967080
|
|
The checksum was not being reset before being re-calculated and sent out.
This caused the sent checksum to always be `0x0800`.
Fixes #605.
PiperOrigin-RevId: 260965059
|
|
This doesn't currently pass on gVisor.
While I'm here, fix a bug where connecting to the v6-mapped v4 address doesn't
work in gVisor.
PiperOrigin-RevId: 260923961
|
|
This test flaked on my current CL. Linux makes no guarantee
that two inodes will consecutive (overflows happen).
https://github.com/avagin/linux-task-diag/blob/master/fs/inode.c#L880
PiperOrigin-RevId: 260608240
|
|
PiperOrigin-RevId: 260577765
|
|
Unfortunately, Linux's ip_tables.h header doesn't compile in C++ because it
implicitly converts from void* to struct xt_entry_target*. C allows this, but
C++ does not. So we have to re-implement many types ourselves.
Relevant code here:
https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter_ipv4/ip_tables.h#L222
PiperOrigin-RevId: 260565570
|
|
PiperOrigin-RevId: 260047477
|
|
This fixes a bug introduced in cl/251934850 that caused
connect-accept-close-connect races to result in the second connect call
failiing when it should have succeeded.
PiperOrigin-RevId: 259584525
|
|
PiperOrigin-RevId: 258996346
|
|
This tweaks the handling code for IP_MULTICAST_IF to ignore the InterfaceAddr
if a NICID is given.
PiperOrigin-RevId: 258982541
|
|
PiperOrigin-RevId: 258859507
|
|
tcpdump creates these.
PiperOrigin-RevId: 258611829
|
|
PiperOrigin-RevId: 258607547
|
|
We were invalidating the wrong overlayEntry in rename and missing invalidation
in rename and remove if lower exists.
PiperOrigin-RevId: 258604685
|
|
|
|
PiperOrigin-RevId: 258424489
|
|
C++ does not like vectors of arrays (because arrays are not copy-constructable).
PiperOrigin-RevId: 258270980
|
|
It is now correctly initialized to the top of the signal stack.
Previously it was initialized to the address of 'stack.ss_sp' on
the main thread stack.
PiperOrigin-RevId: 258248363
|
|
iptables also relies on IPPROTO_RAW in a way. It opens such a socket to
manipulate the kernel's tables, but it doesn't actually use any of the
functionality. Blegh.
PiperOrigin-RevId: 257903078
|
|
Change-Id: I8307bfb390a56424aaa651285a218aad277c4aed
|
|
Adds support to set/get the TCP_MAXSEG value but does not
really change the segment sizes emitted by netstack or
alter the MSS advertised by the endpoint. This is currently
being added only to unblock iperf3 on gVisor. Plumbing
this correctly requires a bit more work which will come
in separate CLs.
PiperOrigin-RevId: 257859112
|
|
PiperOrigin-RevId: 257855479
|
|
Actual implementation to follow, but this will satisfy applications that
want it to just exist.
|
|
A userspace process (CPL=3) can access an i/o port if the bit corresponding to
the port is set to 0 in the I/O permission bitmap.
Configure the I/O permission bitmap address beyond the last valid byte in the
TSS so access to all i/o ports is blocked.
Signed-off-by: Liu Hua <sdu.liu@huawei.com>
Change-Id: I3df76980c3735491db768f7210e71703f86bb989
PiperOrigin-RevId: 257336518
|
|
The error set in the loop in createAt was being masked
by other errors declared with ":=". This allowed an
ErrResolveViaReadlink error to escape, which can cause
a sentry panic.
Added test case which repros without the fix.
PiperOrigin-RevId: 257061767
|
|
PiperOrigin-RevId: 257042681
|
|
PiperOrigin-RevId: 257041876
|
|
PiperOrigin-RevId: 256433283
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1568337
PiperOrigin-RevId: 256276198
|
|
This fixes the case when an app tries to create a file that already exists, and
is a symlink to itself. A test was added.
PiperOrigin-RevId: 256044811
|
|
PiperOrigin-RevId: 255679603
|
|
PiperOrigin-RevId: 255679453
|
|
Get/Set pipe size and ioctl support were missing from
overlayfs. It required moving the pipe.Sizer interface
to fs so that overlay could get access.
Fixes #318
PiperOrigin-RevId: 255511125
|
|
Addresses obvious typos, in the documentation only.
COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/443 from Pixep:fix/documentation-spelling 4d0688164eafaf0b3010e5f4824b35d1e7176d65
PiperOrigin-RevId: 255477779
|
|
PiperOrigin-RevId: 255462850
|
|
The code was wrongly assuming that only read access was
required from the lower overlay when checking for permissions.
This allowed non-writable files to be writable in the overlay.
Fixes #316
PiperOrigin-RevId: 255263686
|
|
If we have a symlink whose target does not exist, creating the symlink (either
via 'creat' or 'open' with O_CREAT flag) should create the target of the
symlink. Previously, gVisor would error with EEXIST in this case
PiperOrigin-RevId: 255232944
|
|
Makes CLOCK_BOOTTIME available with
* clock_gettime
* timerfd_create
* clock_gettime vDSO
CLOCK_BOOTTIME is implemented as an alias to CLOCK_MONOTONIC.
CLOCK_MONOTONIC already keeps track of time across save
and restore. This is the closest possible behavior to Linux
CLOCK_BOOTIME, as there is no concept of suspend/resume.
Updates google/gvisor#218
|