Skip to content
Permalink
Branch: master
Commits on Nov 15, 2019
  1. Check that a file is a regular file with open(O_TRUNC).

    kevinGC authored and gvisor-bot committed Nov 14, 2019
    It was possible to panic the sentry by opening a cache revalidating folder with
    O_TRUNC|O_CREAT.
    
    Avoids breaking php tests.
    
    PiperOrigin-RevId: 280533213
Commits on Nov 14, 2019
  1. Allow all runtime tests for a language to be run via a single command.

    kevinGC authored and gvisor-bot committed Nov 14, 2019
    This was intended behavior per the README, but running tests without the --test
    flag caused an error. Users can now omit the --test flag to run every test for a
    runtime.
    
    PiperOrigin-RevId: 280522025
  2. Avoid unnecessary slice allocation in usermem.BytesIO.blocksFromAddrR…

    nixprime authored and gvisor-bot committed Nov 14, 2019
    …anges().
    
    PiperOrigin-RevId: 280507239
  3. Use PacketBuffers for outgoing packets.

    kevinGC authored and gvisor-bot committed Nov 14, 2019
    PiperOrigin-RevId: 280455453
Commits on Nov 13, 2019
  1. test/syscalls/proc: check an return code of waitid

    avagin authored and gvisor-bot committed Nov 13, 2019
    PiperOrigin-RevId: 280295208
  2. Fix flaky behaviour during S/R.

    hbhasker authored and gvisor-bot committed Nov 13, 2019
    PiperOrigin-RevId: 280280156
  3. Extract linux-specific test setup to separate file

    jayzhuang authored and gvisor-bot committed Nov 13, 2019
    PiperOrigin-RevId: 280264564
  4. Use overlay MountSource when binding socket in overlay.

    nlacasse authored and gvisor-bot committed Nov 13, 2019
    PiperOrigin-RevId: 280131840
  5. Fix some build errors on arm64.

    xiaobo55x committed Nov 11, 2019
    Initialize the VDSO "os" and "arch" fields explicitly,
    or the VDSO load process would failed on arm64 platform.
    
    Signed-off-by: Haibo Xu <haibo.xu@arm.com>
    Change-Id: Ic6768df88e43cd7c7956eb630511672ae11ac52f
  6. Enable sentry/fs/host support on arm64.

    xiaobo55x committed Nov 11, 2019
    newfstatat() syscall is not supported on arm64, so we resort
    to use the fstatat() syscall.
    
    Signed-off-by: Haibo Xu <haibo.xu@arm.com>
    Change-Id: Iea95550ea53bcf85c01f7b3b95da70ad0952177d
  7. Enable runsc/boot support on arm64.

    xiaobo55x committed Nov 11, 2019
    This patch also include a minor change to replace syscall.Dup2
    with syscall.Dup3 which was missed in a previous commit(ref a25a976).
    
    Signed-off-by: Haibo Xu <haibo.xu@arm.com>
    Change-Id: I00beb9cc492e44c762ebaa3750201c63c1f7c2f3
  8. Add UDP SO_REUSEADDR/SO_REUSEPORT conversion tests.

    iangudger authored and gvisor-bot committed Nov 13, 2019
    Add additional tests for UDP SO_REUSEADDR and SO_REUSEPORT interaction.
    
    If all existing all currently bound sockets as well as the current binding
    socket have SO_REUSEADDR, or if all existing all currently bound sockets as
    well as the current binding socket have SO_REUSEPORT, binding a currently bound
    address is allowed. This seems odd since it means that the
    SO_REUSEADDR/SO_REUSEPORT behavior can change with the binding of additional
    sockets.
    
    PiperOrigin-RevId: 280116163
Commits on Nov 12, 2019
  1. seccomp: introduce the GreaterThan rule type

    avagin authored and gvisor-bot committed Nov 12, 2019
    PiperOrigin-RevId: 280075805
  2. Do not handle TCP packets that include a non-unicast IP address

    ghanan94 authored and gvisor-bot committed Nov 12, 2019
    This change drops TCP packets with a non-unicast IP address as the source or
    destination address as TCP is meant for communication between two endpoints.
    
    Test: Make sure that if the source or destination address contains a non-unicast
    address, no TCP packet is sent in response and the packet is dropped.
    PiperOrigin-RevId: 280073731
  3. Discover on-link prefixes from Router Advertisements' Prefix Informat…

    ghanan94 authored and gvisor-bot committed Nov 12, 2019
    …ion options
    
    This change allows the netstack to do NDP's Prefix Discovery as outlined by
    RFC 4861 section 6.3.4. If configured to do so, when a new on-link prefix is
    discovered, the routing table will be updated with a device route through
    the nic the RA arrived at. Likewise, when such a prefix gets invalidated, the
    device route will be removed.
    
    Note, this change will not break existing uses of netstack as the default
    configuration for the stack options is set in such a way that Prefix Discovery
    will not be performed. See `stack.Options` and `stack.NDPConfigurations` for
    more details.
    
    This change reuses 1 option and introduces a new one that is required to take
    advantage of Prefix Discovery, all available under NDPConfigurations:
    - HandleRAs: Whether or not NDP RAs are processes
    - DiscoverOnLinkPrefixes: Whether or not Prefix Discovery is performed (new)
    
    Another note: for a NIC to process Prefix Information options (in Router
    Advertisements), it must not be a router itself. Currently the netstack does not
    have per-interface routing configuration; the routing/forwarding configuration
    is controlled stack-wide. Therefore, if the stack is configured to enable
    forwarding/routing, no router Advertisements (and by extension the Prefix
    Information options) will be processed.
    
    Tests: Unittest to make sure that Prefix Discovery and updates to the routing
    table only occur if explicitly configured to do so. Unittest to make sure at
    max stack.MaxDiscoveredOnLinkPrefixes discovered on-link prefixes are
    remembered.
    PiperOrigin-RevId: 280049278
  4. Add tests for SO_REUSEADDR and SO_REUSEPORT.

    iangudger authored and gvisor-bot committed Nov 12, 2019
    * Basic tests for the SO_REUSEADDR and SO_REUSEPORT options.
    * SO_REUSEADDR functional tests for TCP and UDP.
    * SO_REUSEADDR and SO_REUSEPORT interaction tests for UDP.
    * Stubbed support for UDP getsockopt(SO_REUSEADDR).
    
    PiperOrigin-RevId: 280049265
  5. kokoro: correct a path to outputs.zip

    avagin authored and gvisor-bot committed Nov 12, 2019
    PiperOrigin-RevId: 280021914
  6. Update ephemeral port reservation tests.

    iangudger authored and gvisor-bot committed Nov 12, 2019
    The existing tests which are disabled on gVisor are failing because we default
    to SO_REUSEADDR being enabled for TCP sockets. Update the test comments.
    
    Also add new tests for enabled SO_REUSEADDR.
    
    PiperOrigin-RevId: 279862275
  7. Merge pull request #918 from lubinszARM:pr_ring0

    gvisor-bot committed Nov 12, 2019
    PiperOrigin-RevId: 279840214
Commits on Nov 11, 2019
  1. Remove obsolete TODO. This is now fixed.

    hbhasker authored and gvisor-bot committed Nov 11, 2019
    PiperOrigin-RevId: 279835100
  2. Add more extended features.

    brb-g authored and gvisor-bot committed Nov 11, 2019
    PiperOrigin-RevId: 279820435
  3. Make `connect` on socket returned by `accept` correctly error out wit…

    gvisor-bot committed Nov 11, 2019
    …h EISCONN
    
    PiperOrigin-RevId: 279814493
Commits on Nov 9, 2019
  1. Merge pull request #1158 from andrew-d:andrew/rules-go

    gvisor-bot committed Nov 9, 2019
    PiperOrigin-RevId: 279425005
  2. test: merge log files of all shards for each test suite

    avagin authored and gvisor-bot committed Nov 9, 2019
    This significantly speeds up a process of uploading this files
    to sponge and resultstore by kokoro.
    
    PiperOrigin-RevId: 279416349
Commits on Nov 8, 2019
  1. kokoro: update images to install zip

    avagin authored and gvisor-bot committed Nov 8, 2019
    PiperOrigin-RevId: 279406266
  2. Update kokoro images to install junitparser

    avagin authored and gvisor-bot committed Nov 8, 2019
    junitparser will be used to merge junit xml files.
    
    PiperOrigin-RevId: 279387305
  3. Automated rollback of changelist 278417533

    kevinGC authored and gvisor-bot committed Nov 8, 2019
    PiperOrigin-RevId: 279365629
  4. Bump gazelle to v0.19.1

    andrew-d committed Nov 8, 2019
Commits on Nov 7, 2019
  1. Add support for TIME_WAIT timeout.

    hbhasker authored and gvisor-bot committed Nov 7, 2019
    This change adds explicit support for honoring the 2MSL timeout
    for sockets in TIME_WAIT state. It also adds support for the
    TCP_LINGER2 option that allows modification of the FIN_WAIT2
    state timeout duration for a given socket.
    
    It also adds an option to modify the Stack wide TIME_WAIT timeout
    but this is only for testing. On Linux this is fixed at 60s.
    
    Further, we also now correctly process RST's in CLOSE_WAIT and
    close the socket similar to linux without moving it to error
    state.
    
    We also now handle SYN in ESTABLISHED state as per
    RFC5961#section-4.1. Earlier we would just drop these SYNs.
    Which can result in some tests that pass on linux to fail on
    gVisor.
    
    Netstack now honors TIME_WAIT correctly as well as handles the
    following cases correctly.
    
    - TCP RSTs in TIME_WAIT are ignored.
    - A duplicate TCP FIN during TIME_WAIT extends the TIME_WAIT
      and a dup ACK is sent in response to the FIN as the dup FIN
      indicates potential loss of the original final ACK.
    - An out of order segment during TIME_WAIT generates a dup ACK.
    - A new SYN w/ a sequence number > the highest sequence number
      in the previous connection closes the TIME_WAIT early and
      opens a new connection.
    
    Further to make the SYN case work correctly the ISN (Initial
    Sequence Number) generation for Netstack has been updated to
    be as per RFC. Its not a pure random number anymore and follows
    the recommendation in https://tools.ietf.org/html/rfc6528#page-3.
    
    The current hash used is not a cryptographically secure hash
    function. A separate change will update the hash function used
    to Siphash similar to what is used in Linux.
    
    PiperOrigin-RevId: 279106406
  2. Fix yet another data race.

    hbhasker authored and gvisor-bot committed Nov 7, 2019
    Fixes #1140
    
    PiperOrigin-RevId: 279020846
  3. Fix data race in syscall_test_runner.go

    hbhasker authored and gvisor-bot committed Nov 7, 2019
    Fixes #1140
    
    PiperOrigin-RevId: 279012793
  4. Rename nicid to nicID to follow go-readability initialisms

    ghanan94 authored and gvisor-bot committed Nov 7, 2019
    https://github.com/golang/go/wiki/CodeReviewComments#initialisms
    
    This change does not introduce any new functionality. It just renames variables
    from `nicid` to `nicID`.
    
    PiperOrigin-RevId: 278992966
  5. Internal change.

    gvisor-bot committed Nov 7, 2019
    PiperOrigin-RevId: 278979065
  6. Add p9.OpenTruncate.

    nixprime authored and gvisor-bot committed Nov 7, 2019
    This is required to implement O_TRUNC correctly on filesystems backed by
    gofers.
    
    9P2000.L: "lopen prepares fid for file I/O. flags contains Linux open(2) flags
    bits, e.g. O_RDONLY, O_RDWR, O_WRONLY."
    
    open(2): "The argument flags must include one of the following access modes:
    O_RDONLY, O_WRONLY, or O_RDWR. ... In addition, zero or more file creation
    flags and file status flags can be bitwise-or'd in flags."
    
    The reference 9P2000.L implementation also appears to expect arbitrary flags,
    not just access modes, in Tlopen.flags:
    https://github.com/chaos/diod/blob/master/diod/ops.c#L703
    
    PiperOrigin-RevId: 278972683
  7. Discover default routers from Router Advertisements

    ghanan94 authored and gvisor-bot committed Nov 7, 2019
    This change allows the netstack to do NDP's Router Discovery as outlined by
    RFC 4861 section 6.3.4.
    
    Note, this change will not break existing uses of netstack as the default
    configuration for the stack options is set in such a way that Router Discovery
    will not be performed. See `stack.Options` and `stack.NDPConfigurations` for
    more details.
    
    This change introduces 2 options required to take advantage of Router Discovery,
    all available under NDPConfigurations:
    - HandleRAs: Whether or not NDP RAs are processes
    - DiscoverDefaultRouters: Whether or not Router Discovery is performed
    
    Another note: for a NIC to process Router Advertisements, it must not be a
    router itself. Currently the netstack does not have per-interface routing
    configuration; the routing/forwarding configuration is controlled stack-wide.
    Therefore, if the stack is configured to enable forwarding/routing, no Router
    Advertisements will be processed.
    
    Tests: Unittest to make sure that Router Discovery and updates to the routing
    table only occur if explicitly configured to do so. Unittest to make sure at
    max stack.MaxDiscoveredDefaultRouters discovered default routers are remembered.
    PiperOrigin-RevId: 278965143
You can’t perform that action at this time.