Moved the function for generating a payload of random byets of a specified
length into the testbench package so that it's availbale for all tests to use.
Added a test case to the IPv4 ID uniqueness test which uses a payload length
of 512 bytes. This test case passes for gVisor currently, whereas the test case
with a small payload of 11 bytes fails because gVisor only assigns the ID field
if the IP payload is sufficiently large.
PiperOrigin-RevId: 316185097
Tests the effect of reordering on retransmission and window size.
Test covers the expected behavior of both Linux and netstack, however, netstack
does not behave as expected. Further, the current expected behavior of netstack
is not ideal and should be adjusted in the future.
PiperOrigin-RevId: 316015184
Reorganize the Connection types such that the defined types no longer expose
the lower-level functions SendFrame and CreateFrame. These methods are still
exported on the underlying Connection type, and thus can be accessed via a
type-cast. In future, defined types should have one or more type-safe versions
of the send() method on Connection, e.g. UDPIPv4 has Send() which allows the UDP
header to be overridden and SendIP() which allows both the IPv4 and UDP headers
to be modified.
testbench.Connection gets a SendFrameStateless method which sends frames
without updating the state of any of the layers. This should be used when
sending out-of-band control messages such as ICMP messages, as using the
normal Send method can result in errors when attempting to update the TCP
state using an ICMP packet.
Also remove the localAddr field of testbench.Connection and instead compute
it on the fly as needed for UDPIPv4 and TCPIPv4.
PiperOrigin-RevId: 315969714
- Always split segments larger than MSS.
Currently, we base the segment split decision as a function of the
send congestion window and MSS, which could be greater than the MSS
advertised by remote.
- While splitting segments, ensure the PSH flag is reset when there
are segments that are queued to be sent.
- With TCP_CORK, hold up segments up until MSS. Fix a bug in computing
available send space before attempting to coalesce segments.
Fixes#2832
PiperOrigin-RevId: 314802928
If the entire segment cannot be accommodated in the receiver advertised
window and if there are still unacknowledged pending segments, skip
splitting the segment. The segment transmit would get retried by the
retransmit handler.
PiperOrigin-RevId: 314538523
RST handling is broken when the TCP state transitions
from SYN-SENT to SYN-RCVD in case of simultaneous open.
An incoming RST should trigger cleanup of the endpoint.
RFC793, section 3.9, page 70.
Fixes#2814
PiperOrigin-RevId: 313828777
If there is a Timestamps option in the arriving segment and SEG.TSval
< TS.Recent and if TS.Recent is valid, then treat the arriving segment
as not acceptable: Send an acknowledgement in reply as specified in
RFC-793 page 69 and drop the segment.
https://tools.ietf.org/html/rfc1323#page-19
PiperOrigin-RevId: 312590678
As per RFC 1122 and Linux retransmit timeout handling:
- The segment retransmit timeout needs to exponentially increase and
cap at a predefined value.
- TCP connection needs to timeout after a predefined number of
segment retransmissions.
- TCP connection should not timeout when the retranmission timeout
exceeds MaxRTO, predefined upper bound.
Fixes#2673
PiperOrigin-RevId: 311463961
As per RFC 1122 4.2.2.17, when the remote advertizes zero receive window,
the sender needs to probe for the window-size to become non-zero starting
from the next retransmission interval. The TCP connection needs to be kept
open as long as the remote is acknowledging the zero window probes.
We reuse the retransmission timers to support this.
Fixes#1644
PiperOrigin-RevId: 310021575
Previously the test used an out-dated window size which is advertised
during the handshake to generate testing packets, but the window size
has changed since the handshake; currently it is using the most recent
one which is advertised in DUT's ACK to our FIN packet to generate the
testing outside-the-window packets.
PiperOrigin-RevId: 309222921
This change moves all Docker images to a standard location, and abstracts the
build process so that they can be maintained in an automated fashion. This also
allows the images to be architecture-independent.
All images will now be referred to by the test framework via the canonical
`gvisor.dev/images/<name>`, where `<name>` is a function of the path within the
source tree.
In a subsequent change, continuous integration will be added so that the images
will always be correct and available locally.
In the end, using `bazel` for Docker containers is simply not possible. Given
that we already have the need to use `make` with the base container (for
Docker), we extend this approach to get more flexibility.
This change also adds a self-documenting and powerful Makefile that is intended
to replace the collection of scripts in scripts. Canonical (self-documenting)
targets can be added here for targets that understand which images need to be
loaded and/or built.
PiperOrigin-RevId: 308322438
Tested:
Intentionally introduce an error and then run:
blaze test --test_output=streamed //third_party/gvisor/test/packetimpact/tests:tcp_outside_the_window_linux_test
PiperOrigin-RevId: 308114194
This change adds a layer of abstraction around the internal Docker APIs,
and eliminates all direct dependencies on Dockerfiles in the infrastructure.
A subsequent change will automated the generation of local images (with
efficient caching). Note that this change drops the use of bazel container
rules, as that experiment does not seem to be viable.
PiperOrigin-RevId: 308095430
TCP, in CLOSE-WAIT state, MUST return ACK with proper SEQ and ACK numbers after
recv a seg with OTW SEQ or unacc ACK number, and remain in same state. If the
connection is in a synchronized state, any unacceptable segment (out of window
sequence number or unacceptable acknowledgment number) must elicit only an empty
acknowledgment segment containing the current send-sequence number and an
acknowledgment indicating the next sequence number expected to be received, and
the connection remains in the same state.
PiperOrigin-RevId: 306897984
Rather than have a struct for the state of each type of connection, such as
TCP/IPv4, UDP/IPv4, TCP/IPv6, etc, have a state for each layer, such as UDP,
TCP, IPv4, IPv6. Those states can be composed into connections.
Tested:
Existing unit tests still pass/fail as expected.
PiperOrigin-RevId: 306703180
Attempt to redeliver TCP segments that are enqueued into a closing
TCP endpoint. This was being done for Established endpoints but not
for those that are listening or performing connection handshake.
Fixes#2417
PiperOrigin-RevId: 306598155
TCP, in ESTABLISHED state, SHOULD piggyback acknowledgement with a segment being
transmitted (whenever possible) without incurring undue delay
PiperOrigin-RevId: 306474550
Tony Gong
Mithun Iyer
Ian Gudger
gVisor bot
Zeling Feng
Bhasker Hariharan
Adin Scannell
Eyal Soha