This allows the package to serve as a general purpose ring0 support package, as
opposed to being bound to specific sentry platforms.
Updates #5039
PiperOrigin-RevId: 355220044
This is replaced with a straight call to bazel. Unfortunately,
the built gazelle target requires a bazel installation to run
anyways.
PiperOrigin-RevId: 355211990
Netstack today will send dupACK's with no rate limit for incoming out of
window segments. This can result in ACK loops for example if a TCP socket
connects to itself (actually permitted by TCP). Where the ACK sent in
response to packets being out of order itself gets considered as an out
of window segment resulting in another ACK being generated.
PiperOrigin-RevId: 355206877
This is required only for the built-in bazel nogo functionality.
Since we roll these targets manually via the wrappers, we don't need
to use go_tool_library. The inconsistent use of these targets leads
to conflicting instantiations of go_default_library and go_tool_library,
which both contain the same output files.
PiperOrigin-RevId: 355184975
* Make split safe.
* Enable looking up next valid address.
* Support mappings with !accessType.Any(), distinct from unmap.
These changes allow for the use of pagetables in low-level OS packages, such
as ring0, and allow for the use of pagetables for more generic address space
reservation (by writing entries with no access specified).
Updates #5039
PiperOrigin-RevId: 355109016
This change also adds an extra sanity check to the make_apt.sh script,
in order to ensure that this simple mistake does not occur again.
PiperOrigin-RevId: 355101754
It's unclear why permissions wind up corrupted, but these can be cleared
on any failure, similar to the bazel cache itself:
https://buildkite.com/gvisor/pipeline/builds/2304#_
PiperOrigin-RevId: 355057421
This makes it easier to add more tests that run on Ubuntu. We can now just
add a bash script and call that from integration_test without having to set up
another image.
PiperOrigin-RevId: 355000410
...to remove the need for the transport layer to deduce the type of
error it received.
Rename HandleControlPacket to HandleError as HandleControlPacket only
handles errors.
tcpip.SockError now holds a tcpip.SockErrorCause interface that
different errors can implement.
PiperOrigin-RevId: 354994306
This change flips gvisor to use Neighbor unreachability detection by
default to populate the neighbor table as defined by RFC 4861 section 7.
Although RFC 4861 is targeted at IPv6, the same algorithm is used for
link resolution on IPv4 networks using ARP.
Integrators may still use the legacy link address cache by setting
stack.Options.UseLinkAddrCache to true; stack.Options.UseNeighborCache
is now unused and will be removed.
A later change will remove linkAddrCache and associated code.
Updates #4658.
PiperOrigin-RevId: 354850531
...in IPv6 ICMP tests.
A channel link endpoint's channel is closed when the link endpoint is
closed.
When the stack tries to send packets through a NIC with a closed channel
endpoint, a panic will occur when attempting to write to a closed
channel (https://golang.org/ref/spec#Close). To make sure the stack does
not try to send packets through a NIC, we remove it.
PiperOrigin-RevId: 354822085
This stores each protocol's neighbor state separately.
This change also removes the need for each neighbor entry to keep
track of their own link address resolver now that all the entries
in a cache will use the same resolver.
PiperOrigin-RevId: 354818155
The network endpoint should not need to have logic to handle different
kinds of neighbor tables. Network endpoints can let the NIC know about
differnt neighbor discovery messages and let the NIC decide which table
to update.
This allows us to remove the LinkAddressCache interface.
PiperOrigin-RevId: 354812584
This removes the need to provide the link address request with the NIC
the request is being performed on since the NetworkEndpoints already
have a reference to the NIC.
PiperOrigin-RevId: 354721940
...as per As per RFC 2236 section 3 page 3 (for IGMPv2) and
RFC 2710 section 4 page 5 (for MLDv1).
See comments in code for more details.
Test: ip_test.TestHandleQuery
PiperOrigin-RevId: 354603068
When file is regular and metadata cache is authoritative, metadata lock
is taken. The code deadlocks trying to acquire the metadata lock
again to update time stampts.
PiperOrigin-RevId: 354584594
When a route does not need to resolve a remote link address to send a
packet, avoid having to obtain the pending packets queue's lock.
PiperOrigin-RevId: 354456280
After receiving an ACK(cumulative or selective), RACK will update the reorder
window which is used as a settling time before marking the packet as lost.
This change will add an init function to initialize the variables in RACK and
also store the reference to sender in rackControl.
The reorder window is calculated as per rfc:
https://tools.ietf.org/html/draft-ietf-tcpm-rack-08#section-7.2 Step 4.
PiperOrigin-RevId: 354453528
Avoid a race condition in which an entry is acquired while it is being
evicted by overlapping the entry lock with the cache lock.
PiperOrigin-RevId: 354452639
Clockwork does not support timers being reset/stopped from different
goroutines. Our current use of clockwork causes data races and
gotsan complains about clockwork.
This change uses our own implementation of faketime, avoiding data
races.
PiperOrigin-RevId: 354428208
When these specific tests were first added, they would fail when ran by
kokoro during the presubmit tests (but they always passed locally).
These tests are now passing, so they can be re-enabled. Unclear what
changed, one hypothesis is the move from kokoro to buildkite.
Fixes#4971
PiperOrigin-RevId: 354425395
Fixes#3027 as there is just 1 writable user using OrderedChildren's rename,
unlink and rmdir (kernfs.syntheticDirectory) but it doesn't support the sticky
bit yet.
Fuse which is the other writable user implements its own Inode operations.
PiperOrigin-RevId: 354386522
There used to be a race condition where we may call Close before the connection
is established. Adding poll support so that we can eliminate this kind of race.
Startblock:
has LGTM from iyerm
and then
add reviewer tamird
PiperOrigin-RevId: 354369130
The previous check was using SOCK_RAW, despite the fact that the test only uses
SOCK_DGRAM. Simplify the test machinery while I'm here.
PiperOrigin-RevId: 354359842
Adin Scannell
Fabricio Voznika
Bhasker Hariharan
Tamir Duberstein
Nayana Bidari
gVisor bot
Ayush Ranjan
Adin Scannell
Ghanan Gowripalan
Andrei Vagin
Ting-Yu Wang
Kevin Krakauer
Peter Johnston
Arthur Sfez
Zeling Feng
Michael Pratt