There is a race in the test between WritePacketToRemote and FindFDBEntry, even
though it rarely happens, we just enforce FindFDBEntry to wait for
WritePacketToRemote's completion here.
PiperOrigin-RevId: 721747159
- Added a new Stats() method in inet.Stack to get the saved stats
during restore.
- Mark stack.nic, tcpip.Route and stack.addressState structs as "nosave".
These fields should not be saved because the IP addresses and routes can
change during restore and new configuration of routes and IP addresses will be
extracted from the restore spec and initialized in the saved stack.
- Changes in Restore() method in icmp, udp, tcp, packet and raw endpoint files
to support save restore of these endpoints. These changes are flag guarded by
the TESTONLY-save-restore-netstack flag.
PiperOrigin-RevId: 707639274
Incrementing the reference count of a packet as a means of granting ownership
is unsafe when the packet is shared across gorountines. The underlying buffer's
reference count is unchanged since it "technically" has the same owning
PacketBuffer, which means different goroutines operating on the underlying
buffer (and packet itself) race.
Clones are roughly as fast as IncRefs because the PacketBuffers allocate from
a pool and the underlying buffers are cloned with copy-on-write
semantics.
I've left IncRef in places where the original packet in obviously going out of
scope at the end of the function or in some tests.
Reported-by: syzbot+e026046f4bf8ad09ae1f@syzkaller.appspotmail.com
Reported-by: syzbot+559365d6050db4b30e0f@syzkaller.appspotmail.com
Reported-by: syzbot+63c78a2c88a5744c636b@syzkaller.appspotmail.com
PiperOrigin-RevId: 705676806
insecureRNG and secureRNG stack fields are restored in stack.afterLoad()
tcp processor fields are restored in tcp endpoint.Restore()
PiperOrigin-RevId: 704477536
It happens along with the other issue when the veth device buffer is full,
then the task is stuck and still have the bridge's lock (RLock) via
DeliverNetworkPacket. When the second task reads the bridge's MAC address,
it waits forever for the first task to release the rlock. Using RLock can
allow the concurrent access to the MAC address, it dones't have to be
blocked until the messages are sent.
Reported-by: syzbot+1d6d1d8f47eae4e308dc@syzkaller.appspotmail.com
PiperOrigin-RevId: 704163976
TCP probe support is implemented, unnecessarily, across the stack and and tcp
packages. It can live entirely in tcp. Additionally, it is only ever set at
initialization time, so support for dynamically adding/removing the probe isn't
necesary.
The probe is getting in the way of adding debugging for b/339664055.
PiperOrigin-RevId: 699330364
This CL restores the listening connections when netstack s/r is enabled.
The changes include:
- New method as a workaround to replace the new routes and nics to the loaded
stack after restore.
- New Restore() for transport layer protocols to restore the protocol level
background workers.
- Adds afterLoad() method for fdbased processors.
- Adds a test to verify listening connection is restored after checkpointing
with netstack s/r enabled.
- Few other changes to save restore fields to enable netstack s/r.
PiperOrigin-RevId: 698453124
Bridge uses bridge FDB to decide which port(s) it forwards the
received packets to.
The bridge FDB, when the bridge receives a packet, records the packet's source
MAC address and the bridge port where the packet is received. The received
packet's source MAC address will be the lookup key to the bridge FDB.
When deciding a forward port, the bridge looks for a FDB key which matches
the packet's destination MAC address, the associated port from the FDB will
forward the packet. Otherwise, the packet will flood to all available bridge
ports.
The FDB will never be garbage collected until the nic device is removed
from the bridge.
PiperOrigin-RevId: 693143851
The error code is based on the runc's behavior:
```shell
# ip link set dev br0 master br0
Error: Can not enslave a bridge to a bridge.
# echo $?
2
```
Reported-by: syzbot+9dcefbdcc9ecdeb4df96@syzkaller.appspotmail.com
PiperOrigin-RevId: 679761515
Lucas Manning
Jing Chen
Andrei Vagin
Kevin Krakauer
Nayana Bidari
Koichi Shiraishi