| Age | Commit message (Collapse) | Author |
|---|
|
|
|
And this time, start running Clippy in CI
|
|
1496: Rework UnixAddr to fix soundness issues r=asomers a=coolreader18
Fixes #1494
I went with making `sun_path` always nul-terminated since that just seems to make things easier, since (at least according to linux man pages) `sockaddr_un`s returned by the kernel will always be nul-terminated.
Co-authored-by: Noa <33094578+coolreader18@users.noreply.github.com>
|
|
1317: test_af_alg_aead waits indefinitely r=asomers a=ritzk
Starting with linux kernel 4.9, the crypto interface changed slightly such that the authentication tag memory is only needed in the output buffer for encryption and in the input buffer for decryption. Thus, we have fewer bytes to read than the buffer size. Do not block on read.
alternatively, we can adjust the decrypted buffer size based on kernel version ( ">= 4.9") to not include auth_size .
```
if kernel_version >= "4.9":
let mut decrypted = vec![0u8; payload_len + (assoc_size as usize) ];
```
before
```
test sys::test_socket::test_af_alg_aead ... test sys::test_socket::test_af_alg_aead has been running for over 60 seconds
```
after
```
test sys::test_socket::test_af_alg_aead ... ok
```
Co-authored-by: Ritesh Khadgaray <khadgaray@gmail.com>
|
|
Setting these options enables receiving errors, such as ICMP errors from
the network, via `recvmsg()` with `MSG_ERRQUEUE`.
Adds new `Ipv{4,6}RecvErr` variants to `ControlMessageOwned`. These
control messages are produced when `Ipv4RecvErr` or `Ipv6RecvErr`
options are enabled on a raw or datagram socket.
New tests for the functionality can be run with `cargo test --test test
test_recverr`.
This commit builds on an earlier draft of the functionality authored by
Matthew McPherrin <git@mcpherrin.ca>.
|
|
|
|
Apparently AWS Graviton containers don't support it. socket() retunrs
EAFNOSUPPORT in that environment.
Also, be more selective about skipping tests under QEMU
Instead of skipping them on architectures where we happen to use QEMU,
only skip them when QEMU is actually being used.
|
|
|
|
Fixes #1479
|
|
This PR implements support of RXQ_OVFL flag and parsing ControlMessage
to get the packet drop counter of UDP socket.
|
|
Now that Nix's weird error types are eliminated, there's no reason not
to simply use Errno as the Error type.
|
|
For many of Nix's consumers it be convenient to easily convert a Nix
error into a std::io::Error. That's currently not possible because of
the InvalidPath, InvalidUtf8, and UnsupportedOperation types that have
no equivalent in std::io::Error.
However, very few of Nix's public APIs actually return those unusual
errors. So a more useful API would be for Nix's standard error type to
implement Into<std::io::Error>.
This commit makes Error a simple NewType around Errno. For most
functions it's a drop-in replacement. There are only three exceptions:
* clearenv now returns a bespoke error type. It was the only Nix
function whose error couldn't be cleanly mapped onto an Errno.
* sys::signal::signal now returns Error(Errno::ENOTSUP) instead of
Error::UnsupportedOperation when the user passes an incompatible
argument to `handler`.
* When a NixPath exceeds PATH_MAX, it will now return
Error(Errno::ENAMETOOLONG) instead of Error::InvalidPath.
In the latter two cases there is now some abiguity about whether the
error code was generated by Nix or by the OS. But I think the ambiguity
is worth it for the sake of being able to implement Into<io::Error>.
This commit also introduces Error::Sys() as a migration aid. Previously
that as an enum variant. Now it's a function, but it will work in many
of the same contexts as the original.
Fixes #1155
|
|
* Fix race conditions in the tests. Two tests were grabbing a mutex but
immediately dropping it. Thank you, Clippy.
* Remove vestigial Windows support. Remove some code added to support
Windows in 2015. Nix is no longer intended to ever run on Windows.
* Various other minor Clippy lints.
|
|
1402: Support TIMESTAMPNS r=asomers a=WiSaGaN
This adds support of linux TIMESTAMPNS.
The code is mostly copied paste from https://github.com/nix-rust/nix/pull/663
Co-authored-by: Lu, Wangshan <wisagan@gmail.com>
|
|
|
|
Travis didn't compile check tests on platforms that couldn't run tests
in CI, so they bitrotted. Let's see how bad they are.
Most annoyingly, 32-bit Android defines mode_t as 16 bits, but
stat.st_mode as 32-bits.
|
|
This reverts commit c0783e7f8d55a7725179afc1b3c8eeae932d228c.
Now the test should work correctly, so we can re-enable it.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
|
|
Starting from Linux 5.6, VMADDR_CID_LOCAL is supported to do local
communication (loopback device).
Before Linux 5.6 it was called VMADDR_CID_RESERVED and was not
supported, so we could expect an EADDRNOTAVAIL, but now this address
is supported and handled by the 'vsock_loopback' kernel module loaded
automatically if no other vsock transports are loaded.
Issue #1310
Issue #1403
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
|
|
Issue #1403
|
|
Allow nix to compile on Fuchsia by conditionally avoiding libc
functionality that does not exist for Fuchsia.
|
|
Travis has been super-slow lately (> 6 hours per build). Cirrus is much
faster: about 20 minutes. Cirrus also has slightly better test
coverage, mainly because it doesn't use SECCOMP.
Also,
* Fix the Redox CI build. The old Travis configuration didn't actually
build for Redox, so we never noticed that Redox can't be built with a
stable compiler. Thanks to @coolreader18 for finding this.
* Disable the udp_offload tests on cross-tested platforms. These tests
are failing with ENOPROTOOPT in Cirrus-CI. I suspect it's due to a
lack of support in QEMU. These tests were skipped on Travis because
its kernel was too old.
* Fix require_kernel_version on Cirrus-CI. Cirrus reports the Linux
kernel version as 4.19.112+, which the semver crate can't handle.
* Fix test_setfsuid on Cirrus. When run on Cirrus, it seems like the
file in /tmp gets deleted as soon as it's closed. Probably an
overzealous temporary file cleaner. Use /var/tmp, because no
temporary file cleaner should run in there.
* Skip mount tests on Cirrus. They fail for an unknown reason.
Issue #1351
* Skip the AF_ALG tests on Cirrus-CI
Issue #1352
|
|
There were two problems discovered with the `recvmmsg(2)` implementation
that this changeset attempts to fix:
1. As mentioned in nix-rust/issues/1325, `recvmmsg(2)` can return fewer
messages than requested, and
2. Passing the return value of `recvmmsg(2)` as the number of bytes in
the messages received is incorrect.
This changeset incorporates the proposed fix from nix-rust/issues/1325,
as well as passing the correct value (`mmsghdr.msg_len`) for the number
of bytes in a given message.
|
|
Starting with kernel 4.9, the crypto interface changed slightly such that the authentication tag memory is only needed in the output buffer for encryption and in the input buffer for decryption.
Thus, we have fewer bytes to read than the buffer size. Do not block on read.
|
|
Fix deprecation warning from libc update.
|
|
This adds Ipv4PacketInfo and Ipv6PacketInfo to ControlMessage,
allowing these to be used with sendmsg/sendmmsg.
This change contains the following squashed commits:
Add Ipv{4,6}PacketInfo to ControlMessage.
Add documentation links to Ipv{4,6}PacketInfo
Add changelog entry for Ipv{4,6}PacketInfo
Add link to PR in the Changelog.
Add extra build environments.
Add tests for Ipv{4,6}PacketInfo.
Swap #[test] and #[cfg]
The CI appears to be running the test, even though it's not cfg'd for
that platform. I _think_ this might be due to these being in the wrong
order. So lets try swapping them.
s/freebsd/netbsd/ for Ipv4PacketInfo
netbsd supports in_pktinfo, not freebsd.
Fix the cfg for Ipv{4,6}PacketInfo usage.
Ah, I see what I did wrong. I had fixed the definitions, but I had the
wrong cfg() in the usage. This has the usage match the definitions.
Change SOL_IPV6 to IPPROTO_IPV6.
FreeBSD doesn't have SOL_IPV6, but does have IPPROTO_IPV6, and the two
constants are defined as being equal. So change to use IPPROTO_IPV6.
Skip Ipv6PacketInfo test if v6 is not available.
If IPv6 is not available, then when we try and bind to ip6-localhost,
we'll get a EADDRNOTAVAIL, so skip the test.
This should mean that the test will run on any machine that has a v6
loopback address.
More architecture cfg() fixes.
These all need to be the same, and they were not. Make them them all
the same. Attempt III.
Fix up mismatched cfg's again.
Take IV. Make sure the cfg's that use a enum variant match the enum
definition.
|
|
sendmmsg() / recvmmsg() in #1208.
In #1208, sendmmsg() / recvmmsg() were added, but OpenBSD(who doesn't support these)
was included on the list of allowed operating systems for sendmmsg() related things.
This broke the build on OpenBSD.
For more Rust-world examples, see: https://github.com/rust-lang/libc/commit/6f6297301d49ff67b8ca044d651f36a56950298c
|
|
|
|
|
|
|
|
|
|
|
|
recvfrom(2) only returns the sender's address for protocols that provide
it. Usually, that means it returns the sender's address for datagram
sockets but not for stream sockets.
Fixes #1144
|
|
Travis is now using Seccomp, and Docker's default Seccomp policy
disables execveat (though, weirdly, not fexecve). It also prohibits any
operations on AF_ALG sockets.
While I'm here, replace close/dup with dup2, which is more reliable.
Also, drop the fork mutex earlier. This way all of the exeve tests will
run, even if one fails.
https://docs.docker.com/engine/security/seccomp/
|
|
NULL bytes have no special significance in an abstrace address, and the
length of the address is solely decided by the length member. If the
length is set to sun_path.len(), all the NULL bytes will be considered
part of the address.
Tests are updated accordingly.
Closes #1119
Signed-off-by: Yuxuan Shui <yshuiv7@gmail.com>
|
|
1095: Fix warnings on Rust 1.37.0 r=asomers a=asomers
* Replace obsolete range syntax "..." with inclusive range "..="
* Use dyn Trait syntax instead of Box<Trait>
* Raise MSRV to 1.27.0 (for dyn Trait syntax)
* Test with nightly again
Co-authored-by: Alan Somers <asomers@gmail.com>
|
|
* Replace obsolete range syntax "..." with inclusive range "..="
* Use dyn Trait syntax instead of Box<Trait>
* Raise MSRV to 1.27.0 (for dyn Trait syntax)
* Raise MSRV to 1.31.0 (because of rand)
tempfile pulls in rand, and rand pulls in fuchsia-cprng, which requires
1.31.0. Why rand pulls in fuchsia-cprng I don't know. It's specified
as a target-specific dependency, but Cargo tries to build it anyway
(only on Linux, not on FreeBSD or OSX). A bug in Cargo 1.27.0?
|
|
The current VSOCK implementation does not support loopback devices,
so, for now, we expect a failure in the spawned thread when it
tries to connect.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
|
|
Abstract paths should always be N-1 in length where N is the length of
the `sun_path` field (first byte is \0). Given that,
`UnixAddr::new_abstract()` should always return this N-1 length, not
just the length of the string provided (the rest of the array will be
\0s).
|
|
Derive Clone, Copy, Eq, Hash, and PartialEq for all types. Not all
traits are supported by all types, which is why many are missing
some.
|
|
received using recvmsg.
|
|
|
|
On some platforms the alignment of cmsg_data could be less than the
alignment of the messages that it contains. That led to unaligned
reads
on those platforms. This change fixes the issue by always copying the
message contents into aligned objects. The change is not 100%
backwards
compatible when using recvmsg. Users may have to replace code like
this:
```rust
if let ControlMessage::ScmRights(&fds) = cmsg {
```
with this:
```rust
if let ControlMessageOwned::ScmRights(fds) = cmsg {
```
Fixes #999
|
|
CmsgSpace had three problems:
1) It would oversize buffers that expect multiple control messages
2) It didn't use the libc CMSG_SPACE(3) macro, so it might actually
undersize a buffer for a single control message.
3) It could do bad things on drop, if you instantiate it with a type
that implements Drop (which none of the currently supported
ControlMessage types do).
Fixes #994
|
|
There were two problems:
1) It would always return Ok, even on error
2) It could panic if there was an error, because
sockaddr_storage_to_addr would be called on uninitialized memory.
|
|
Include IP_PKTINFO and IP6_PKTINFO on netbsd/openbsd.
|
|
993: Don't reference packed structs. r=asomers a=pusateri
Fixes #992.
Don't merge this yet. I have more testing to do. I just am pushing it up for others.
Co-authored-by: Tom Pusateri <pusateri@bangj.com>
|
|
Some tests have been disabled and will need further review.
|
|
ignore pktinfo tests on qemu mips,mips64,powerpc64
Original work by @mcginty.
|
|
Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
|
|
|
