diff --git a/cmd/tailscaled/depaware.txt b/cmd/tailscaled/depaware.txt index fa0d9cb85..69ff66596 100644 --- a/cmd/tailscaled/depaware.txt +++ b/cmd/tailscaled/depaware.txt @@ -140,19 +140,19 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de gvisor.dev/gvisor/pkg/atomicbitops from gvisor.dev/gvisor/pkg/tcpip+ gvisor.dev/gvisor/pkg/bits from gvisor.dev/gvisor/pkg/bufferv2 💣 gvisor.dev/gvisor/pkg/bufferv2 from gvisor.dev/gvisor/pkg/tcpip+ - gvisor.dev/gvisor/pkg/context from gvisor.dev/gvisor/pkg/refs+ + gvisor.dev/gvisor/pkg/context from gvisor.dev/gvisor/pkg/refs 💣 gvisor.dev/gvisor/pkg/gohacks from gvisor.dev/gvisor/pkg/state/wire+ gvisor.dev/gvisor/pkg/linewriter from gvisor.dev/gvisor/pkg/log gvisor.dev/gvisor/pkg/log from gvisor.dev/gvisor/pkg/context+ gvisor.dev/gvisor/pkg/rand from gvisor.dev/gvisor/pkg/tcpip/network/hash+ - gvisor.dev/gvisor/pkg/refs from gvisor.dev/gvisor/pkg/refsvfs2+ - gvisor.dev/gvisor/pkg/refsvfs2 from gvisor.dev/gvisor/pkg/tcpip/stack+ + gvisor.dev/gvisor/pkg/refs from gvisor.dev/gvisor/pkg/bufferv2+ 💣 gvisor.dev/gvisor/pkg/sleep from gvisor.dev/gvisor/pkg/tcpip/transport/tcp 💣 gvisor.dev/gvisor/pkg/state from gvisor.dev/gvisor/pkg/atomicbitops+ gvisor.dev/gvisor/pkg/state/wire from gvisor.dev/gvisor/pkg/state 💣 gvisor.dev/gvisor/pkg/sync from gvisor.dev/gvisor/pkg/linewriter+ gvisor.dev/gvisor/pkg/tcpip from gvisor.dev/gvisor/pkg/tcpip/header+ gvisor.dev/gvisor/pkg/tcpip/adapters/gonet from tailscale.com/wgengine/netstack + gvisor.dev/gvisor/pkg/tcpip/checksum from gvisor.dev/gvisor/pkg/bufferv2+ gvisor.dev/gvisor/pkg/tcpip/hash/jenkins from gvisor.dev/gvisor/pkg/tcpip/stack+ gvisor.dev/gvisor/pkg/tcpip/header from gvisor.dev/gvisor/pkg/tcpip/header/parse+ gvisor.dev/gvisor/pkg/tcpip/header/parse from gvisor.dev/gvisor/pkg/tcpip/network/ipv4+ diff --git a/go.mod b/go.mod index ec6132054..ec15a16d9 100644 --- a/go.mod +++ b/go.mod @@ -73,14 +73,14 @@ require ( golang.org/x/exp v0.0.0-20221205204356-47842c84f3db golang.org/x/net v0.2.0 golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 - golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 + golang.org/x/sync v0.1.0 golang.org/x/sys v0.3.1-0.20221220025402-2204b6615fb8 golang.org/x/term v0.2.0 golang.org/x/time v0.0.0-20220609170525-579cf78fd858 golang.org/x/tools v0.2.0 golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 golang.zx2c4.com/wireguard/windows v0.5.3 - gvisor.dev/gvisor v0.0.0-20220817001344-846276b3dbc5 + gvisor.dev/gvisor v0.0.0-20221203005347-703fd9b7fbc0 honnef.co/go/tools v0.4.0-0.dev.0.20220517111757-f4a2f64ce238 inet.af/peercred v0.0.0-20210906144145-0893ea02156a inet.af/wf v0.0.0-20220728202103-50d96caab2f6 @@ -97,7 +97,7 @@ require ( filippo.io/edwards25519 v1.0.0-rc.1 // indirect github.com/Antonboom/errname v0.1.5 // indirect github.com/Antonboom/nilnil v0.1.0 // indirect - github.com/BurntSushi/toml v1.1.0 // indirect + github.com/BurntSushi/toml v1.2.1 // indirect github.com/Djarvur/go-err113 v0.1.0 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver v1.5.0 // indirect diff --git a/go.sum b/go.sum index b3237de89..b16f06131 100644 --- a/go.sum +++ b/go.sum @@ -61,8 +61,8 @@ github.com/Antonboom/nilnil v0.1.0 h1:DLDavmg0a6G/F4Lt9t7Enrbgb3Oph6LnDE6YVsmTt7 github.com/Antonboom/nilnil v0.1.0/go.mod h1:PhHLvRPSghY5Y7mX4TW+BHZQYo1A8flE5H20D3IPZBo= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I= -github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= +github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Djarvur/go-err113 v0.0.0-20200511133814-5174e21577d5/go.mod h1:4UJr5HIiMZrwgkSPdsjy2uOQExX/WEILpIrO9UPGuXs= github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24/go.mod h1:4UJr5HIiMZrwgkSPdsjy2uOQExX/WEILpIrO9UPGuXs= @@ -1465,8 +1465,8 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1905,9 +1905,9 @@ gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= -gvisor.dev/gvisor v0.0.0-20220817001344-846276b3dbc5 h1:cv/zaNV0nr1mJzaeo4S5mHIm5va1W0/9J3/5prlsuRM= -gvisor.dev/gvisor v0.0.0-20220817001344-846276b3dbc5/go.mod h1:TIvkJD0sxe8pIob3p6T8IzxXunlp6yfgktvTNp+DGNM= +gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= +gvisor.dev/gvisor v0.0.0-20221203005347-703fd9b7fbc0 h1:Wobr37noukisGxpKo5jAsLREcpj61RxrWYzD8uwveOY= +gvisor.dev/gvisor v0.0.0-20221203005347-703fd9b7fbc0/go.mod h1:Dn5idtptoW1dIos9U6A2rpebLs/MtTwFacjKb8jLdQA= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/net/tstun/tap_linux.go b/net/tstun/tap_linux.go index b36f9abf4..fa5917f5c 100644 --- a/net/tstun/tap_linux.go +++ b/net/tstun/tap_linux.go @@ -18,6 +18,7 @@ import ( "github.com/tailscale/wireguard-go/tun" "golang.org/x/sys/unix" "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/checksum" "gvisor.dev/gvisor/pkg/tcpip/header" "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" "gvisor.dev/gvisor/pkg/tcpip/transport/udp" @@ -327,7 +328,7 @@ func packLayer2UDP(payload []byte, srcMAC, dstMAC net.HardwareAddr, src, dst net // Calculate the UDP pseudo-header checksum. xsum := header.PseudoHeaderChecksum(udp.ProtocolNumber, srcIP, dstIP, uint16(len(u))) // Calculate the UDP checksum and set it. - xsum = header.Checksum(payload, xsum) + xsum = checksum.Checksum(payload, xsum) u.SetChecksum(^u.CalculateChecksum(xsum)) return []byte(buf) } diff --git a/net/tstun/wrap.go b/net/tstun/wrap.go index 7220683c2..23dcda15d 100644 --- a/net/tstun/wrap.go +++ b/net/tstun/wrap.go @@ -180,7 +180,7 @@ type Wrapper struct { type tunInjectedRead struct { // Only one of packet or data should be set, and are read in that order of // precedence. - packet *stack.PacketBuffer + packet stack.PacketBufferPtr data []byte } @@ -604,7 +604,8 @@ func (t *Wrapper) injectedRead(res tunInjectedRead, buf []byte, offset int) (int metricPacketOut.Add(1) var n int - if res.packet != nil { + if !res.packet.IsNil() { + n = copy(buf[offset:], res.packet.NetworkHeader().Slice()) n += copy(buf[offset+n:], res.packet.TransportHeader().Slice()) n += copy(buf[offset+n:], res.packet.Data().AsRange().ToSlice()) @@ -777,7 +778,7 @@ func (t *Wrapper) SetFilter(filt *filter.Filter) { // // This path is typically used to deliver synthesized packets to the // host networking stack. -func (t *Wrapper) InjectInboundPacketBuffer(pkt *stack.PacketBuffer) error { +func (t *Wrapper) InjectInboundPacketBuffer(pkt stack.PacketBufferPtr) error { buf := make([]byte, PacketStartOffset+pkt.Size()) n := copy(buf[PacketStartOffset:], pkt.NetworkHeader().Slice()) @@ -876,7 +877,7 @@ func (t *Wrapper) InjectOutbound(packet []byte) error { // InjectOutboundPacketBuffer logically behaves as InjectOutbound. It takes ownership of one // reference count on the packet, and the packet may be mutated. The packet refcount will be // decremented after the injected buffer has been read. -func (t *Wrapper) InjectOutboundPacketBuffer(packet *stack.PacketBuffer) error { +func (t *Wrapper) InjectOutboundPacketBuffer(packet stack.PacketBufferPtr) error { size := packet.Size() if size > MaxPacketSize { packet.DecRef() diff --git a/wgengine/netstack/netstack.go b/wgengine/netstack/netstack.go index 347f49d9e..f5392eaf1 100644 --- a/wgengine/netstack/netstack.go +++ b/wgengine/netstack/netstack.go @@ -63,17 +63,14 @@ var ( ) func init() { - var debugNetstackLeakMode = envknob.String("TS_DEBUG_NETSTACK_LEAK_MODE") - // Note: netstacks refsvfs2 package that will eventually replace refs - // consumes the refs.LeakMode setting, but enables some checks when set to - // UninitializedLeakChecking which is what empty string becomes. This mode - // is largely un-useful, so it is explicitly disabled here, and more useful - // modes can be set via the envknob. See #4309 for more references. - if debugNetstackLeakMode == "" { - debugNetstackLeakMode = "disabled" + mode := envknob.String("TS_DEBUG_NETSTACK_LEAK_MODE") + if mode == "" { + return } var lm refs.LeakMode - lm.Set(debugNetstackLeakMode) + if err := lm.Set(mode); err != nil { + panic(err) + } refs.SetLeakMode(lm) } @@ -216,8 +213,8 @@ func (ns *Impl) SetLocalBackend(lb *ipnlocal.LocalBackend) { // wrapProtoHandler returns protocol handler h wrapped in a version // that dynamically reconfigures ns's subnet addresses as needed for // outbound traffic. -func (ns *Impl) wrapProtoHandler(h func(stack.TransportEndpointID, *stack.PacketBuffer) bool) func(stack.TransportEndpointID, *stack.PacketBuffer) bool { - return func(tei stack.TransportEndpointID, pb *stack.PacketBuffer) bool { +func (ns *Impl) wrapProtoHandler(h func(stack.TransportEndpointID, stack.PacketBufferPtr) bool) func(stack.TransportEndpointID, stack.PacketBufferPtr) bool { + return func(tei stack.TransportEndpointID, pb stack.PacketBufferPtr) bool { addr := tei.LocalAddress ip, ok := netip.AddrFromSlice(net.IP(addr)) if !ok { @@ -451,7 +448,7 @@ func (ns *Impl) DialContextUDP(ctx context.Context, ipp netip.AddrPort) (*gonet. func (ns *Impl) inject() { for { pkt := ns.linkEP.ReadContext(ns.ctx) - if pkt == nil { + if pkt.IsNil() { if ns.ctx.Err() != nil { // Return without logging. return diff --git a/wgengine/netstack/netstack_test.go b/wgengine/netstack/netstack_test.go index d0b2c67c4..d1303f8d5 100644 --- a/wgengine/netstack/netstack_test.go +++ b/wgengine/netstack/netstack_test.go @@ -11,7 +11,6 @@ import ( "sync/atomic" "testing" - "gvisor.dev/gvisor/pkg/refs" "tailscale.com/ipn" "tailscale.com/ipn/ipnlocal" "tailscale.com/ipn/store/mem" @@ -84,15 +83,6 @@ func getMemStats() (ms runtime.MemStats) { return } -func TestNetstackLeakMode(t *testing.T) { - // See the comments in init(), and/or in issue #4309. - // Influenced by an envknob that may be useful in tests, so just check that - // it's not the oddly behaving zero value. - if refs.GetLeakMode() == 0 { - t.Fatalf("refs.leakMode is 0, want a non-zero value") - } -} - func makeNetstack(t *testing.T, config func(*Impl)) *Impl { tunDev := tstun.NewFake() dialer := new(tsdial.Dialer)