Close the endpoints when the routes cannot be found/restored during restore.

Log a warning and close the endpoints if the routes or NICs are no longer
valid or cannot be found during restore.

PiperOrigin-RevId: 792369060

Author: nybidari

pkg/tcpip/transport/icmp/endpoint_state.go

@@ -19,6 +19,7 @@ import (
 	"fmt"
 	"time"
 
+	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/tcpip"
 	"gvisor.dev/gvisor/pkg/tcpip/stack"
 	"gvisor.dev/gvisor/pkg/tcpip/transport"
@@ -51,9 +52,13 @@ func (e *endpoint) beforeSave() {
 
 // Restore implements tcpip.RestoredEndpoint.Restore.
 func (e *endpoint) Restore(s *stack.Stack) {
-	e.thaw()
+	if err := e.net.Resume(s); err != nil {
+		log.Warningf("Closing the ICMP endpoint as it cannot be restored, err: %v", err)
+		e.Close()
+		return
+	}
 
-	e.net.Resume(s)
+	e.thaw()
 	if e.stack.IsSaveRestoreEnabled() {
 		e.ops.InitHandler(e, e.stack, tcpip.GetStackSendBufferLimits, tcpip.GetStackReceiveBufferLimits)
 		return
@@ -62,6 +67,9 @@ func (e *endpoint) Restore(s *stack.Stack) {
 	e.stack = s
 	e.ops.InitHandler(e, e.stack, tcpip.GetStackSendBufferLimits, tcpip.GetStackReceiveBufferLimits)
 
+	e.mu.Lock()
+	defer e.mu.Unlock()
+
 	switch state := e.net.State(); state {
 	case transport.DatagramEndpointStateInitial, transport.DatagramEndpointStateClosed:
 	case transport.DatagramEndpointStateBound, transport.DatagramEndpointStateConnected:

pkg/tcpip/transport/internal/network/endpoint_state.go

@@ -23,15 +23,14 @@ import (
 )
 
 // Resume implements tcpip.ResumableEndpoint.Resume.
-func (e *Endpoint) Resume(s *stack.Stack) {
+func (e *Endpoint) Resume(s *stack.Stack) error {
 	e.mu.Lock()
 	defer e.mu.Unlock()
 
 	e.stack = s
-
 	for m := range e.multicastMemberships {
 		if err := e.stack.JoinGroup(e.netProto, m.nicID, m.multicastAddr); err != nil {
-			panic(fmt.Sprintf("e.stack.JoinGroup(%d, %d, %s): %s", e.netProto, m.nicID, m.multicastAddr, err))
+			return fmt.Errorf("e.stack.JoinGroup(%d, %d, %s): %s", e.netProto, m.nicID, m.multicastAddr, err)
 		}
 	}
 
@@ -42,17 +41,22 @@ func (e *Endpoint) Resume(s *stack.Stack) {
 	case transport.DatagramEndpointStateBound:
 		if info.ID.LocalAddress.BitLen() != 0 && !e.isBroadcastOrMulticast(info.RegisterNICID, e.effectiveNetProto, info.ID.LocalAddress) {
 			if e.stack.CheckLocalAddress(info.RegisterNICID, e.effectiveNetProto, info.ID.LocalAddress) == 0 {
-				panic(fmt.Sprintf("got e.stack.CheckLocalAddress(%d, %d, %s) = 0, want != 0", info.RegisterNICID, e.effectiveNetProto, info.ID.LocalAddress))
+				return fmt.Errorf("got e.stack.CheckLocalAddress(%d, %d, %s) = 0, want != 0", info.RegisterNICID, e.effectiveNetProto, info.ID.LocalAddress)
 			}
 		}
 	case transport.DatagramEndpointStateConnected:
 		var err tcpip.Error
 		multicastLoop := e.ops.GetMulticastLoop()
+		// Release the connectedRoute if present.
+		if e.connectedRoute != nil {
+			e.connectedRoute.Release()
+		}
 		e.connectedRoute, err = e.stack.FindRoute(info.RegisterNICID, info.ID.LocalAddress, info.ID.RemoteAddress, e.effectiveNetProto, multicastLoop)
 		if err != nil {
-			panic(fmt.Sprintf("e.stack.FindRoute(%d, %s, %s, %d, %t): %s", info.RegisterNICID, info.ID.LocalAddress, info.ID.RemoteAddress, e.effectiveNetProto, multicastLoop, err))
+			return fmt.Errorf("e.stack.FindRoute(%d, %s, %s, %d, %t): %s", info.RegisterNICID, info.ID.LocalAddress, info.ID.RemoteAddress, e.effectiveNetProto, multicastLoop, err)
 		}
 	default:
 		panic(fmt.Sprintf("unhandled state = %s", state))
 	}
+	return nil
 }

pkg/tcpip/transport/internal/network/endpoint_test.go

@@ -76,6 +76,7 @@ func TestEndpointStateTransitions(t *testing.T) {
 		remoteAddr              tcpip.Address
 		expectedRemoteAddr      tcpip.Address
 		checker                 func(*testing.T, *buffer.View)
+		resume                  bool
 	}{
 		{
 			name:                    "IPv4",
@@ -88,6 +89,7 @@ func TestEndpointStateTransitions(t *testing.T) {
 			remoteAddr:              ipv4RemoteAddr,
 			expectedRemoteAddr:      ipv4RemoteAddr,
 			checker:                 v4Checker,
+			resume:                  false,
 		},
 		{
 			name:                    "IPv6",
@@ -100,6 +102,7 @@ func TestEndpointStateTransitions(t *testing.T) {
 			remoteAddr:              ipv6RemoteAddr,
 			expectedRemoteAddr:      ipv6RemoteAddr,
 			checker:                 v6Checker,
+			resume:                  false,
 		},
 		{
 			name:                    "IPv4-mapped-IPv6",
@@ -112,6 +115,20 @@ func TestEndpointStateTransitions(t *testing.T) {
 			remoteAddr:              testutil.MustParse6("::ffff:0607:0809"),
 			expectedRemoteAddr:      ipv4RemoteAddr,
 			checker:                 v4Checker,
+			resume:                  false,
+		},
+		{
+			name:                    "IPv4-resume",
+			netProto:                ipv4.ProtocolNumber,
+			expectedMaxHeaderLength: header.IPv4MaximumHeaderSize,
+			expectedNetProto:        ipv4.ProtocolNumber,
+			expectedLocalAddr:       ipv4NICAddr,
+			bindAddr:                header.IPv4AllSystems,
+			expectedBoundAddr:       header.IPv4AllSystems,
+			remoteAddr:              ipv4RemoteAddr,
+			expectedRemoteAddr:      ipv4RemoteAddr,
+			checker:                 v4Checker,
+			resume:                  true,
 		},
 	}
 
@@ -220,6 +237,19 @@ func TestEndpointStateTransitions(t *testing.T) {
 				pkt.DecRef()
 			}
 
+			if test.resume {
+				// Remove all the routes so that Resume(..) fails.
+				removed := s.RemoveRoutes(func(r tcpip.Route) bool {
+					return r.NIC == nicID
+				})
+				if removed != 2 {
+					t.Fatalf("wrong number of routes removed, got: %v, want: 2", removed)
+				}
+				if err := ep.Resume(s); err == nil {
+					t.Fatalf("wrong error, got: nil, want: not nil")
+				}
+			}
+
 			ep.Close()
 			if state := ep.State(); state != transport.DatagramEndpointStateClosed {
 				t.Fatalf("got ep.State() = %s, want = %s", state, transport.DatagramEndpointStateClosed)

pkg/tcpip/transport/raw/endpoint_state.go

@@ -18,6 +18,7 @@ import (
 	"context"
 	"time"
 
+	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/tcpip"
 	"gvisor.dev/gvisor/pkg/tcpip/stack"
 )
@@ -49,8 +50,12 @@ func (e *endpoint) beforeSave() {
 
 // Restore implements tcpip.RestoredEndpoint.Restore.
 func (e *endpoint) Restore(s *stack.Stack) {
+	if err := e.net.Resume(s); err != nil {
+		log.Warningf("Closing the raw endpoint as it cannot be restored, err: %v", err)
+		e.Close()
+		return
+	}
 	e.setReceiveDisabled(false)
-	e.net.Resume(s)
 	if e.stack.IsSaveRestoreEnabled() {
 		e.ops.InitHandler(e, e.stack, tcpip.GetStackSendBufferLimits, tcpip.GetStackReceiveBufferLimits)
 		return

pkg/tcpip/transport/udp/endpoint_state.go

@@ -18,6 +18,7 @@ import (
 	"context"
 	"time"
 
+	"gvisor.dev/gvisor/pkg/log"
 	"gvisor.dev/gvisor/pkg/tcpip"
 	"gvisor.dev/gvisor/pkg/tcpip/stack"
 	"gvisor.dev/gvisor/pkg/tcpip/transport"
@@ -50,12 +51,17 @@ func (e *endpoint) beforeSave() {
 
 // Restore implements tcpip.RestoredEndpoint.Restore.
 func (e *endpoint) Restore(s *stack.Stack) {
-	e.thaw()
-
 	e.mu.Lock()
 	defer e.mu.Unlock()
 
-	e.net.Resume(s)
+	if err := e.net.Resume(s); err != nil {
+		log.Warningf("Closing the UDP endpoint as it cannot be restored, err: %v", err)
+		e.closeLocked()
+		return
+	}
+
+	// Unfreeze the endpoint to handle packets.
+	e.frozen = false
 	if e.stack.IsSaveRestoreEnabled() {
 		e.ops.InitHandler(e, e.stack, tcpip.GetStackSendBufferLimits, tcpip.GetStackReceiveBufferLimits)
 		return