Merge release-20201216.0-87-g4e03e8754 (automated)

author: gVisor bot <gvisor-bot@google.com> 2021-01-12 20:47:44 +0000
committer: gVisor bot <gvisor-bot@google.com> 2021-01-12 20:47:44 +0000
commit: fbc3a3d984eb113f7487e38ba55e5f813fc72aec (patch)
tree: d22a96c80f5f9a35c71687740e35c0021475d428 /runsc
parent: 1ea6658d24215e9fbcdb693b00884e1bdbdcc95d (diff)
parent: 4e03e87547853523d4ff941935a6ef1712518c61 (diff)
7 files changed, 35 insertions, 26 deletions
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index d7afd3dc1..d37528ee7 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -75,12 +75,14 @@ import (
 	"gvisor.dev/gvisor/runsc/specutils"
 	"gvisor.dev/gvisor/runsc/specutils/seccomp"
 
-	// Include supported socket providers.
+	// Top-level inet providers.
 	"gvisor.dev/gvisor/pkg/sentry/socket/hostinet"
+	"gvisor.dev/gvisor/pkg/sentry/socket/netstack"
+
+	// Include other supported socket providers.
 	_ "gvisor.dev/gvisor/pkg/sentry/socket/netlink"
 	_ "gvisor.dev/gvisor/pkg/sentry/socket/netlink/route"
 	_ "gvisor.dev/gvisor/pkg/sentry/socket/netlink/uevent"
-	"gvisor.dev/gvisor/pkg/sentry/socket/netstack"
 	_ "gvisor.dev/gvisor/pkg/sentry/socket/unix"
 )
 
diff --git a/runsc/cgroup/cgroup.go b/runsc/cgroup/cgroup.go
index e5294de55..13c6a16a0 100644
--- a/runsc/cgroup/cgroup.go
+++ b/runsc/cgroup/cgroup.go
@@ -41,22 +41,22 @@ const (
 )
 
 var controllers = map[string]config{
-	"blkio":    config{ctrlr: &blockIO{}},
-	"cpu":      config{ctrlr: &cpu{}},
-	"cpuset":   config{ctrlr: &cpuSet{}},
-	"hugetlb":  config{ctrlr: &hugeTLB{}, optional: true},
-	"memory":   config{ctrlr: &memory{}},
-	"net_cls":  config{ctrlr: &networkClass{}},
-	"net_prio": config{ctrlr: &networkPrio{}},
-	"pids":     config{ctrlr: &pids{}},
+	"blkio":    {ctrlr: &blockIO{}},
+	"cpu":      {ctrlr: &cpu{}},
+	"cpuset":   {ctrlr: &cpuSet{}},
+	"hugetlb":  {ctrlr: &hugeTLB{}, optional: true},
+	"memory":   {ctrlr: &memory{}},
+	"net_cls":  {ctrlr: &networkClass{}},
+	"net_prio": {ctrlr: &networkPrio{}},
+	"pids":     {ctrlr: &pids{}},
 
 	// These controllers either don't have anything in the OCI spec or is
 	// irrelevant for a sandbox.
-	"devices":    config{ctrlr: &noop{}},
-	"freezer":    config{ctrlr: &noop{}},
-	"perf_event": config{ctrlr: &noop{}},
-	"rdma":       config{ctrlr: &noop{}, optional: true},
-	"systemd":    config{ctrlr: &noop{}},
+	"devices":    {ctrlr: &noop{}},
+	"freezer":    {ctrlr: &noop{}},
+	"perf_event": {ctrlr: &noop{}},
+	"rdma":       {ctrlr: &noop{}, optional: true},
+	"systemd":    {ctrlr: &noop{}},
 }
 
 func setOptionalValueInt(path, name string, val *int64) error {
@@ -371,6 +371,7 @@ func (c *Cgroup) Join() (func(), error) {
 	return undo, nil
 }
 
+// CPUQuota returns the CFS CPU quota.
 func (c *Cgroup) CPUQuota() (float64, error) {
 	path := c.makePath("cpu")
 	quota, err := getInt(path, "cpu.cfs_quota_us")
diff --git a/runsc/cmd/syscalls.go b/runsc/cmd/syscalls.go
index a37d66139..a8c83d662 100644
--- a/runsc/cmd/syscalls.go
+++ b/runsc/cmd/syscalls.go
@@ -147,7 +147,7 @@ func getCompatibilityInfo(osName string, archName string) (CompatibilityInfo, er
 	info := CompatibilityInfo(make(map[string]map[string]ArchInfo))
 	if osName == osAll {
 		// Special processing for the 'all' OS name.
-		for osName, _ := range syscallTableMap {
+		for osName := range syscallTableMap {
 			info[osName] = make(map[string]ArchInfo)
 			// osName is a specific OS name.
 			if err := addToCompatibilityInfo(info, osName, archName); err != nil {
@@ -171,7 +171,7 @@ func getCompatibilityInfo(osName string, archName string) (CompatibilityInfo, er
 func addToCompatibilityInfo(info CompatibilityInfo, osName string, archName string) error {
 	if archName == archAll {
 		// Special processing for the 'all' architecture name.
-		for archName, _ := range syscallTableMap[osName] {
+		for archName := range syscallTableMap[osName] {
 			archInfo, err := getArchInfo(osName, archName)
 			if err != nil {
 				return err
diff --git a/runsc/container/container.go b/runsc/container/container.go
index 8b78660f7..5a0f8d5dc 100644
--- a/runsc/container/container.go
+++ b/runsc/container/container.go
@@ -983,6 +983,7 @@ func (c *Container) changeStatus(s Status) {
 	c.Status = s
 }
 
+// IsSandboxRunning returns true if the sandbox exists and is running.
 func (c *Container) IsSandboxRunning() bool {
 	return c.Sandbox != nil && c.Sandbox.IsRunning()
 }
diff --git a/runsc/flag/flag.go b/runsc/flag/flag.go
index 775325c06..f921a8107 100644
--- a/runsc/flag/flag.go
+++ b/runsc/flag/flag.go
@@ -19,8 +19,10 @@ import (
 	"flag"
 )
 
+// FlagSet is an alias for flag.FlagSet.
 type FlagSet = flag.FlagSet
 
+// Aliases for flag functions.
 var (
 	Bool        = flag.Bool
 	CommandLine = flag.CommandLine
@@ -32,6 +34,7 @@ var (
 	Var         = flag.Var
 )
 
+// ContinueOnError is an alias for flag.ContinueOnError.
 const ContinueOnError = flag.ContinueOnError
 
 // Get returns the flag's underlying object.
diff --git a/runsc/fsgofer/fsgofer.go b/runsc/fsgofer/fsgofer.go
index 3d94ffeb4..c3bba0973 100644
--- a/runsc/fsgofer/fsgofer.go
+++ b/runsc/fsgofer/fsgofer.go
@@ -758,15 +758,15 @@ func (l *localFile) SetAttr(valid p9.SetAttrMask, attr p9.SetAttr) error {
 			// utimensat operates different that other syscalls. To operate on a
 			// symlink it *requires* AT_SYMLINK_NOFOLLOW with dirFD and a non-empty
 			// name.
-			parent, err := unix.Open(path.Dir(l.hostPath), openFlags|unix.O_PATH, 0)
-			if err != nil {
-				return extractErrno(err)
+			parent, oErr := unix.Open(path.Dir(l.hostPath), openFlags|unix.O_PATH, 0)
+			if oErr != nil {
+				return extractErrno(oErr)
 			}
 			defer unix.Close(parent)
 
-			if terr := utimensat(parent, path.Base(l.hostPath), utimes, linux.AT_SYMLINK_NOFOLLOW); terr != nil {
-				log.Debugf("SetAttr utimens failed %q, err: %v", l.hostPath, terr)
-				err = extractErrno(terr)
+			if tErr := utimensat(parent, path.Base(l.hostPath), utimes, linux.AT_SYMLINK_NOFOLLOW); tErr != nil {
+				log.Debugf("SetAttr utimens failed %q, err: %v", l.hostPath, tErr)
+				err = extractErrno(tErr)
 			}
 		} else {
 			// Directories and regular files can operate directly on the fd
@@ -787,9 +787,9 @@ func (l *localFile) SetAttr(valid p9.SetAttrMask, attr p9.SetAttr) error {
 		if valid.GID {
 			gid = int(attr.GID)
 		}
-		if oerr := unix.Fchownat(f.FD(), "", uid, gid, linux.AT_EMPTY_PATH|linux.AT_SYMLINK_NOFOLLOW); oerr != nil {
-			log.Debugf("SetAttr fchownat failed %q, err: %v", l.hostPath, oerr)
-			err = extractErrno(oerr)
+		if oErr := unix.Fchownat(f.FD(), "", uid, gid, linux.AT_EMPTY_PATH|linux.AT_SYMLINK_NOFOLLOW); oErr != nil {
+			log.Debugf("SetAttr fchownat failed %q, err: %v", l.hostPath, oErr)
+			err = extractErrno(oErr)
 		}
 	}
 
diff --git a/runsc/sandbox/sandbox.go b/runsc/sandbox/sandbox.go
index cfee9e63d..266bc0bdc 100644
--- a/runsc/sandbox/sandbox.go
+++ b/runsc/sandbox/sandbox.go
@@ -719,6 +719,8 @@ func (s *Sandbox) createSandboxProcess(conf *config.Config, args *Args, startSyn
 		nextFD++
 	}
 
+	_ = nextFD // All FD assignment is finished.
+
 	if args.Attached {
 		// Kill sandbox if parent process exits in attached mode.
 		cmd.SysProcAttr.Pdeathsig = syscall.SIGKILL
author	gVisor bot <gvisor-bot@google.com>	2021-01-12 20:47:44 +0000
committer	gVisor bot <gvisor-bot@google.com>	2021-01-12 20:47:44 +0000
commit	fbc3a3d984eb113f7487e38ba55e5f813fc72aec (patch)
tree	d22a96c80f5f9a35c71687740e35c0021475d428 /runsc
parent	1ea6658d24215e9fbcdb693b00884e1bdbdcc95d (diff)
parent	4e03e87547853523d4ff941935a6ef1712518c61 (diff)