summaryrefslogtreecommitdiffhomepage
path: root/runsc
diff options
context:
space:
mode:
Diffstat (limited to 'runsc')
-rw-r--r--runsc/boot/loader.go6
-rw-r--r--runsc/cgroup/cgroup.go27
-rw-r--r--runsc/cmd/syscalls.go4
-rw-r--r--runsc/container/container.go1
-rw-r--r--runsc/flag/flag.go3
-rw-r--r--runsc/fsgofer/fsgofer.go18
-rw-r--r--runsc/sandbox/sandbox.go2
7 files changed, 35 insertions, 26 deletions
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index d7afd3dc1..d37528ee7 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -75,12 +75,14 @@ import (
"gvisor.dev/gvisor/runsc/specutils"
"gvisor.dev/gvisor/runsc/specutils/seccomp"
- // Include supported socket providers.
+ // Top-level inet providers.
"gvisor.dev/gvisor/pkg/sentry/socket/hostinet"
+ "gvisor.dev/gvisor/pkg/sentry/socket/netstack"
+
+ // Include other supported socket providers.
_ "gvisor.dev/gvisor/pkg/sentry/socket/netlink"
_ "gvisor.dev/gvisor/pkg/sentry/socket/netlink/route"
_ "gvisor.dev/gvisor/pkg/sentry/socket/netlink/uevent"
- "gvisor.dev/gvisor/pkg/sentry/socket/netstack"
_ "gvisor.dev/gvisor/pkg/sentry/socket/unix"
)
diff --git a/runsc/cgroup/cgroup.go b/runsc/cgroup/cgroup.go
index e5294de55..13c6a16a0 100644
--- a/runsc/cgroup/cgroup.go
+++ b/runsc/cgroup/cgroup.go
@@ -41,22 +41,22 @@ const (
)
var controllers = map[string]config{
- "blkio": config{ctrlr: &blockIO{}},
- "cpu": config{ctrlr: &cpu{}},
- "cpuset": config{ctrlr: &cpuSet{}},
- "hugetlb": config{ctrlr: &hugeTLB{}, optional: true},
- "memory": config{ctrlr: &memory{}},
- "net_cls": config{ctrlr: &networkClass{}},
- "net_prio": config{ctrlr: &networkPrio{}},
- "pids": config{ctrlr: &pids{}},
+ "blkio": {ctrlr: &blockIO{}},
+ "cpu": {ctrlr: &cpu{}},
+ "cpuset": {ctrlr: &cpuSet{}},
+ "hugetlb": {ctrlr: &hugeTLB{}, optional: true},
+ "memory": {ctrlr: &memory{}},
+ "net_cls": {ctrlr: &networkClass{}},
+ "net_prio": {ctrlr: &networkPrio{}},
+ "pids": {ctrlr: &pids{}},
// These controllers either don't have anything in the OCI spec or is
// irrelevant for a sandbox.
- "devices": config{ctrlr: &noop{}},
- "freezer": config{ctrlr: &noop{}},
- "perf_event": config{ctrlr: &noop{}},
- "rdma": config{ctrlr: &noop{}, optional: true},
- "systemd": config{ctrlr: &noop{}},
+ "devices": {ctrlr: &noop{}},
+ "freezer": {ctrlr: &noop{}},
+ "perf_event": {ctrlr: &noop{}},
+ "rdma": {ctrlr: &noop{}, optional: true},
+ "systemd": {ctrlr: &noop{}},
}
func setOptionalValueInt(path, name string, val *int64) error {
@@ -371,6 +371,7 @@ func (c *Cgroup) Join() (func(), error) {
return undo, nil
}
+// CPUQuota returns the CFS CPU quota.
func (c *Cgroup) CPUQuota() (float64, error) {
path := c.makePath("cpu")
quota, err := getInt(path, "cpu.cfs_quota_us")
diff --git a/runsc/cmd/syscalls.go b/runsc/cmd/syscalls.go
index a37d66139..a8c83d662 100644
--- a/runsc/cmd/syscalls.go
+++ b/runsc/cmd/syscalls.go
@@ -147,7 +147,7 @@ func getCompatibilityInfo(osName string, archName string) (CompatibilityInfo, er
info := CompatibilityInfo(make(map[string]map[string]ArchInfo))
if osName == osAll {
// Special processing for the 'all' OS name.
- for osName, _ := range syscallTableMap {
+ for osName := range syscallTableMap {
info[osName] = make(map[string]ArchInfo)
// osName is a specific OS name.
if err := addToCompatibilityInfo(info, osName, archName); err != nil {
@@ -171,7 +171,7 @@ func getCompatibilityInfo(osName string, archName string) (CompatibilityInfo, er
func addToCompatibilityInfo(info CompatibilityInfo, osName string, archName string) error {
if archName == archAll {
// Special processing for the 'all' architecture name.
- for archName, _ := range syscallTableMap[osName] {
+ for archName := range syscallTableMap[osName] {
archInfo, err := getArchInfo(osName, archName)
if err != nil {
return err
diff --git a/runsc/container/container.go b/runsc/container/container.go
index 8b78660f7..5a0f8d5dc 100644
--- a/runsc/container/container.go
+++ b/runsc/container/container.go
@@ -983,6 +983,7 @@ func (c *Container) changeStatus(s Status) {
c.Status = s
}
+// IsSandboxRunning returns true if the sandbox exists and is running.
func (c *Container) IsSandboxRunning() bool {
return c.Sandbox != nil && c.Sandbox.IsRunning()
}
diff --git a/runsc/flag/flag.go b/runsc/flag/flag.go
index 775325c06..f921a8107 100644
--- a/runsc/flag/flag.go
+++ b/runsc/flag/flag.go
@@ -19,8 +19,10 @@ import (
"flag"
)
+// FlagSet is an alias for flag.FlagSet.
type FlagSet = flag.FlagSet
+// Aliases for flag functions.
var (
Bool = flag.Bool
CommandLine = flag.CommandLine
@@ -32,6 +34,7 @@ var (
Var = flag.Var
)
+// ContinueOnError is an alias for flag.ContinueOnError.
const ContinueOnError = flag.ContinueOnError
// Get returns the flag's underlying object.
diff --git a/runsc/fsgofer/fsgofer.go b/runsc/fsgofer/fsgofer.go
index 3d94ffeb4..c3bba0973 100644
--- a/runsc/fsgofer/fsgofer.go
+++ b/runsc/fsgofer/fsgofer.go
@@ -758,15 +758,15 @@ func (l *localFile) SetAttr(valid p9.SetAttrMask, attr p9.SetAttr) error {
// utimensat operates different that other syscalls. To operate on a
// symlink it *requires* AT_SYMLINK_NOFOLLOW with dirFD and a non-empty
// name.
- parent, err := unix.Open(path.Dir(l.hostPath), openFlags|unix.O_PATH, 0)
- if err != nil {
- return extractErrno(err)
+ parent, oErr := unix.Open(path.Dir(l.hostPath), openFlags|unix.O_PATH, 0)
+ if oErr != nil {
+ return extractErrno(oErr)
}
defer unix.Close(parent)
- if terr := utimensat(parent, path.Base(l.hostPath), utimes, linux.AT_SYMLINK_NOFOLLOW); terr != nil {
- log.Debugf("SetAttr utimens failed %q, err: %v", l.hostPath, terr)
- err = extractErrno(terr)
+ if tErr := utimensat(parent, path.Base(l.hostPath), utimes, linux.AT_SYMLINK_NOFOLLOW); tErr != nil {
+ log.Debugf("SetAttr utimens failed %q, err: %v", l.hostPath, tErr)
+ err = extractErrno(tErr)
}
} else {
// Directories and regular files can operate directly on the fd
@@ -787,9 +787,9 @@ func (l *localFile) SetAttr(valid p9.SetAttrMask, attr p9.SetAttr) error {
if valid.GID {
gid = int(attr.GID)
}
- if oerr := unix.Fchownat(f.FD(), "", uid, gid, linux.AT_EMPTY_PATH|linux.AT_SYMLINK_NOFOLLOW); oerr != nil {
- log.Debugf("SetAttr fchownat failed %q, err: %v", l.hostPath, oerr)
- err = extractErrno(oerr)
+ if oErr := unix.Fchownat(f.FD(), "", uid, gid, linux.AT_EMPTY_PATH|linux.AT_SYMLINK_NOFOLLOW); oErr != nil {
+ log.Debugf("SetAttr fchownat failed %q, err: %v", l.hostPath, oErr)
+ err = extractErrno(oErr)
}
}
diff --git a/runsc/sandbox/sandbox.go b/runsc/sandbox/sandbox.go
index cfee9e63d..266bc0bdc 100644
--- a/runsc/sandbox/sandbox.go
+++ b/runsc/sandbox/sandbox.go
@@ -719,6 +719,8 @@ func (s *Sandbox) createSandboxProcess(conf *config.Config, args *Args, startSyn
nextFD++
}
+ _ = nextFD // All FD assignment is finished.
+
if args.Attached {
// Kill sandbox if parent process exits in attached mode.
cmd.SysProcAttr.Pdeathsig = syscall.SIGKILL