summaryrefslogtreecommitdiffhomepage
path: root/tools
diff options
context:
space:
mode:
Diffstat (limited to 'tools')
-rw-r--r--tools/checkunsafe/BUILD13
-rw-r--r--tools/checkunsafe/check_unsafe.go56
-rwxr-xr-xtools/go_branch.sh2
-rw-r--r--tools/go_generics/generics.go8
-rw-r--r--tools/go_generics/globals/BUILD2
-rw-r--r--tools/go_generics/globals/globals_visitor.go4
-rw-r--r--tools/go_generics/imports.go2
-rw-r--r--tools/go_stateify/defs.bzl4
-rw-r--r--tools/nogo.js7
-rwxr-xr-xtools/run_tests.sh45
10 files changed, 122 insertions, 21 deletions
diff --git a/tools/checkunsafe/BUILD b/tools/checkunsafe/BUILD
new file mode 100644
index 000000000..d85c56131
--- /dev/null
+++ b/tools/checkunsafe/BUILD
@@ -0,0 +1,13 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_tool_library")
+
+package(licenses = ["notice"])
+
+go_tool_library(
+ name = "checkunsafe",
+ srcs = ["check_unsafe.go"],
+ importpath = "checkunsafe",
+ visibility = ["//visibility:public"],
+ deps = [
+ "@org_golang_x_tools//go/analysis:go_tool_library",
+ ],
+)
diff --git a/tools/checkunsafe/check_unsafe.go b/tools/checkunsafe/check_unsafe.go
new file mode 100644
index 000000000..4ccd7cc5a
--- /dev/null
+++ b/tools/checkunsafe/check_unsafe.go
@@ -0,0 +1,56 @@
+// Copyright 2019 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package checkunsafe allows unsafe imports only in files named appropriately.
+package checkunsafe
+
+import (
+ "fmt"
+ "path"
+ "strconv"
+ "strings"
+
+ "golang.org/x/tools/go/analysis"
+)
+
+// Analyzer defines the entrypoint.
+var Analyzer = &analysis.Analyzer{
+ Name: "checkunsafe",
+ Doc: "allows unsafe use only in specified files",
+ Run: run,
+}
+
+func run(pass *analysis.Pass) (interface{}, error) {
+ for _, f := range pass.Files {
+ for _, imp := range f.Imports {
+ // Is this an unsafe import?
+ pkg, err := strconv.Unquote(imp.Path.Value)
+ if err != nil || pkg != "unsafe" {
+ continue
+ }
+
+ // Extract the filename.
+ filename := pass.Fset.File(imp.Pos()).Name()
+
+ // Allow files named _unsafe.go or _test.go to opt out.
+ if strings.HasSuffix(filename, "_unsafe.go") || strings.HasSuffix(filename, "_test.go") {
+ continue
+ }
+
+ // Throw the error.
+ pass.Reportf(imp.Pos(), fmt.Sprintf("package unsafe imported by %s; must end with _unsafe.go", path.Base(filename)))
+ }
+ }
+ return nil, nil
+}
diff --git a/tools/go_branch.sh b/tools/go_branch.sh
index 8ea6a6d8d..d9e79401d 100755
--- a/tools/go_branch.sh
+++ b/tools/go_branch.sh
@@ -19,6 +19,7 @@ set -eo pipefail
# Discovery the package name from the go.mod file.
declare -r gomod="$(pwd)/go.mod"
declare -r module=$(cat "${gomod}" | grep -E "^module" | cut -d' ' -f2)
+declare -r gosum="$(pwd)/go.sum"
# Check that gopath has been built.
declare -r gopath_dir="$(pwd)/bazel-bin/gopath/src/${module}"
@@ -63,6 +64,7 @@ git merge --allow-unrelated-histories --no-commit --strategy ours ${head}
# Sync the entire gopath_dir and go.mod.
rsync --recursive --verbose --delete --exclude .git --exclude README.md -L "${gopath_dir}/" .
cp "${gomod}" .
+cp "${gosum}" .
# There are a few solitary files that can get left behind due to the way bazel
# constructs the gopath target. Note that we don't find all Go files here
diff --git a/tools/go_generics/generics.go b/tools/go_generics/generics.go
index ca414d8cb..22c714c13 100644
--- a/tools/go_generics/generics.go
+++ b/tools/go_generics/generics.go
@@ -98,7 +98,7 @@ import (
"regexp"
"strings"
- "gvisor.googlesource.com/gvisor/tools/go_generics/globals"
+ "gvisor.dev/gvisor/tools/go_generics/globals"
)
var (
@@ -222,7 +222,11 @@ func main() {
// Modify the state tag appropriately.
if m := stateTagRegexp.FindStringSubmatch(ident.Name); m != nil {
if t := identifierRegexp.FindStringSubmatch(m[2]); t != nil {
- ident.Name = m[1] + `state:".(` + t[1] + *prefix + t[2] + *suffix + t[3] + `)"` + m[3]
+ typeName := *prefix + t[2] + *suffix
+ if n, ok := types[t[2]]; ok {
+ typeName = n
+ }
+ ident.Name = m[1] + `state:".(` + t[1] + typeName + t[3] + `)"` + m[3]
}
}
}
diff --git a/tools/go_generics/globals/BUILD b/tools/go_generics/globals/BUILD
index 6628132f5..74853c7d2 100644
--- a/tools/go_generics/globals/BUILD
+++ b/tools/go_generics/globals/BUILD
@@ -8,6 +8,6 @@ go_library(
"globals_visitor.go",
"scope.go",
],
- importpath = "gvisor.googlesource.com/gvisor/tools/go_generics/globals",
+ importpath = "gvisor.dev/gvisor/tools/go_generics/globals",
visibility = ["//tools/go_generics:__pkg__"],
)
diff --git a/tools/go_generics/globals/globals_visitor.go b/tools/go_generics/globals/globals_visitor.go
index 7ae48c662..3f948637b 100644
--- a/tools/go_generics/globals/globals_visitor.go
+++ b/tools/go_generics/globals/globals_visitor.go
@@ -132,7 +132,7 @@ func (v *globalsVisitor) visitFields(l *ast.FieldList, kind SymKind) {
}
}
-// visitGenDecl is called when a generic declation is encountered, for example,
+// visitGenDecl is called when a generic declaration is encountered, for example,
// on variable, constant and type declarations. It adds all newly defined
// symbols to the current scope and reports them if the current scope is the
// global one.
@@ -490,7 +490,7 @@ func (v *globalsVisitor) visitBlockStmt(s *ast.BlockStmt) {
v.popScope()
}
-// visitFuncDecl is called when a function or method declation is encountered.
+// visitFuncDecl is called when a function or method declaration is encountered.
// it creates a new scope for the function [optional] receiver, parameters and
// results, and visits all children nodes.
func (v *globalsVisitor) visitFuncDecl(d *ast.FuncDecl) {
diff --git a/tools/go_generics/imports.go b/tools/go_generics/imports.go
index 3a7230c97..148dc7216 100644
--- a/tools/go_generics/imports.go
+++ b/tools/go_generics/imports.go
@@ -23,7 +23,7 @@ import (
"go/token"
"strconv"
- "gvisor.googlesource.com/gvisor/tools/go_generics/globals"
+ "gvisor.dev/gvisor/tools/go_generics/globals"
)
type importedPackage struct {
diff --git a/tools/go_stateify/defs.bzl b/tools/go_stateify/defs.bzl
index 70ce73d7b..aeba197e2 100644
--- a/tools/go_stateify/defs.bzl
+++ b/tools/go_stateify/defs.bzl
@@ -50,7 +50,7 @@ def _go_stateify_impl(ctx):
args += ["-imports=%s" % ",".join(ctx.attr.imports)]
args += ["--"]
for src in ctx.attr.srcs:
- args += [f.path for f in src.files]
+ args += [f.path for f in src.files.to_list()]
ctx.actions.run(
inputs = ctx.files.srcs,
outputs = [output],
@@ -76,7 +76,7 @@ go_stateify = rule(
"package": attr.string(mandatory = True),
"out": attr.output(mandatory = True),
"_tool": attr.label(executable = True, cfg = "host", default = Label("//tools/go_stateify:stateify")),
- "_statepkg": attr.string(default = "gvisor.googlesource.com/gvisor/pkg/state"),
+ "_statepkg": attr.string(default = "gvisor.dev/gvisor/pkg/state"),
},
)
diff --git a/tools/nogo.js b/tools/nogo.js
new file mode 100644
index 000000000..fc0a4d1f0
--- /dev/null
+++ b/tools/nogo.js
@@ -0,0 +1,7 @@
+{
+ "checkunsafe": {
+ "exclude_files": {
+ "/external/": "not subject to constraint"
+ }
+ }
+}
diff --git a/tools/run_tests.sh b/tools/run_tests.sh
index b35d2e4b8..483b9cb50 100755
--- a/tools/run_tests.sh
+++ b/tools/run_tests.sh
@@ -45,7 +45,8 @@ readonly TEST_PACKAGES=("//pkg/..." "//runsc/..." "//tools/...")
#######################
# Install the latest version of Bazel and log the version.
-(which use_bazel.sh && use_bazel.sh latest) || which bazel
+# FIXME(b/137285694): Unable to build runsc with bazel 0.28.0.
+(which use_bazel.sh && use_bazel.sh 0.27.1) || which bazel
bazel version
# Load the kvm module.
@@ -92,6 +93,14 @@ build_everything() {
"${BUILD_PACKAGES[@]}"
}
+build_runsc_debian() {
+ cd ${WORKSPACE_DIR}
+
+ # TODO(b/135475885): pkg_deb is incompatible with Python3.
+ # https://github.com/bazelbuild/bazel/issues/8443
+ bazel build --host_force_python=py2 runsc:runsc-debian
+}
+
# Run simple tests runs the tests that require no special setup or
# configuration.
run_simple_tests() {
@@ -173,16 +182,24 @@ run_docker_tests() {
# These names are used to exclude tests not supported in certain
# configuration, e.g. save/restore not supported with hostnet.
- declare -a variations=("" "-kvm" "-hostnet" "-overlay")
- for v in "${variations[@]}"; do
- # Run runsc tests with docker that are tagged manual.
- bazel test \
- "${BAZEL_BUILD_FLAGS[@]}" \
- --test_env=RUNSC_RUNTIME="${RUNTIME}${v}" \
- --test_output=all \
- //runsc/test/image:image_test \
- //runsc/test/integration:integration_test
- done
+ # Run runsc tests with docker that are tagged manual.
+ #
+ # The --nocache_test_results option is used here to eliminate cached results
+ # from the previous run for the runc runtime.
+ bazel test \
+ "${BAZEL_BUILD_FLAGS[@]}" \
+ --test_env=RUNSC_RUNTIME="${RUNTIME}" \
+ --test_output=all \
+ --nocache_test_results \
+ --test_output=streamed \
+ //runsc/test/integration:integration_test \
+ //runsc/test/integration:integration_test_hostnet \
+ //runsc/test/integration:integration_test_overlay \
+ //runsc/test/integration:integration_test_kvm \
+ //runsc/test/image:image_test \
+ //runsc/test/image:image_test_overlay \
+ //runsc/test/image:image_test_hostnet \
+ //runsc/test/image:image_test_kvm
}
# Run the tests that require root.
@@ -208,8 +225,8 @@ run_runsc_do_tests() {
local runsc=$(find bazel-bin/runsc -type f -executable -name "runsc" | head -n1)
# run runsc do without root privileges.
- unshare -Ur ${runsc} --network=none --TESTONLY-unsafe-nonroot do true
- unshare -Ur ${runsc} --TESTONLY-unsafe-nonroot --network=host do --netns=false true
+ ${runsc} --rootless do true
+ ${runsc} --rootless --network=none do true
# run runsc do with root privileges.
sudo -n -E ${runsc} do true
@@ -273,6 +290,8 @@ main() {
run_syscall_tests
run_runsc_do_tests
+ build_runsc_debian
+
# Build other flavors too.
build_everything dbg