diff options
Diffstat (limited to 'website')
110 files changed, 0 insertions, 4194 deletions
diff --git a/website/BUILD b/website/BUILD deleted file mode 100644 index 1a38967e5..000000000 --- a/website/BUILD +++ /dev/null @@ -1,197 +0,0 @@ -load("//tools:defs.bzl", "bzl_library", "pkg_tar") -load("//website:defs.bzl", "doc", "docs") -load("//images:defs.bzl", "docker_image") - -package(licenses = ["notice"]) - -docker_image( - name = "website", - data = ":files", - statements = [ - "EXPOSE 8080/tcp", - 'ENTRYPOINT ["/server"]', - ], - tags = [ - "local", - "manual", - "no-sandbox", - ], -) - -# files is the full file system of the generated container. -# -# It must collect the all tarballs (produced by the rules below), and run it -# through the Dockerfile to generate the site. Note that this checks all links, -# and therefore requires all static content to be present as well. -# -# Note that this rule violates most aspects of hermetic builds. However, this -# works much more reliably than depending on the container_image rules from -# bazel itself, which are convoluted and seem to have a hard time even finding -# the toolchain. -genrule( - name = "files", - srcs = [ - ":config", - ":css", - ":docs", - ":static", - ":syscallmd", - "//website/blog:posts", - "//website/cmd/server", - "@google_root_pem//file", - ], - outs = ["files.tgz"], - cmd = "set -x; " + - "T=$$(mktemp -d); " + - "mkdir -p $$T/input && " + - "mkdir -p $$T/output/_site && " + - "tar -xf $(location :config) -C $$T/input && " + - "tar -xf $(location :css) -C $$T/input && " + - "tar -xf $(location :docs) -C $$T/input && " + - "tar -xf $(location :syscallmd) -C $$T/input && " + - "tar -xf $(location //website/blog:posts) -C $$T/input && " + - "find $$T/input -type f -exec chmod u+rw {} \\; && " + - "docker run -i --user $$(id -u):$$(id -g) " + - "-v $$(readlink -m $$T/input):/input " + - "-v $$(readlink -m $$T/output/_site):/output " + - "gvisor.dev/images/jekyll && " + - "tar -xf $(location :static) -C $$T/output/_site && " + - "docker run -i --user $$(id -u):$$(id -g) " + - "-v $$(readlink -m $$T/output/_site):/output " + - "gvisor.dev/images/jekyll " + - "ruby /checks.rb " + - "/output && " + - "cp $(location //website/cmd/server) $$T/output/server && " + - "mkdir -p $$T/output/etc/ssl && " + - "cp $(location @google_root_pem//file) $$T/output/etc/ssl/cert.pem && " + - "tar -zcf $@ -C $$T/output . && " + - "rm -rf $$T", - tags = [ - "local", - "manual", - "no-sandbox", - ], -) - -# static are the purely static parts of the site. These are effectively copied -# in after jekyll generates all the dynamic content. -pkg_tar( - name = "static", - srcs = [ - "archive.key", - ] + glob([ - "performance/**", - ]), - strip_prefix = "./", -) - -# main.scss requires front-matter to be processed. -genrule( - name = "css", - srcs = glob([ - "css/**", - ]), - outs = [ - "css.tar", - ], - cmd = "T=$$(mktemp -d); " + - "mkdir -p $$T/css && " + - "for file in $(SRCS); do " + - "echo -en '---\\n---\\n' > $$T/css/$$(basename $$file) && " + - "cat $$file >> $$T/css/$$(basename $$file); " + - "done && " + - "tar -C $$T -czf $@ . && " + - "rm -rf $$T", -) - -# config is "mostly" static content. These are parts of the site that are -# present when jekyll runs, but are not dynamically generated. -pkg_tar( - name = "config", - srcs = [ - ":css", - "_config.yml", - "//website/blog:index.html", - ] + glob([ - "assets/**", - "_includes/**", - "_layouts/**", - "_plugins/**", - "_sass/**", - ]), - strip_prefix = "./", -) - -# index is the index file. -doc( - name = "index", - src = "index.md", - layout = "base", - permalink = "/", -) - -# docs is the dynamic content of the site. -docs( - name = "docs", - deps = [ - ":index", - "//:code_of_conduct", - "//:contributing", - "//:governance", - "//:security", - "//g3doc:community", - "//g3doc:index", - "//g3doc:roadmap", - "//g3doc:style", - "//g3doc/architecture_guide:performance", - "//g3doc/architecture_guide:platforms", - "//g3doc/architecture_guide:resources", - "//g3doc/architecture_guide:security", - "//g3doc/proposals:gsoc_2021", - "//g3doc/user_guide:FAQ", - "//g3doc/user_guide:checkpoint_restore", - "//g3doc/user_guide:compatibility", - "//g3doc/user_guide:debugging", - "//g3doc/user_guide:filesystem", - "//g3doc/user_guide:install", - "//g3doc/user_guide:networking", - "//g3doc/user_guide:platforms", - "//g3doc/user_guide/containerd:configuration", - "//g3doc/user_guide/containerd:containerd_11", - "//g3doc/user_guide/containerd:quick_start", - "//g3doc/user_guide/quick_start:docker", - "//g3doc/user_guide/quick_start:kubernetes", - "//g3doc/user_guide/quick_start:oci", - "//g3doc/user_guide/tutorials:cni", - "//g3doc/user_guide/tutorials:docker", - "//g3doc/user_guide/tutorials:docker_compose", - "//g3doc/user_guide/tutorials:knative", - "//g3doc/user_guide/tutorials:kubernetes", - ], -) - -# Generate JSON for system call tables -genrule( - name = "syscalljson", - outs = ["syscalls.json"], - cmd = "$(location //runsc) -- help syscalls -format json -filename $@", - tools = ["//runsc"], -) - -# Generate markdown from the json dump. -genrule( - name = "syscallmd", - srcs = [":syscalljson"], - outs = ["syscallsmd"], - cmd = "T=$$(mktemp -d) && " + - "$(location //website/cmd/syscalldocs) -in $< -out $$T && " + - "tar -C $$T -czf $@ . && " + - "rm -rf $$T", - tools = ["//website/cmd/syscalldocs"], -) - -bzl_library( - name = "defs_bzl", - srcs = ["defs.bzl"], - visibility = ["//visibility:private"], -) diff --git a/website/_config.yml b/website/_config.yml deleted file mode 100644 index 5f1cbbdeb..000000000 --- a/website/_config.yml +++ /dev/null @@ -1,49 +0,0 @@ -destination: _site -markdown: kramdown -kramdown: - syntax_highlighter: rouge - toc_levels: "2,3" -highlighter: rouge -paginate: 5 -paginate_path: "/blog/page:num/" -plugins: - - jekyll-paginate - - jekyll-autoprefixer - - jekyll-inline-svg - - jekyll-relative-links - - jekyll-feed - - jekyll-sitemap -site_url: https://gvisor.dev -feed: - path: blog/index.xml -svg: - optimize: true -defaults: - - scope: - path: "" - values: - layout: default -analytics: "UA-150193582-1" -authors: - jsprad: - name: Jeremiah Spradlin - email: jsprad@google.com - zkoopmans: - name: Zach Koopmans - email: zkoopmans@google.com - igudger: - name: Ian Gudger - email: igudger@google.com - fvoznika: - name: Fabricio Voznika - email: fvoznika@google.com - ianlewis: - name: Ian Lewis - email: ianlewis@google.com - url: https://twitter.com/IanMLewis - mpratt: - name: Michael Pratt - email: mpratt@google.com - nybidari: - name: Nayana Bidari - email: nybidari@google.com diff --git a/website/_includes/byline.html b/website/_includes/byline.html deleted file mode 100644 index 1e808260f..000000000 --- a/website/_includes/byline.html +++ /dev/null @@ -1,18 +0,0 @@ -By -{% assign last_pos=include.authors.size | minus: 1 %} -{% assign and_pos=include.authors.size | minus: 2 %} -{% for i in (0..last_pos) %} - {% assign author_id=include.authors[i] %} - {% assign author=site.authors[author_id] %} - {% if author %} - <a href="{% if author.url %}{{ author.url }}{% else %}mailto:{{ author.email }}{% endif %}">{{ author.name }}</a> - {% else %} - {{ author_id }} - {% endif %} - {% if i == and_pos %} - and - {% elsif i < and_pos %} - , - {% endif %} -{% endfor %} -on <span class="text-muted">{{ include.date | date_to_long_string }}</span> diff --git a/website/_includes/footer-links.html b/website/_includes/footer-links.html deleted file mode 100644 index 2036dbaa9..000000000 --- a/website/_includes/footer-links.html +++ /dev/null @@ -1,43 +0,0 @@ -<div class="container"> - <div class="row"> - <div class="col-sm-3 col-md-2"> - <p>About</p> - <ul class="list-unstyled"> - <li><a href="/roadmap/">Roadmap</a></li> - <li><a href="/contributing/">Contributing</a></li> - <li><a href="/security/">Security</a></li> - <li><a href="/community/governance/">Governance</a></li> - <li><a href="https://policies.google.com/privacy">Privacy Policy</a></li> - </ul> - </div> - <div class="col-sm-3 col-md-2"> - <p>Support</p> - <ul class="list-unstyled"> - <li><a href="https://github.com/google/gvisor/issues">Issues</a></li> - <li><a href="/docs">Documentation</a></li> - <li><a href="/docs/user_guide/faq">FAQ</a></li> - </ul> - </div> - <div class="col-sm-3 col-md-2"> - <p>Connect</p> - <ul class="list-unstyled"> - <li><a href="https://github.com/google/gvisor">GitHub</a></li> - <li><a href="https://groups.google.com/forum/#!forum/gvisor-users">User Mailing List</a></li> - <li><a href="https://groups.google.com/forum/#!forum/gvisor-dev">Developer Mailing List</a></li> - <li><a href="https://gitter.im/gvisor/community">Gitter Chat</a></li> - <li><a href="/blog">Blog</a></li> - </ul> - </div> - <div class="col-sm-3 col-md-3"></div> - <div class="hidden-xs hidden-sm col-md-3"> - <a href="https://cloud.google.com/run"> - <img style="float: right;" src="/assets/logos/powered-gvisor.png" alt="Powered by gVisor"/> - </a> - </div> - </div> - <div class="row"> - <div class="col-lg-12"> - <p>© {{ 'now' | date: "%Y" }} The gVisor Authors</p> - </div> - </div> -</div> diff --git a/website/_includes/footer.html b/website/_includes/footer.html deleted file mode 100644 index 20aa9f52c..000000000 --- a/website/_includes/footer.html +++ /dev/null @@ -1,50 +0,0 @@ -<footer class="footer"> - {% include footer-links.html %} -</footer> - -<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script> -<script src="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.1/js/all.min.js" integrity="sha256-Z1Nvg/+y2+vRFhFgFij7Lv0r77yG3hOvWz2wI0SfTa0=" crossorigin="anonymous"></script> -<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous"></script> -<script src="https://cdnjs.cloudflare.com/ajax/libs/d3/4.13.0/d3.min.js" integrity="sha256-hYXbQJK4qdJiAeDVjjQ9G0D6A0xLnDQ4eJI9dkm7Fpk=" crossorigin="anonymous"></script> - -{% if site.analytics %} -<script> -var doNotTrack = false; -if (!doNotTrack) { - window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)};ga.l=+new Date; - ga('create', '{{ site.analytics }}', 'auto'); - ga('send', 'pageview'); -} -</script> -<script async src='https://www.google-analytics.com/analytics.js'></script> -{% endif %} - -<script> - var shiftWindow = function() { - if (location.hash.length !== 0) { - window.scrollBy(0, -50); - } - }; - window.addEventListener("hashchange", shiftWindow); - - $(document).ready(function() { - // Scroll to anchor of location hash, adjusted for fixed navbar. - window.setTimeout(function() { - shiftWindow(); - }, 1); - - // Flip the caret when submenu toggles are clicked. - $(".sidebar-submenu").on("show.bs.collapse", function() { - var toggle = $('[href$="#' + $(this).attr('id') + '"]'); - if (toggle) { - toggle.addClass("dropup"); - } - }); - $(".sidebar-submenu").on("hide.bs.collapse", function() { - var toggle = $('[href$="#' + $(this).attr('id') + '"]'); - if (toggle) { - toggle.removeClass("dropup"); - } - }); - }); -</script> diff --git a/website/_includes/graph.html b/website/_includes/graph.html deleted file mode 100644 index ba4cf9840..000000000 --- a/website/_includes/graph.html +++ /dev/null @@ -1,205 +0,0 @@ -{::nomarkdown} -{% assign fn = include.id | remove: " " | remove: "-" | downcase %} -<figure><a href="{{ include.url }}"><svg id="{{ include.id }}" width=500 height=200 onload="render_{{ fn }}()"><title>{{ include.title }}</title></svg></a></figure> -<script> -function render_{{ fn }}() { -d3.csv("{{ include.url }}", function(d, i, columns) { - return d; // Transformed below. -}, function(error, data) { - if (error) throw(error); - - // Create a new data that pivots on runtime. - // - // To start, we have: - // runtime, ..., result - // runc, ..., 1 - // runsc, ..., 2 - // - // In the end we want: - // ..., runsc, runc - // ..., 1, 2 - - // Filter by metric, if required. - if ("{{ include.metric }}" != "") { - orig_columns = data.columns; - data = data.filter(d => d.metric == "{{ include.metric }}"); - data.columns = orig_columns; - } - - // Filter by method, if required. - if ("{{ include.method }}" != "") { - orig_columns = data.columns; - data = data.filter(d => d.method == "{{ include.method }}"); - data.columns = orig_columns.filter(key => key != "method"); - } - - // Enumerate runtimes. - var runtimes = Array.from(new Set(data.map(d => d.runtime))); - var metrics = Array.from(new Set(data.map(d => d.metric))); - if (metrics.length < 1) { - console.log(data); - throw("need at least one metric"); - } else if (metrics.length == 1) { - metric = metrics[0]; - data.columns = data.columns.filter(key => key != "metric"); - } else { - metric = ""; // Used for grouping. - } - - var isSubset = function(a, sup) { - var ap = Object.getOwnPropertyNames(a); - for (var i = 0; i < ap.length; i++) { - if (a[ap[i]] !== sup[ap[i]]) { - return false; - } - } - return true; - }; - - // Execute a pivot to include runtimes as attributes. - var new_data = data.map(function(data_item) { - // Generate a prototype data item. - var proto_item = Object.assign({}, data_item); - delete proto_item.runtime; - delete proto_item.result; - var next_item = Object.assign({}, proto_item); - - // Find all matching runtime items. - data.forEach(function(d) { - if (isSubset(proto_item, d)) { - // Add the result result. - next_item[d.runtime] = d.result; - } - }); - return next_item; - }); - - // Remove any duplication. - new_data = Array.from(new Set(new_data)); - new_data.columns = data.columns; - new_data.columns = new_data.columns.filter(key => key != "runtime" && key != "result"); - new_data.columns = new_data.columns.concat(runtimes); - data = new_data; - - // Slice based on the first key. - if (data.columns.length != runtimes.length) { - x0_key = new_data.columns[0]; - var x1_domain = data.columns.slice(1); - } else { - x0_key = "runtime"; - var x1_domain = runtimes; - } - - // Determine varaible margins. - var x0_domain = data.map(d => d[x0_key]); - var margin_bottom_pad = 0; - if (x0_domain.length > 8) { - margin_bottom_pad = 50; - } - - // Use log scale if required. - var y_min = 0; - if ({{ include.log | default: "false" }}) { - // Need to cap lower end of the domain at 1. - y_min = 1; - } - - if ({{ include.y_min | default: "false" }}) { - y_min = "{{ include.y_min }}"; - } - - var svg = d3.select("#{{ include.id }}"), - margin = {top: 20, right: 20, bottom: 30 + margin_bottom_pad, left: 50}, - width = +svg.attr("width") - margin.left - margin.right, - height = +svg.attr("height") - margin.top - margin.bottom, - g = svg.append("g").attr("transform", "translate(" + margin.left + "," + margin.top + ")"); - - var x0 = d3.scaleBand() - .rangeRound([margin.left / 2, width - (4 * margin.right)]) - .paddingInner(0.1); - - var x1 = d3.scaleBand() - .padding(0.05); - - var y = d3.scaleLinear() - .rangeRound([height, 0]); - if ({{ include.log | default: "false" }}) { - y = d3.scaleLog() - .rangeRound([height, 0]); - } - - var z = d3.scaleOrdinal() - .range(["#262362", "#FBB03B", "#286FD7", "#6b486b"]); - - // Set all domains. - x0.domain(x0_domain); - x1.domain(x1_domain).rangeRound([0, x0.bandwidth()]); - y.domain([y_min, d3.max(data, d => d3.max(x1_domain, key => parseFloat(d[key])))]).nice(); - - // The data. - g.append("g") - .selectAll("g") - .data(data) - .enter().append("g") - .attr("transform", function(d) { return "translate(" + x0(d[x0_key]) + ",0)"; }) - .selectAll("rect") - .data(d => x1_domain.map(key => ({key, value: d[key]}))) - .enter().append("rect") - .attr("x", d => x1(d.key)) - .attr("y", d => y(d.value)) - .attr("width", x1.bandwidth()) - .attr("height", d => y(y_min) - y(d.value)) - .attr("fill", d => z(d.key)); - - // X0 ticks and labels. - var x0_axis = g.append("g") - .attr("class", "axis") - .attr("transform", "translate(0," + height + ")") - .call(d3.axisBottom(x0)); - if (x0_domain.length > 8) { - x0_axis.selectAll("text") - .style("text-anchor", "end") - .attr("dx", "-.8em") - .attr("dy", ".15em") - .attr("transform", "rotate(-65)"); - } - - // Y ticks and top-label. - if (metric == "default") { - metric = ""; // Don't display. - } - g.append("g") - .attr("class", "axis") - .call(d3.axisLeft(y).ticks(null, "s")) - .append("text") - .attr("x", -30.0) - .attr("y", y(y.ticks().pop()) - 10.0) - .attr("dy", "0.32em") - .attr("fill", "#000") - .attr("font-weight", "bold") - .attr("text-anchor", "start") - .text(metric); - - // The legend. - var legend = g.append("g") - .attr("font-family", "sans-serif") - .attr("font-size", 10) - .attr("text-anchor", "end") - .selectAll("g") - .data(x1_domain.slice().reverse()) - .enter().append("g") - .attr("transform", function(d, i) { return "translate(0," + i * 20 + ")"; }); - legend.append("rect") - .attr("x", width - 19) - .attr("width", 19) - .attr("height", 19) - .attr("fill", z); - legend.append("text") - .attr("x", width - 24) - .attr("y", 9.5) - .attr("dy", "0.32em") - .text(function(d) { return d; }); -}); -} -</script> -{:/} diff --git a/website/_includes/header-links.html b/website/_includes/header-links.html deleted file mode 100644 index 4232fdaa5..000000000 --- a/website/_includes/header-links.html +++ /dev/null @@ -1,19 +0,0 @@ -<nav class="navbar navbar-expand-sm navbar-inverse navbar-fixed-top"> - <div class="container"> - <div class="navbar-brand"> - <a href="/"> - <img src="/assets/logos/logo_solo_on_dark.svg" height="25" class="d-inline-block align-top" style="margin-right: 10px;" alt="logo" /> - gVisor - </a> - </div> - - <div class="collapse navbar-collapse"> - <ul class="nav navbar-nav navbar-right"> - <li><a href="/docs">Documentation</a></li> - <li><a href="/blog">Blog</a></li> - <li><a href="/community/">Community</a></li> - <li><a href="https://github.com/google/gvisor">GitHub</a></li> - </ul> - </div> - </div> -</nav> diff --git a/website/_includes/header.html b/website/_includes/header.html deleted file mode 100644 index c80310069..000000000 --- a/website/_includes/header.html +++ /dev/null @@ -1,30 +0,0 @@ - <head> - <meta charset="utf-8"> - <meta http-equiv="X-UA-Compatible" content="IE=edge"> - <meta name="viewport" content="width=device-width, initial-scale=1"> - {% if page.title %} - <title>{{ page.title }} - gVisor</title> - {% else %} - <title>gVisor</title> - {% endif %} - <link rel="canonical" href="{{ page.url | replace:'index.html','' | prepend: site_root }}"> - - <!-- Dependencies. --> - <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" /> - <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.1/css/all.min.css" integrity="sha256-fdcFNFiBMrNfWL6OcAGQz6jDgNTRxnrLEd4vJYFWScE=" crossorigin="anonymous" /> - - <!-- Our own style sheet. --> - <link rel="stylesheet" type="text/css" href="/css/main.css"> - <link rel="icon" type="image/png" href="/assets/favicons/favicon-32x32.png" sizes="32x32"> - <link rel="icon" type="image/png" href="/assets/favicons/favicon-16x16.png" sizes="16x16"> - - {% if page.title %} - <meta name="og:title" content="{{ page.title }}"> - {% else %} - <meta name="og:title" content="gVisor"> - {% endif %} - {% if page.description %} - <meta name="og:description" content="{{ page.description }}"> - {% endif %} - <meta name="og:image" content="{{ site.site_url }}/assets/logos/logo_solo_on_white_bordered.svg"> - </head> diff --git a/website/_includes/paginator.html b/website/_includes/paginator.html deleted file mode 100644 index b4ff4c3b1..000000000 --- a/website/_includes/paginator.html +++ /dev/null @@ -1,10 +0,0 @@ -<nav aria-label="..."> - <ul class="pager"> - {% if paginator.previous_page %} - <li class="previous"><a href="{{ paginator.previous_page_path }}"><span aria-hidden="true">←</span> Newer</a></li> - {% endif %} - {% if paginator.next_page %} - <li class="next"><a href="{{ paginator.next_page_path }}">Older <span aria-hidden="true">→</span></a></li> - {% endif %} - </ul> -</nav> diff --git a/website/_includes/required_linux.html b/website/_includes/required_linux.html deleted file mode 100644 index e9d1b7548..000000000 --- a/website/_includes/required_linux.html +++ /dev/null @@ -1,2 +0,0 @@ -> Note: gVisor supports only x86\_64 and requires Linux 4.14.77+ -> ([older Linux](/docs/user_guide/networking/#gso)). diff --git a/website/_layouts/base.html b/website/_layouts/base.html deleted file mode 100644 index b30bee0dc..000000000 --- a/website/_layouts/base.html +++ /dev/null @@ -1,9 +0,0 @@ -<!DOCTYPE html> -<html lang="en" itemscope itemtype="https://schema.org/WebPage"> - {% include header.html %} - <body> - {% include header-links.html %} - {{ content }} - {% include footer.html %} - </body> -</html> diff --git a/website/_layouts/blog.html b/website/_layouts/blog.html deleted file mode 100644 index 6c371ab50..000000000 --- a/website/_layouts/blog.html +++ /dev/null @@ -1,17 +0,0 @@ ---- -layout: base ---- - -<div class="container"> - <div class="row"> - <div class="col-lg-2"></div> - <div class="col-lg-8"> - <h1>{{ page.title }}</h1> - {% if page.feed %} - <a class="btn-inverse" href="/blog/index.xml">Feed <i class="fas fa-rss ml-2"></i></a> - {% endif %} - {{ content }} - </div> - <div class="col-lg-2"></div> - </div> -</div> diff --git a/website/_layouts/default.html b/website/_layouts/default.html deleted file mode 100644 index e5523e3fc..000000000 --- a/website/_layouts/default.html +++ /dev/null @@ -1,14 +0,0 @@ ---- -layout: base ---- -{% if page.title %} -<div class="container"> - <div class="page-header"> - <h1>{{ page.title }}</h1> - </div> -</div> -{% endif %} - -<div class="container"> - {{ content }} -</div> diff --git a/website/_layouts/docs.html b/website/_layouts/docs.html deleted file mode 100644 index 5b95dc071..000000000 --- a/website/_layouts/docs.html +++ /dev/null @@ -1,62 +0,0 @@ ---- -layout: base -categories: - - Project - - User Guide - - Architecture Guide - - Compatibility ---- - -<div class="container"> - <div class="row"> - <div class="col-md-3"> - <nav class="sidebar" id="sidebar-nav"> - {% for category in layout.categories %} - <h3>{{ category }}</h3> - <ul class="sidebar-nav"> - {% assign subcats = site.pages | where: 'layout', 'docs' | where: 'category', category | group_by: 'subcategory' | sort: 'name', 'first' %} - {% for subcategory in subcats %} - {% assign sorted_pages = subcategory.items | where: 'include_in_menu', true | sort: 'weight', 'last' %} - {% comment %}If all pages in the subcategory are excluded don't show it.{% endcomment %} - {% if sorted_pages.size > 0 %} - {% if subcategory.name != "" %} - {% assign cid = category | remove: " " | downcase %} - {% assign sid = subcategory.name | remove: " " | downcase %} - <li> - {% comment %} - If the current page is in the sub-category then set the collapsible to expanded. - See: https://getbootstrap.com/docs/3.3/javascript/#collapse - {% endcomment %} - {% assign expanded = false %} - {% for p in sorted_pages %}{% if page.url == p.url %}{% assign expanded = true %}{% endif %}{% endfor %} - <a class="sidebar-nav-heading" data-toggle="collapse" href="#{{ cid }}-{{ sid }}" {% if expanded %}aria-expanded="true"{% else %}aria-expanded="false"{% endif %} aria-controls="{{ cid }}-{{ sid }}">{{ subcategory.name }}<span class="caret"></span></a> - <ul class="collapse{% if expanded %} in{% endif %} sidebar-nav sidebar-submenu" id="{{ cid }}-{{ sid }}"> - {% endif %} - {% for p in sorted_pages %} - <li{% if page.url == p.url %} class="active"{% endif %}><a href="{{ p.url }}">{{ p.title }}</a></li> - {% endfor %} - {% if subcategory.name != "" %} - </li> - </ul> - {% endif %} - {% endif %} - {% endfor %} - </ul> - {% endfor %} - </nav> - </div> - - <div class="col-md-9"> - <h1>{{ page.title }}</h1> - {% if page.editpath %} - <p> - <a href="https://github.com/google/gvisor/edit/master/{{page.editpath}}" target="_blank" rel="noopener"><i class="fa fa-edit fa-fw"></i> Edit this page</a> - <a href="https://github.com/google/gvisor/issues/new?title={{page.title | url_encode}}" target="_blank" rel="noopener"><i class="fab fa-github fa-fw"></i> Create issue</a> - </p> - {% endif %} - <div class="docs-content"> - {{ content }} - </div> - </div> - </div> -</div> diff --git a/website/_layouts/post.html b/website/_layouts/post.html deleted file mode 100644 index 640bee5af..000000000 --- a/website/_layouts/post.html +++ /dev/null @@ -1,10 +0,0 @@ ---- -layout: blog ---- - -<div class="blog-meta"> - {% include byline.html authors=page.authors date=page.date %} -</div> -<div class="blog-content"> - {{ content }} -</div> diff --git a/website/_plugins/svg_mime_type.rb b/website/_plugins/svg_mime_type.rb deleted file mode 100644 index ad6bb6480..000000000 --- a/website/_plugins/svg_mime_type.rb +++ /dev/null @@ -1,3 +0,0 @@ -require 'webrick' -include WEBrick -WEBrick::HTTPUtils::DefaultMimeTypes.store 'svg', 'image/svg+xml' diff --git a/website/_sass/footer.scss b/website/_sass/footer.scss deleted file mode 100644 index ec2ba5e20..000000000 --- a/website/_sass/footer.scss +++ /dev/null @@ -1,15 +0,0 @@ -.footer { - margin-top: 40px; - background-color: #222; - color: #fff; - padding: 20px; - - a { - color: $inverse-link-color; - - &:hover, - &:focus { - color: $inverse-link-hover-color; - } - } -} diff --git a/website/_sass/front.scss b/website/_sass/front.scss deleted file mode 100644 index f1b060560..000000000 --- a/website/_sass/front.scss +++ /dev/null @@ -1,17 +0,0 @@ -.jumbotron { - background-image: url(/assets/images/background_1080p.jpg); - background-position: center; - background-repeat: no-repeat; - background-size: cover; - background-blend-mode: darken; - background-color: rgba(0, 0, 0, 0.3); - - p { - color: #fff; - margin-top: 0; - margin-bottom: 0; - font-weight: 300; - font-size: 24px; - line-height: 30px; - } -} diff --git a/website/_sass/navbar.scss b/website/_sass/navbar.scss deleted file mode 100644 index 65bc573ac..000000000 --- a/website/_sass/navbar.scss +++ /dev/null @@ -1,26 +0,0 @@ -.navbar-inverse { - background-color: $primary; - border-bottom: 1px solid $primary; - - .navbar-brand > a { - color: #fff; - - &:focus, - &:hover { - color: #fff; - } - } - - .navbar-nav > li > a { - color: $inverse-link-color; - - &:focus, - &:hover { - color: $inverse-link-hover-color; - } - } - - .navbar-nav .nav-icon { - font-size: 18px; - } -} diff --git a/website/_sass/sidebar.scss b/website/_sass/sidebar.scss deleted file mode 100644 index f4ca05df9..000000000 --- a/website/_sass/sidebar.scss +++ /dev/null @@ -1,61 +0,0 @@ -$sidebar-border-color: #fff; -$sidebar-hover-border-color: #66bb6a; - -.sidebar { - margin-top: 40px; - - ul.sidebar-nav { - list-style-type: none; - padding: 0; - transition: height 0.01s; - - li { - &.sidebar-nav-heading { - padding: 10px 0; - margin: 0; - display: block; - font-size: 16px; - font-weight: 300; - } - - a { - padding: 4px 0; - display: block; - border-right: 2px solid $sidebar-border-color; - - &:focus { - text-decoration: none; - } - - .caret { - float: right; - margin-top: 8px; - margin-right: 10px; - } - } - - &.active { - a { - border-left: 2px solid $sidebar-hover-border-color; - padding-left: 6px; - } - } - } - - ul.sidebar-nav { - padding-left: 10px; - } - } -} - -@media (min-width: 992px) { - .sidebar-toggle { - display: none; - } - - .sidebar { - &.collapse { - display: block; - } - } -} diff --git a/website/_sass/style.scss b/website/_sass/style.scss deleted file mode 100644 index 4deb945d4..000000000 --- a/website/_sass/style.scss +++ /dev/null @@ -1,154 +0,0 @@ -$primary: #262362; -$secondary: #fff; -$link-color: #286fd7; -$inverse-link-color: #fff; - -$link-hover-color: darken($link-color, 10%); -$inverse-link-hover-color: darken($inverse-link-color, 10%); - -$text-color: #444; - -$body-font-family: 'Roboto', 'Helvetica Neue', Helvetica, Arial, sans-serif; -$code-font-family: 'Source Code Pro', monospace; - -html { - position: relative; - min-height: 100%; -} - -body { - color: $text-color; - font-family: $body-font-family; - padding-top: 40px; -} - -a { - color: $link-color; - - &:hover, - &:focus { - color: $link-hover-color; - text-decoration: none; - } - - code { - color: $link-color; - } -} - -h1, -h2, -h3, -h4, -h5, -h6 { - color: $text-color; - font-weight: 400; -} - -h1 code, -h2 code, -h3 code, -h4 code, -h5 code, -h6 code { - color: $text-color; - background: transparent; -} - -h1 { - font-size: 30px; - margin-top: 40px; - margin-bottom: 40px; -} - -h2 { - font-size: 24px; - margin-top: 30px; - margin-bottom: 30px; - - code { - font-size: 24px; - } -} - -h3 { - font-size: 20px; - margin-top: 24px; - margin-bottom: 24px; - - code { - font-size: 20px; - } -} - -h4 { - font-size: 18px; - margin-top: 20px; - margin-bottom: 20px; - - code { - font-size: 18px; - } -} - -p, -li { - font-size: 14px; - line-height: 22px; -} - -code { - font-family: $code-font-family; - font-size: 13px; -} - -.btn { - color: $text-color; - background-color: $inverse-link-color; -} - -.btn-inverse { - color: $text-color; - background-color: #fff; -} - -.well { - box-shadow: none; -} - -table { - width: 100%; -} - -table td, -table th { - border: 1px solid #ddd; - padding: 8px; -} - -table tr:nth-child(even) { - background-color: #eee; -} - -table th { - padding-top: 12px; - padding-bottom: 12px; - background-color: $primary; - color: $secondary; -} - -.blog-meta { - margin-top: 10px; - margin-bottom: 20px; -} - -.docs-content * img { - display: block; - margin: 20px auto; -} - -.blog-content * img { - display: block; - margin: 20px auto; -} diff --git a/website/archive.key b/website/archive.key deleted file mode 100644 index 8946884a7..000000000 --- a/website/archive.key +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBF0meAYBEACcBYPOSBiKtid+qTQlbgKGPxUYt0cNZiQqWXylhYUT4PuNlNx5 -s+sBLFvNTpdTrXMmZ8NkekyjD1HardWvebvJT4u+Ho/9jUr4rP71cNwNtocz/w8G -DsUXSLgH8SDkq6xw0L+5eGc78BBg9cOeBeFBm3UPgxTBXS9Zevoi2w1lzSxkXvjx -cGzltzMZfPXERljgLzp9AAfhg/2ouqVQm37fY+P/NDzFMJ1XHPIIp9KJl/prBVud -jJJteFZ5sgL6MwjBQq2kw+q2Jb8Zfjl0BeXDgGMN5M5lGhX2wTfiMbfo7KWyzRnB -RpSP3BxlLqYeQUuLG5Yx8z3oA3uBkuKaFOKvXtiScxmGM/+Ri2YM3m66imwDhtmP -AKwTPI3Re4gWWOffglMVSv2sUAY32XZ74yXjY1VhK3bN3WFUPGrgQx4X7GP0A1Te -lzqkT3VSMXieImTASosK5L5Q8rryvgCeI9tQLn9EpYFCtU3LXvVgTreGNEEjMOnL -dR7yOU+Fs775stn6ucqmdYarx7CvKUrNAhgEeHMonLe1cjYScF7NfLO1GIrQKJR2 -DE0f+uJZ52inOkO8ufh3WVQJSYszuS3HCY7w5oj1aP38k/y9zZdZvVvwAWZaiqBQ -iwjVs6Kub76VVZZhRDf4iYs8k1Zh64nXdfQt250d8U5yMPF3wIJ+c1yhxwARAQAB -tCpUaGUgZ1Zpc29yIEF1dGhvcnMgPGd2aXNvci1ib3RAZ29vZ2xlLmNvbT6JAk4E -EwEKADgCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQRvHfheOnHCSRjnJ9Vv -xtVU4yvZQwUCYO4TxQAKCRBvxtVU4yvZQ9UoEACLPV7CnEA2bjCPi0NCWB/Mo1WL -evqv7Wv7vmXzI1K9DrqOhxuamQW75SVXg1df0hTJWbKFmDAip6NEC2Rg5P+A8hHj -nW/VG+q4ZFT662jDhnXQiO9L7EZzjyqNF4yWYzzgnqEu/SmGkDLDYiUCcGBqS2oE -EQfk7RHJSLMJXAnNDH7OUDgrirSssg/dlQ5uAHA9Au80VvC5fsTKza8b3Aydw3SV -iB8/Yuikbl8wKbpSGiXtR4viElXjNips0+mBqaUk2xpqSBrsfN+FezcInVXaXFeq -xtpq2/3M3DYbqCRjqeyd9wNi92FHdOusNrK4MYe0pAYbGjc65BwH+F0T4oJ8ZSJV -lIt+FZ0MqM1T97XadybYFsJh8qvajQpZEPL+zzNncc4f1d80e7+lwIZV/al0FZWW -Zlp7TpbeO/uW+lHs5W14YKwaQVh1whapKXTrATipNOOSCw2hnfrT8V7Hy55QWaGZ -f4/kfy929EeCP16d/LqOClv0j0RBr6NhRBQ0l/BE/mXjJwIk6nKwi+Yi4ek1ARi6 -AlCMLn9AZF7aTGpvCiftzIrlyDfVZT5IX03TayxRHZ4b1Rj8eyJaHcjI49u83gkr -4LGX08lEawn9nxFSx4RCg2swGiYw5F436wwwAIozqJuDASeTa3QND3au5v0oYWnl -umDySUl5wPaAaALgzA== -=5/8T ------END PGP PUBLIC KEY BLOCK----- diff --git a/website/assets/favicons/apple-touch-icon-180x180.png b/website/assets/favicons/apple-touch-icon-180x180.png Binary files differdeleted file mode 100644 index bf4b6ce9b..000000000 --- a/website/assets/favicons/apple-touch-icon-180x180.png +++ /dev/null diff --git a/website/assets/favicons/favicon-16x16.png b/website/assets/favicons/favicon-16x16.png Binary files differdeleted file mode 100644 index 083264206..000000000 --- a/website/assets/favicons/favicon-16x16.png +++ /dev/null diff --git a/website/assets/favicons/favicon-32x32.png b/website/assets/favicons/favicon-32x32.png Binary files differdeleted file mode 100644 index b8e4caff1..000000000 --- a/website/assets/favicons/favicon-32x32.png +++ /dev/null diff --git a/website/assets/favicons/favicon.ico b/website/assets/favicons/favicon.ico Binary files differdeleted file mode 100644 index 9238b79d9..000000000 --- a/website/assets/favicons/favicon.ico +++ /dev/null diff --git a/website/assets/favicons/pwa-192x192.png b/website/assets/favicons/pwa-192x192.png Binary files differdeleted file mode 100644 index 5d2fab785..000000000 --- a/website/assets/favicons/pwa-192x192.png +++ /dev/null diff --git a/website/assets/favicons/pwa-512x512.png b/website/assets/favicons/pwa-512x512.png Binary files differdeleted file mode 100644 index 23824439e..000000000 --- a/website/assets/favicons/pwa-512x512.png +++ /dev/null diff --git a/website/assets/favicons/tile150x150.png b/website/assets/favicons/tile150x150.png Binary files differdeleted file mode 100644 index f76fcffae..000000000 --- a/website/assets/favicons/tile150x150.png +++ /dev/null diff --git a/website/assets/favicons/tile310x150.png b/website/assets/favicons/tile310x150.png Binary files differdeleted file mode 100644 index 4f87e4c12..000000000 --- a/website/assets/favicons/tile310x150.png +++ /dev/null diff --git a/website/assets/favicons/tile310x310.png b/website/assets/favicons/tile310x310.png Binary files differdeleted file mode 100644 index a2926d0bd..000000000 --- a/website/assets/favicons/tile310x310.png +++ /dev/null diff --git a/website/assets/favicons/tile70x70.png b/website/assets/favicons/tile70x70.png Binary files differdeleted file mode 100644 index 96cc69fc4..000000000 --- a/website/assets/favicons/tile70x70.png +++ /dev/null diff --git a/website/assets/images/2019-11-18-security-basics-figure1.png b/website/assets/images/2019-11-18-security-basics-figure1.png Binary files differdeleted file mode 100644 index 2a8134a7a..000000000 --- a/website/assets/images/2019-11-18-security-basics-figure1.png +++ /dev/null diff --git a/website/assets/images/2019-11-18-security-basics-figure2.png b/website/assets/images/2019-11-18-security-basics-figure2.png Binary files differdeleted file mode 100644 index f8b416e1d..000000000 --- a/website/assets/images/2019-11-18-security-basics-figure2.png +++ /dev/null diff --git a/website/assets/images/2019-11-18-security-basics-figure3.png b/website/assets/images/2019-11-18-security-basics-figure3.png Binary files differdeleted file mode 100644 index 833e3e2b5..000000000 --- a/website/assets/images/2019-11-18-security-basics-figure3.png +++ /dev/null diff --git a/website/assets/images/2020-04-02-networking-security-figure1.png b/website/assets/images/2020-04-02-networking-security-figure1.png Binary files differdeleted file mode 100644 index b49cb0242..000000000 --- a/website/assets/images/2020-04-02-networking-security-figure1.png +++ /dev/null diff --git a/website/assets/images/2020-09-18-containing-a-real-vulnerability-figure1.png b/website/assets/images/2020-09-18-containing-a-real-vulnerability-figure1.png Binary files differdeleted file mode 100644 index c750f0851..000000000 --- a/website/assets/images/2020-09-18-containing-a-real-vulnerability-figure1.png +++ /dev/null diff --git a/website/assets/images/2021-08-31-rack-figure1.png b/website/assets/images/2021-08-31-rack-figure1.png Binary files differdeleted file mode 100644 index 6d9fdb147..000000000 --- a/website/assets/images/2021-08-31-rack-figure1.png +++ /dev/null diff --git a/website/assets/images/2021-08-31-rack-figure2.png b/website/assets/images/2021-08-31-rack-figure2.png Binary files differdeleted file mode 100644 index c2043ecae..000000000 --- a/website/assets/images/2021-08-31-rack-figure2.png +++ /dev/null diff --git a/website/assets/images/2021-08-31-rack-figure3.png b/website/assets/images/2021-08-31-rack-figure3.png Binary files differdeleted file mode 100644 index e8b689f33..000000000 --- a/website/assets/images/2021-08-31-rack-figure3.png +++ /dev/null diff --git a/website/assets/images/background.jpg b/website/assets/images/background.jpg Binary files differdeleted file mode 100644 index 81f8e332b..000000000 --- a/website/assets/images/background.jpg +++ /dev/null diff --git a/website/assets/images/background_1080p.jpg b/website/assets/images/background_1080p.jpg Binary files differdeleted file mode 100644 index d312595a6..000000000 --- a/website/assets/images/background_1080p.jpg +++ /dev/null diff --git a/website/assets/logos/Makefile b/website/assets/logos/Makefile deleted file mode 100644 index 49289ecc1..000000000 --- a/website/assets/logos/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/make -f - -srcs := $(wildcard *.svg) -dsts := $(patsubst %.svg,%.png,$(srcs)) - -all: $(dsts) -.PHONY: all - -%.png %-16.png %-128.png %-1024.png: %.svg - @inkscape -z -e $*.png $< - @inkscape -z -w 16 -e $*-16.png $< - @inkscape -z -w 128 -e $*-128.png $< - @inkscape -z -w 1024 -e $*-1024.png $< diff --git a/website/assets/logos/README.md b/website/assets/logos/README.md deleted file mode 100644 index 2964982dd..000000000 --- a/website/assets/logos/README.md +++ /dev/null @@ -1,10 +0,0 @@ -# Logos - -This directory contains logo assets. - -The colors used are: - -* Background (blue): #262262 -* Highlight (yellow): #FBB03B - -Use `make` to generate sized PNGs from SVGs. diff --git a/website/assets/logos/logo_solo_monochrome.png b/website/assets/logos/logo_solo_monochrome.png Binary files differdeleted file mode 100644 index e09c5ad5e..000000000 --- a/website/assets/logos/logo_solo_monochrome.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_monochrome.svg b/website/assets/logos/logo_solo_monochrome.svg deleted file mode 100644 index 73126fd8f..000000000 --- a/website/assets/logos/logo_solo_monochrome.svg +++ /dev/null @@ -1,73 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="175.35599" - height="193.20036" - viewBox="0 0 175.35599 193.20036" - sodipodi:docname="logo_solo_monochrome.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath20"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path18" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="640" - inkscape:window-height="480" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.43085925" - inkscape:cx="374.99057" - inkscape:cy="88.483321" - inkscape:window-x="0" - inkscape:window-y="9" - inkscape:window-maximized="0" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-614.45037,638.9628)"><g - id="g48" - transform="translate(548.2423,363.2485)"><path - d="m 0,0 c 16.655,21.121 22.696,44.433 18.328,70.995 3.068,0 5.743,-0.023 8.417,0.007 2.222,0.025 4.443,0.102 6.664,0.175 4.79,0.154 4.818,0.165 5.88,-4.582 3.145,-14.051 2.18,-28.09 -0.179,-42.118 -0.25,-1.492 -0.7,-2.956 -0.864,-4.454 C 37.05,9.081 30.089,3.645 20.165,1.097 13.787,-0.54 7.323,-0.829 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path50" - inkscape:connector-curvature="0" /></g><g - id="g52" - transform="translate(544.6891,396.1763)"><path - d="M 0,0 C 0,2.594 -3.457,4.322 -3.457,4.322 -0.864,5.187 0,8.644 0,8.644 0,8.644 0.865,5.187 3.458,4.322 3.458,4.322 0,2.594 0,0 m -17.099,6.454 c 0,6.742 -8.989,11.236 -8.989,11.236 6.742,2.248 8.989,11.238 8.989,11.238 0,0 2.247,-8.99 8.99,-11.238 0,0 -8.99,-4.494 -8.99,-11.236" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path54" - inkscape:connector-curvature="0" /></g><g - id="g56" - transform="translate(485.0861,429.7925)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.579 -4.53,-4.616 -1.515,-0.933 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.057 -1.539,0.17 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.213 1.175,2.82 1.784,6.162 1.81,9.936 -0.049,3.718 -0.683,7.054 -1.886,9.902 -0.703,1.654 -1.585,3.056 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.126 0.998,0.196 1.539,0.209 h 0.031 l 1.688,-0.153 c 1.045,-0.206 2.104,-0.616 3.061,-1.185 1.755,-1.031 3.302,-2.567 4.598,-4.565 2.155,-3.374 3.315,-7.536 3.357,-12.042 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.05 -0.226,0.136 -0.541,0.327 -1.113,0.603 -1.715,0.815 -3.044,1.241 -9.881,3.186 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.922 30.022,10.922 c 0,0 1.439,1.761 3.453,3.692 10e-4,0 10e-4,10e-4 0.002,10e-4 1.052,0.974 2.355,2.076 3.912,3.227 0.046,0.031 0.088,0.063 0.124,0.093 8.708,6.384 25.34,14.163 51.625,9.541 -0.989,1.124 -2.002,2.192 -3.036,3.215 -1.112,0.883 -2.231,1.693 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.867 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 -9.29,25.193 -9.841,24.479 -10.376,23.77 c -0.065,-0.099 -0.141,-0.202 -0.226,-0.307 -1.182,-1.581 -2.271,-3.14 -3.279,-4.674 -3.266,-5.427 -5.631,-11.665 -6.311,-13.545 -10.58,-32.401 2.586,-57.55 5.144,-61.967 8.93,-15.158 24.565,-32.355 50.771,-37.327 0.197,-0.047 0.382,-0.101 0.582,-0.147 1.723,-0.367 4.864,-0.929 8.908,-1.196 1.524,-0.069 3.088,-0.094 4.699,-0.067 1.548,-0.009 2.999,0.017 4.335,0.064 0.396,0.028 0.74,0.041 1.044,0.044 5.102,0.238 8.272,0.775 8.272,0.775 -26.543,1.299 -39.847,13.409 -45.691,21.142 -1.325,1.648 -2.46,3.42 -3.377,5.316 -0.361,0.71 -0.523,1.115 -0.523,1.115 8.459,-7.181 20.294,-13.362 20.294,-13.362 10.611,-4.993 21.737,-7.451 33.524,-5.837 0,0 24.645,2.263 34.464,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.652,-0.526 -1.294,-1.023 -1.926,-1.496 -0.991,-0.651 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.128 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.352 -11.944,24.291 -0.124,6.465 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.947,4.193 3.174,0.073 5.981,0.037 7.458,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.461 -0.617,9.27 -4.29,11.624" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path58" - inkscape:connector-curvature="0" /></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_solo_on_dark-1024.png b/website/assets/logos/logo_solo_on_dark-1024.png Binary files differdeleted file mode 100644 index 6df428c65..000000000 --- a/website/assets/logos/logo_solo_on_dark-1024.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark-128.png b/website/assets/logos/logo_solo_on_dark-128.png Binary files differdeleted file mode 100644 index 78a85475f..000000000 --- a/website/assets/logos/logo_solo_on_dark-128.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark-16.png b/website/assets/logos/logo_solo_on_dark-16.png Binary files differdeleted file mode 100644 index 4f1e91c02..000000000 --- a/website/assets/logos/logo_solo_on_dark-16.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark.png b/website/assets/logos/logo_solo_on_dark.png Binary files differdeleted file mode 100644 index da20756f7..000000000 --- a/website/assets/logos/logo_solo_on_dark.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark.svg b/website/assets/logos/logo_solo_on_dark.svg deleted file mode 100644 index ae8d9e879..000000000 --- a/website/assets/logos/logo_solo_on_dark.svg +++ /dev/null @@ -1,73 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="175.35599" - height="193.19984" - viewBox="0 0 175.35599 193.19985" - sodipodi:docname="logo_solo_on_dark.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title /></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath20"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path18" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="1278" - inkscape:window-height="699" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.8617185" - inkscape:cx="257.20407" - inkscape:cy="172.193" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="1" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-614.45037,638.96254)"><g - id="g48" - transform="translate(548.2423,363.2484)"><path - d="m 0,0 c 16.655,21.121 22.696,44.434 18.328,70.995 3.068,0 5.743,-0.023 8.417,0.007 2.222,0.025 4.443,0.102 6.664,0.175 4.79,0.154 4.818,0.165 5.88,-4.582 3.145,-14.05 2.18,-28.089 -0.179,-42.118 -0.25,-1.492 -0.7,-2.956 -0.864,-4.454 C 37.05,9.081 30.089,3.645 20.165,1.097 13.787,-0.54 7.323,-0.829 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path50" - inkscape:connector-curvature="0" /></g><g - id="g52" - transform="translate(544.6891,396.1771)"><path - d="M 0,0 C 0,2.593 -3.457,4.321 -3.457,4.321 -0.864,5.186 0,8.644 0,8.644 0,8.644 0.865,5.186 3.458,4.321 3.458,4.321 0,2.593 0,0 m -17.099,6.453 c 0,6.742 -8.989,11.237 -8.989,11.237 6.742,2.247 8.989,11.237 8.989,11.237 0,0 2.247,-8.99 8.99,-11.237 0,0 -8.99,-4.495 -8.99,-11.237" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path54" - inkscape:connector-curvature="0" /></g><g - id="g56" - transform="translate(485.0861,429.7923)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.578 -4.53,-4.615 -1.515,-0.934 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.056 -1.539,0.169 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.214 1.175,2.819 1.784,6.161 1.81,9.935 -0.049,3.719 -0.683,7.054 -1.886,9.902 -0.703,1.655 -1.585,3.057 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.127 0.998,0.196 1.539,0.209 l 0.031,10e-4 1.688,-0.154 c 1.045,-0.206 2.104,-0.615 3.061,-1.184 1.755,-1.032 3.302,-2.568 4.598,-4.565 2.155,-3.374 3.315,-7.537 3.357,-12.043 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.051 -0.226,0.137 -0.541,0.326 -1.113,0.602 -1.715,0.814 -3.044,1.241 -9.881,3.187 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.923 30.022,10.923 c 0,0 1.439,1.76 3.453,3.691 10e-4,10e-4 10e-4,10e-4 0.002,0.002 1.052,0.973 2.355,2.076 3.912,3.226 0.046,0.032 0.088,0.063 0.124,0.094 8.708,6.383 25.34,14.162 51.625,9.54 -0.989,1.124 -2.002,2.193 -3.036,3.215 -1.112,0.884 -2.231,1.694 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.868 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 c -0.571,-0.718 -1.122,-1.431 -1.657,-2.14 -0.065,-0.1 -0.141,-0.202 -0.226,-0.307 -1.182,-1.582 -2.271,-3.141 -3.279,-4.674 -3.266,-5.427 -5.631,-11.666 -6.311,-13.546 -10.58,-32.401 2.586,-57.549 5.144,-61.967 8.93,-15.157 24.565,-32.355 50.771,-37.327 0.197,-0.046 0.382,-0.101 0.582,-0.146 1.723,-0.367 4.864,-0.929 8.908,-1.197 1.524,-0.069 3.088,-0.094 4.699,-0.066 1.548,-0.01 2.999,0.017 4.335,0.064 0.396,0.027 0.74,0.041 1.044,0.044 5.102,0.237 8.272,0.774 8.272,0.774 -26.543,1.3 -39.847,13.41 -45.691,21.142 -1.325,1.648 -2.46,3.421 -3.377,5.316 -0.361,0.711 -0.523,1.115 -0.523,1.115 8.459,-7.18 20.294,-13.361 20.294,-13.361 10.611,-4.993 21.737,-7.452 33.524,-5.838 0,0 24.645,2.264 34.464,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.652,-0.526 -1.294,-1.022 -1.926,-1.496 -0.991,-0.65 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.127 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.353 -11.944,24.291 -0.124,6.466 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.947,4.193 3.174,0.074 5.981,0.037 7.458,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.462 -0.617,9.27 -4.29,11.624" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path58" - inkscape:connector-curvature="0" /></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_solo_on_dark_full-1024.png b/website/assets/logos/logo_solo_on_dark_full-1024.png Binary files differdeleted file mode 100644 index 8d597dd3d..000000000 --- a/website/assets/logos/logo_solo_on_dark_full-1024.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark_full-128.png b/website/assets/logos/logo_solo_on_dark_full-128.png Binary files differdeleted file mode 100644 index fe6dd5dea..000000000 --- a/website/assets/logos/logo_solo_on_dark_full-128.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark_full-16.png b/website/assets/logos/logo_solo_on_dark_full-16.png Binary files differdeleted file mode 100644 index f9aa7dfdd..000000000 --- a/website/assets/logos/logo_solo_on_dark_full-16.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark_full.png b/website/assets/logos/logo_solo_on_dark_full.png Binary files differdeleted file mode 100644 index 611b0565e..000000000 --- a/website/assets/logos/logo_solo_on_dark_full.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_dark_full.svg b/website/assets/logos/logo_solo_on_dark_full.svg deleted file mode 100644 index 6440835b1..000000000 --- a/website/assets/logos/logo_solo_on_dark_full.svg +++ /dev/null @@ -1,79 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="246.17325" - height="246.17325" - viewBox="0 0 246.17325 246.17326" - sodipodi:docname="logo_solo_on_dark_full.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title /></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath20"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path18" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="1278" - inkscape:window-height="699" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.8617185" - inkscape:cx="291.21659" - inkscape:cy="198.28704" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="1" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-580.43785,665.8419)"><circle - id="path83" - cx="527.64337" - cy="-407.06647" - r="92.314972" - transform="scale(1,-1)" - style="fill:#262262;fill-opacity:1;stroke-width:0.48076925" /><g - id="g48" - transform="translate(548.2423,363.2484)"><path - d="m 0,0 c 16.655,21.121 22.696,44.434 18.328,70.995 3.068,0 5.743,-0.023 8.417,0.007 2.222,0.025 4.443,0.102 6.664,0.175 4.79,0.154 4.818,0.165 5.88,-4.582 3.145,-14.05 2.18,-28.089 -0.179,-42.118 -0.25,-1.492 -0.7,-2.956 -0.864,-4.454 C 37.05,9.081 30.089,3.645 20.165,1.097 13.787,-0.54 7.323,-0.829 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path50" - inkscape:connector-curvature="0" /></g><g - id="g52" - transform="translate(544.6891,396.1771)"><path - d="M 0,0 C 0,2.593 -3.457,4.321 -3.457,4.321 -0.864,5.186 0,8.644 0,8.644 0,8.644 0.865,5.186 3.458,4.321 3.458,4.321 0,2.593 0,0 m -17.099,6.453 c 0,6.742 -8.989,11.237 -8.989,11.237 6.742,2.247 8.989,11.237 8.989,11.237 0,0 2.247,-8.99 8.99,-11.237 0,0 -8.99,-4.495 -8.99,-11.237" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path54" - inkscape:connector-curvature="0" /></g><g - id="g56" - transform="translate(485.0861,429.7923)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.578 -4.53,-4.615 -1.515,-0.934 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.056 -1.539,0.169 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.214 1.175,2.819 1.784,6.161 1.81,9.935 -0.049,3.719 -0.683,7.054 -1.886,9.902 -0.703,1.655 -1.585,3.057 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.127 0.998,0.196 1.539,0.209 l 0.031,10e-4 1.688,-0.154 c 1.045,-0.206 2.104,-0.615 3.061,-1.184 1.755,-1.032 3.302,-2.568 4.598,-4.565 2.155,-3.374 3.315,-7.537 3.357,-12.043 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.051 -0.226,0.137 -0.541,0.326 -1.113,0.602 -1.715,0.814 -3.044,1.241 -9.881,3.187 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.923 30.022,10.923 c 0,0 1.439,1.76 3.453,3.691 10e-4,10e-4 10e-4,10e-4 0.002,0.002 1.052,0.973 2.355,2.076 3.912,3.226 0.046,0.032 0.088,0.063 0.124,0.094 8.708,6.383 25.34,14.162 51.625,9.54 -0.989,1.124 -2.002,2.193 -3.036,3.215 -1.112,0.884 -2.231,1.694 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.868 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 c -0.571,-0.718 -1.122,-1.431 -1.657,-2.14 -0.065,-0.1 -0.141,-0.202 -0.226,-0.307 -1.182,-1.582 -2.271,-3.141 -3.279,-4.674 -3.266,-5.427 -5.631,-11.666 -6.311,-13.546 -10.58,-32.401 2.586,-57.549 5.144,-61.967 8.93,-15.157 24.565,-32.355 50.771,-37.327 0.197,-0.046 0.382,-0.101 0.582,-0.146 1.723,-0.367 4.864,-0.929 8.908,-1.197 1.524,-0.069 3.088,-0.094 4.699,-0.066 1.548,-0.01 2.999,0.017 4.335,0.064 0.396,0.027 0.74,0.041 1.044,0.044 5.102,0.237 8.272,0.774 8.272,0.774 -26.543,1.3 -39.847,13.41 -45.691,21.142 -1.325,1.648 -2.46,3.421 -3.377,5.316 -0.361,0.711 -0.523,1.115 -0.523,1.115 8.459,-7.18 20.294,-13.361 20.294,-13.361 10.611,-4.993 21.737,-7.452 33.524,-5.838 0,0 24.645,2.264 34.464,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.652,-0.526 -1.294,-1.022 -1.926,-1.496 -0.991,-0.65 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.127 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.353 -11.944,24.291 -0.124,6.466 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.947,4.193 3.174,0.074 5.981,0.037 7.458,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.462 -0.617,9.27 -4.29,11.624" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path58" - inkscape:connector-curvature="0" /></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_solo_on_white.png b/website/assets/logos/logo_solo_on_white.png Binary files differdeleted file mode 100644 index ca539cdff..000000000 --- a/website/assets/logos/logo_solo_on_white.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_white.svg b/website/assets/logos/logo_solo_on_white.svg deleted file mode 100644 index d794ad8e7..000000000 --- a/website/assets/logos/logo_solo_on_white.svg +++ /dev/null @@ -1,73 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="175.35599" - height="193.20036" - viewBox="0 0 175.35599 193.20037" - sodipodi:docname="logo_solo_on_white.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath18"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path16" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="640" - inkscape:window-height="480" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.43085925" - inkscape:cx="370.53985" - inkscape:cy="50.91009" - inkscape:window-x="0" - inkscape:window-y="9" - inkscape:window-maximized="0" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-614.45037,638.9628)"><g - id="g46" - transform="translate(548.2428,363.2485)"><path - d="m 0,0 c 16.655,21.121 22.696,44.433 18.328,70.995 3.068,0 5.742,-0.023 8.417,0.007 2.221,0.025 4.442,0.102 6.663,0.175 4.79,0.154 4.818,0.165 5.881,-4.582 C 42.434,52.544 41.469,38.505 39.11,24.477 38.859,22.985 38.409,21.521 38.246,20.023 37.05,9.081 30.089,3.645 20.164,1.097 13.786,-0.54 7.323,-0.829 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path48" - inkscape:connector-curvature="0" /></g><g - id="g50" - transform="translate(544.6891,396.1763)"><path - d="M 0,0 C 0,2.594 -3.457,4.322 -3.457,4.322 -0.864,5.187 0,8.644 0,8.644 0,8.644 0.865,5.187 3.458,4.322 3.458,4.322 0,2.594 0,0 m -17.099,6.454 c 0,6.742 -8.989,11.236 -8.989,11.236 6.742,2.248 8.989,11.238 8.989,11.238 0,0 2.248,-8.99 8.99,-11.238 0,0 -8.99,-4.494 -8.99,-11.236" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path52" - inkscape:connector-curvature="0" /></g><g - id="g54" - transform="translate(485.0861,429.7925)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.579 -4.53,-4.616 -1.515,-0.933 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.057 -1.539,0.17 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.213 1.175,2.82 1.784,6.162 1.81,9.936 -0.049,3.718 -0.683,7.054 -1.886,9.902 -0.703,1.654 -1.585,3.056 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.126 0.998,0.196 1.539,0.209 h 0.031 l 1.688,-0.153 c 1.045,-0.206 2.104,-0.616 3.061,-1.185 1.755,-1.031 3.302,-2.567 4.598,-4.565 2.155,-3.374 3.315,-7.536 3.357,-12.042 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.05 -0.226,0.136 -0.541,0.327 -1.113,0.603 -1.715,0.815 -3.044,1.241 -9.881,3.186 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.922 30.022,10.922 c 0,0 1.439,1.761 3.453,3.692 10e-4,0 10e-4,10e-4 0.002,10e-4 1.052,0.974 2.355,2.076 3.912,3.227 0.046,0.031 0.088,0.063 0.124,0.093 8.708,6.384 25.341,14.163 51.625,9.541 -0.989,1.124 -2.002,2.192 -3.036,3.215 -1.112,0.883 -2.231,1.693 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.867 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 -9.29,25.193 -9.841,24.479 -10.376,23.77 c -0.065,-0.099 -0.141,-0.202 -0.226,-0.307 -1.182,-1.581 -2.271,-3.14 -3.279,-4.674 -3.266,-5.427 -5.631,-11.665 -6.311,-13.545 -10.58,-32.401 2.586,-57.55 5.144,-61.967 8.93,-15.158 24.565,-32.355 50.771,-37.327 0.197,-0.047 0.382,-0.101 0.582,-0.147 1.723,-0.367 4.864,-0.929 8.908,-1.196 1.524,-0.069 3.088,-0.094 4.699,-0.067 1.548,-0.009 2.999,0.017 4.335,0.064 0.396,0.028 0.74,0.041 1.044,0.044 5.102,0.238 8.272,0.775 8.272,0.775 -26.542,1.299 -39.847,13.409 -45.691,21.142 -1.325,1.648 -2.46,3.42 -3.377,5.316 -0.361,0.71 -0.523,1.115 -0.523,1.115 8.459,-7.181 20.294,-13.362 20.294,-13.362 10.611,-4.993 21.737,-7.451 33.525,-5.837 0,0 24.644,2.263 34.463,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.651,-0.526 -1.294,-1.023 -1.926,-1.496 -0.991,-0.651 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.128 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.352 -11.944,24.291 -0.124,6.465 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.948,4.193 3.173,0.073 5.98,0.037 7.457,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.461 -0.617,9.27 -4.29,11.624" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path56" - inkscape:connector-curvature="0" /></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_solo_on_white_bordered-1024.png b/website/assets/logos/logo_solo_on_white_bordered-1024.png Binary files differdeleted file mode 100644 index 62bb88d50..000000000 --- a/website/assets/logos/logo_solo_on_white_bordered-1024.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_white_bordered-128.png b/website/assets/logos/logo_solo_on_white_bordered-128.png Binary files differdeleted file mode 100644 index a8988766c..000000000 --- a/website/assets/logos/logo_solo_on_white_bordered-128.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_white_bordered-16.png b/website/assets/logos/logo_solo_on_white_bordered-16.png Binary files differdeleted file mode 100644 index a545c49cf..000000000 --- a/website/assets/logos/logo_solo_on_white_bordered-16.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_white_bordered.png b/website/assets/logos/logo_solo_on_white_bordered.png Binary files differdeleted file mode 100644 index cc99b7c51..000000000 --- a/website/assets/logos/logo_solo_on_white_bordered.png +++ /dev/null diff --git a/website/assets/logos/logo_solo_on_white_bordered.svg b/website/assets/logos/logo_solo_on_white_bordered.svg deleted file mode 100644 index 2e26f144a..000000000 --- a/website/assets/logos/logo_solo_on_white_bordered.svg +++ /dev/null @@ -1,82 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="190.7361" - height="207.92123" - viewBox="0 0 190.7361 207.92124" - sodipodi:docname="logo_solo_on_white_bordered.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath18"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path16" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="640" - inkscape:window-height="480" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.609327" - inkscape:cx="298.55736" - inkscape:cy="108.65533" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="0" - inkscape:current-layer="g14" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-612.10927,647.00852)"><g - id="g12"><g - id="g14" - clip-path="url(#clipPath18)"><g - id="g46" - transform="translate(594.4321,453.1439)"><path - d="m 0,0 c 0,0 -0.204,0.139 -0.45,0.277 -0.906,0.547 -1.856,1 -2.744,1.321 -1.685,0.679 -3.62,1.262 -5.761,1.738 l -2.063,2.533 c -1.793,2.283 -6.09,7.358 -13.132,13.334 -8.142,6.209 -24.212,15.045 -47.595,12.442 -4.578,-0.444 -9.077,-1.318 -13.368,-2.597 l -0.232,-0.068 c -12.978,-3.918 -24.155,-11.512 -33.24,-22.601 -0.6,-0.754 -1.179,-1.504 -1.783,-2.307 l -0.134,-0.191 -0.062,-0.074 c -1.194,-1.596 -2.36,-3.258 -3.485,-4.969 l -0.125,-0.198 c -3.559,-5.915 -6.126,-12.72 -6.85,-14.73 -11.284,-34.556 2.735,-61.502 5.669,-66.567 8.482,-14.4 23.945,-32.461 50.005,-38.975 1.42,-0.354 2.872,-0.676 4.356,-0.96 0.016,-0.004 0.036,-0.009 0.053,-0.013 6.537,-1.118 16.647,-1.928 29.969,-0.317 3.21,0.621 8.236,2.535 8.646,8.445 2.209,0.842 10.261,3.812 10.261,3.812 8.572,3.874 18.586,11.106 24.334,24.546 1.21,2.83 0.277,6.128 -2.171,7.994 l -0.202,0.152 c 0.639,1.557 1.125,3.209 1.488,4.93 l 0.019,0.009 c 0,0 0.063,0.325 0.164,0.854 0.013,0.073 0.028,0.144 0.041,0.215 0.402,2.114 1.294,6.91 1.719,10.035 0.02,0.149 0.029,0.268 0.033,0.371 2.136,14.686 2.099,26.608 -0.156,37.847 1.443,0.114 2.672,1.095 3.106,2.477 l 0.655,2.086 C 9.188,-12.066 6.243,-4.003 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path48" - inkscape:connector-curvature="0" /></g><g - id="g50" - transform="translate(551.9267,364.2689)"><path - d="m 0,0 c 16.398,20.796 22.346,43.748 18.045,69.9 3.02,0 5.654,-0.022 8.288,0.007 2.187,0.025 4.374,0.101 6.56,0.172 4.716,0.152 4.743,0.163 5.79,-4.512 C 41.779,51.734 40.83,37.911 38.507,24.1 38.26,22.631 37.817,21.189 37.656,19.715 36.479,8.941 29.625,3.588 19.853,1.08 13.574,-0.531 7.209,-0.816 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path52" - inkscape:connector-curvature="0" /></g><g - id="g54" - transform="translate(548.4282,396.6898)"><path - d="M 0,0 C 0,2.553 -3.404,4.255 -3.404,4.255 -0.851,5.105 0,8.51 0,8.51 0,8.51 0.851,5.105 3.404,4.255 3.404,4.255 0,2.553 0,0 m -16.835,6.354 c 0,6.638 -8.851,11.063 -8.851,11.063 6.638,2.213 8.851,11.063 8.851,11.063 0,0 2.212,-8.85 8.85,-11.063 0,0 -8.85,-4.425 -8.85,-11.063" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path56" - inkscape:connector-curvature="0" /></g><g - id="g58" - transform="translate(489.744,429.7865)"><path - d="m 0,0 c 0,0 -2.18,3.308 -9.585,2.026 0,0 5.894,28.296 35.737,38.209 C 26.152,40.235 -2.777,23.901 0,0 m 0.574,-32.696 -0.003,-0.003 c -1.277,-1.994 -2.778,-3.523 -4.46,-4.544 -1.492,-0.919 -3.13,-1.403 -4.67,-1.403 -0.519,0 -1.028,0.055 -1.516,0.167 l -2.174,0.5 2.15,0.593 c 1.605,0.443 3.016,1.325 4.194,2.623 0.997,1.09 1.826,2.447 2.536,4.149 1.158,2.775 1.757,6.066 1.783,9.781 -0.048,3.661 -0.673,6.945 -1.857,9.75 -0.693,1.629 -1.56,3.009 -2.58,4.099 -1.208,1.29 -2.63,2.143 -4.228,2.536 l -2.154,0.529 2.145,0.564 c 0.473,0.125 0.983,0.193 1.516,0.205 l 0.031,0.002 1.662,-0.152 c 1.029,-0.203 2.071,-0.605 3.014,-1.167 1.727,-1.015 3.25,-2.527 4.526,-4.493 2.122,-3.323 3.264,-7.421 3.305,-11.857 C 3.767,-25.296 2.653,-29.4 0.574,-32.696 M 100.951,17.69 c 0,0 -0.074,0.05 -0.223,0.136 -0.532,0.32 -1.095,0.593 -1.688,0.801 -2.997,1.223 -9.729,3.139 -21.568,2.583 -0.029,0 -0.055,0 -0.084,-0.001 C 52.1,20.798 29.559,10.754 29.559,10.754 c 0,0 1.417,1.733 3.4,3.636 0,0 10e-4,0 10e-4,10e-4 1.036,0.958 2.319,2.044 3.853,3.176 0.044,0.031 0.086,0.062 0.122,0.091 8.573,6.286 24.949,13.945 50.829,9.394 -0.615,0.698 -1.254,1.341 -1.887,1.998 l 0.057,-0.009 c 0,0 -5.858,6.886 -16.555,12.616 -0.613,0.331 -1.252,0.659 -1.91,0.985 -0.038,0.018 -0.073,0.038 -0.112,0.057 -0.067,0.033 -0.128,0.057 -0.195,0.089 -8.007,3.888 -19.263,7.05 -33.564,5.458 -3.873,-0.374 -8.015,-1.116 -12.272,-2.399 -0.007,-0.002 -0.013,-0.003 -0.02,-0.005 L 21.304,45.84 c -10,-3.018 -20.632,-9.029 -29.888,-20.328 -0.563,-0.707 -1.105,-1.409 -1.632,-2.109 -0.064,-0.096 -0.138,-0.198 -0.222,-0.301 -1.164,-1.557 -2.236,-3.091 -3.229,-4.602 -3.216,-5.343 -5.544,-11.486 -6.214,-13.337 -10.417,-31.901 2.546,-56.661 5.065,-61.011 8.793,-14.923 24.186,-31.856 49.988,-36.751 0.195,-0.046 0.377,-0.101 0.573,-0.145 1.697,-0.361 4.79,-0.914 8.771,-1.178 1.5,-0.067 3.04,-0.093 4.626,-0.065 1.525,-0.01 2.953,0.016 4.268,0.063 0.39,0.027 0.729,0.04 1.029,0.044 5.023,0.233 8.144,0.762 8.144,0.762 -26.133,1.279 -39.232,13.203 -44.987,20.816 -1.304,1.622 -2.422,3.367 -3.324,5.234 -0.356,0.699 -0.515,1.097 -0.515,1.097 8.328,-7.069 19.98,-13.155 19.98,-13.155 10.449,-4.917 21.402,-7.337 33.008,-5.747 0,0 24.264,2.227 33.932,24.702 -0.417,0.317 -0.361,0.275 -0.777,0.592 -0.642,-0.518 -1.274,-1.007 -1.898,-1.474 -0.975,-0.64 -1.933,-1.336 -2.89,-2.038 -5.184,-3.431 -9.414,-5.048 -11.934,-5.788 -19.06,-4.811 -36.698,-1.232 -52.114,12.263 -7.14,6.251 -11.572,14.131 -11.759,23.917 -0.122,6.365 -0.188,12.734 -0.135,19.101 0.084,10.023 7.135,17.645 17.126,18.986 20.245,2.716 40.598,3.652 60.993,4.129 3.125,0.072 5.888,0.036 7.342,-3.306 0.025,-0.057 0.358,0.021 0.543,0.035 1.379,4.393 -0.607,9.127 -4.223,11.444" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path60" - inkscape:connector-curvature="0" /></g></g></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_with_text_monochrome.png b/website/assets/logos/logo_with_text_monochrome.png Binary files differdeleted file mode 100644 index 17442f55d..000000000 --- a/website/assets/logos/logo_with_text_monochrome.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_monochrome.svg b/website/assets/logos/logo_with_text_monochrome.svg deleted file mode 100644 index 4648e06c0..000000000 --- a/website/assets/logos/logo_with_text_monochrome.svg +++ /dev/null @@ -1,116 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="607.97211" - height="193.20036" - viewBox="0 0 607.97212 193.20036" - sodipodi:docname="logo_with_text_monochrome.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath20"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path18" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="640" - inkscape:window-height="480" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.21542963" - inkscape:cx="296.21626" - inkscape:cy="101.98009" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="0" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-614.45037,638.9628)"><g - id="g14"><g - id="g16" - clip-path="url(#clipPath20)"><g - id="g22" - transform="translate(668.8995,400.2876)"><path - d="m 0,0 c -0.698,-5.234 -4.362,-8.375 -10.991,-9.421 -9.072,0.349 -13.783,5.407 -14.132,15.178 0.698,8.374 5.408,12.719 14.132,13.033 C -4.362,17.776 -0.698,14.341 0,8.479 Z m 0,26.117 c -2.442,2.826 -6.629,4.413 -12.561,4.763 -8.026,0 -14.219,-2.443 -18.581,-7.327 -4.361,-4.886 -6.542,-11.167 -6.542,-18.842 0,-8.026 2.006,-14.395 6.019,-19.105 4.012,-4.71 10.031,-7.066 18.057,-7.066 5.164,0 9.7,1.57 13.608,4.711 v -2.617 c 0,-3.141 -0.986,-6.019 -2.957,-8.636 -1.972,-2.617 -5.749,-3.925 -11.331,-3.925 -5.479,0.349 -10.137,1.919 -13.975,4.71 l -6.804,-7.85 c 5.582,-5.582 13.433,-8.48 23.553,-8.689 l 3.14,0.314 c 6.629,0.279 12.124,2.879 16.487,7.798 4.361,4.92 6.542,11.044 6.542,18.372 V 29.31 L 0,30.88 Z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path24" - inkscape:connector-curvature="0" /></g><g - id="g26" - transform="translate(720.3033,399.9331)"><path - d="M 0,0 -19.986,51.176 H -37.513 L -8.457,-21.105 H 8.891 L 37.875,51.176 H 20.348 Z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path28" - inkscape:connector-curvature="0" /></g><path - d="m 762.522,378.828 h 14.655 v 52.392 h -14.655 z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path30" - inkscape:connector-curvature="0" /><g - id="g32" - transform="translate(769.7443,451.1089)"><path - d="m 0,0 c -2.373,0 -4.257,-0.707 -5.652,-2.12 -1.397,-1.413 -2.094,-3.166 -2.094,-5.26 0,-2.094 0.697,-3.839 2.094,-5.234 1.395,-1.396 3.315,-2.094 5.757,-2.094 2.442,0 4.361,0.698 5.757,2.094 1.395,1.395 2.094,3.14 2.094,5.234 0,2.094 -0.699,3.847 -2.094,5.26 C 4.466,-0.707 2.512,0 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path34" - inkscape:connector-curvature="0" /></g><g - id="g36" - transform="translate(816.9264,406.8296)"><path - d="m 0,0 c -3.315,2.477 -7.572,3.96 -12.771,4.449 -3.524,0.697 -5.879,1.578 -7.065,2.643 -1.187,1.064 -1.187,2.251 0,3.559 1.186,1.309 3.541,1.962 7.065,1.962 3.56,0 6.525,-1.412 8.898,-4.239 l 8.165,9.212 c -2.374,2.338 -4.92,4.1 -7.642,5.286 -2.721,1.186 -6.542,1.78 -11.462,1.78 -4.257,0 -8.4,-1.423 -12.43,-4.265 -4.03,-2.845 -6.046,-6.971 -6.046,-12.379 0,-5.898 1.771,-9.91 5.313,-12.038 3.541,-2.129 7.44,-3.437 11.697,-3.925 4.712,-0.454 7.476,-1.335 8.297,-2.645 0.819,-1.307 0.645,-2.615 -0.523,-3.924 -1.171,-1.309 -3.761,-1.963 -7.774,-1.963 -4.99,0.453 -8.67,2.093 -11.043,4.921 l -8.113,-9.161 c 2.373,-2.373 5.208,-4.265 8.505,-5.678 3.298,-1.413 7.424,-2.12 12.379,-2.12 5.199,0 9.752,1.36 13.66,4.083 3.908,2.721 5.862,6.558 5.862,11.514 C 4.972,-6.787 3.315,-2.479 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path38" - inkscape:connector-curvature="0" /></g><g - id="g40" - transform="translate(862.2008,394.9751)"><path - d="m 0,0 c -2.478,-2.67 -5.705,-4.004 -9.683,-4.004 -3.977,0 -7.205,1.334 -9.682,4.004 -2.478,2.669 -3.717,5.992 -3.717,9.97 0,3.978 1.239,7.31 3.717,9.997 2.477,2.686 5.686,4.03 9.63,4.03 4.012,0 7.257,-1.344 9.735,-4.03 C 2.477,17.28 3.716,13.948 3.716,9.97 3.716,5.992 2.477,2.669 0,0 m -9.63,36.716 c -7.608,0 -13.957,-2.548 -19.052,-7.642 -5.095,-5.095 -7.641,-11.445 -7.641,-19.051 0,-7.573 2.546,-13.915 7.641,-19.025 5.095,-5.113 11.444,-7.669 19.052,-7.669 7.606,0 13.956,2.547 19.051,7.642 5.095,5.093 7.641,11.445 7.641,19.052 0,7.606 -2.546,13.956 -7.641,19.051 -5.095,5.094 -11.445,7.642 -19.051,7.642" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path42" - inkscape:connector-curvature="0" /></g><g - id="g44" - transform="translate(911.9489,431.1675)"><path - d="m 0,0 c -5.374,0 -9.927,-1.92 -13.66,-5.758 v 5.81 L -28.315,-1.519 V -52.34 h 14.655 v 32.19 c 2.372,4.92 5.338,7.501 8.898,7.746 3.175,-0.105 5.617,-0.925 7.327,-2.46 L 4.868,-0.419 C 3.332,-0.14 1.709,0 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path46" - inkscape:connector-curvature="0" /></g><g - id="g48" - transform="translate(548.2423,363.2485)"><path - d="m 0,0 c 16.655,21.121 22.696,44.433 18.328,70.995 3.068,0 5.743,-0.023 8.417,0.007 2.222,0.025 4.443,0.102 6.664,0.175 4.79,0.154 4.818,0.165 5.88,-4.582 3.145,-14.051 2.18,-28.09 -0.179,-42.118 -0.25,-1.492 -0.7,-2.956 -0.864,-4.454 C 37.05,9.081 30.089,3.645 20.165,1.097 13.787,-0.54 7.323,-0.829 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path50" - inkscape:connector-curvature="0" /></g><g - id="g52" - transform="translate(544.6891,396.1763)"><path - d="M 0,0 C 0,2.594 -3.457,4.322 -3.457,4.322 -0.864,5.187 0,8.644 0,8.644 0,8.644 0.865,5.187 3.458,4.322 3.458,4.322 0,2.594 0,0 m -17.099,6.454 c 0,6.742 -8.989,11.236 -8.989,11.236 6.742,2.248 8.989,11.238 8.989,11.238 0,0 2.247,-8.99 8.99,-11.238 0,0 -8.99,-4.494 -8.99,-11.236" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path54" - inkscape:connector-curvature="0" /></g><g - id="g56" - transform="translate(485.0861,429.7925)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.579 -4.53,-4.616 -1.515,-0.933 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.057 -1.539,0.17 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.213 1.175,2.82 1.784,6.162 1.81,9.936 -0.049,3.718 -0.683,7.054 -1.886,9.902 -0.703,1.654 -1.585,3.056 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.126 0.998,0.196 1.539,0.209 h 0.031 l 1.688,-0.153 c 1.045,-0.206 2.104,-0.616 3.061,-1.185 1.755,-1.031 3.302,-2.567 4.598,-4.565 2.155,-3.374 3.315,-7.536 3.357,-12.042 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.05 -0.226,0.136 -0.541,0.327 -1.113,0.603 -1.715,0.815 -3.044,1.241 -9.881,3.186 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.922 30.022,10.922 c 0,0 1.439,1.761 3.453,3.692 10e-4,0 10e-4,10e-4 0.002,10e-4 1.052,0.974 2.355,2.076 3.912,3.227 0.046,0.031 0.088,0.063 0.124,0.093 8.708,6.384 25.34,14.163 51.625,9.541 -0.989,1.124 -2.002,2.192 -3.036,3.215 -1.112,0.883 -2.231,1.693 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.867 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 -9.29,25.193 -9.841,24.479 -10.376,23.77 c -0.065,-0.099 -0.141,-0.202 -0.226,-0.307 -1.182,-1.581 -2.271,-3.14 -3.279,-4.674 -3.266,-5.427 -5.631,-11.665 -6.311,-13.545 -10.58,-32.401 2.586,-57.55 5.144,-61.967 8.93,-15.158 24.565,-32.355 50.771,-37.327 0.197,-0.047 0.382,-0.101 0.582,-0.147 1.723,-0.367 4.864,-0.929 8.908,-1.196 1.524,-0.069 3.088,-0.094 4.699,-0.067 1.548,-0.009 2.999,0.017 4.335,0.064 0.396,0.028 0.74,0.041 1.044,0.044 5.102,0.238 8.272,0.775 8.272,0.775 -26.543,1.299 -39.847,13.409 -45.691,21.142 -1.325,1.648 -2.46,3.42 -3.377,5.316 -0.361,0.71 -0.523,1.115 -0.523,1.115 8.459,-7.181 20.294,-13.362 20.294,-13.362 10.611,-4.993 21.737,-7.451 33.524,-5.837 0,0 24.645,2.263 34.464,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.652,-0.526 -1.294,-1.023 -1.926,-1.496 -0.991,-0.651 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.128 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.352 -11.944,24.291 -0.124,6.465 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.947,4.193 3.174,0.073 5.981,0.037 7.458,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.461 -0.617,9.27 -4.29,11.624" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path58" - inkscape:connector-curvature="0" /></g></g></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_with_text_on_dark-1024.png b/website/assets/logos/logo_with_text_on_dark-1024.png Binary files differdeleted file mode 100644 index a02a9014b..000000000 --- a/website/assets/logos/logo_with_text_on_dark-1024.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark-128.png b/website/assets/logos/logo_with_text_on_dark-128.png Binary files differdeleted file mode 100644 index efae725b8..000000000 --- a/website/assets/logos/logo_with_text_on_dark-128.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark-16.png b/website/assets/logos/logo_with_text_on_dark-16.png Binary files differdeleted file mode 100644 index a6069f98f..000000000 --- a/website/assets/logos/logo_with_text_on_dark-16.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark.png b/website/assets/logos/logo_with_text_on_dark.png Binary files differdeleted file mode 100644 index 24de18c11..000000000 --- a/website/assets/logos/logo_with_text_on_dark.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark.svg b/website/assets/logos/logo_with_text_on_dark.svg deleted file mode 100644 index 52d8e52da..000000000 --- a/website/assets/logos/logo_with_text_on_dark.svg +++ /dev/null @@ -1,116 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="607.97211" - height="193.19984" - viewBox="0 0 607.97212 193.19985" - sodipodi:docname="logo_with_text_on_dark.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath20"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path18" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="640" - inkscape:window-height="480" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.21542963" - inkscape:cx="296.21626" - inkscape:cy="101.97992" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="0" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-614.45037,638.96254)"><g - id="g14"><g - id="g16" - clip-path="url(#clipPath20)"><g - id="g22" - transform="translate(668.8995,400.2874)"><path - d="m 0,0 c -0.698,-5.233 -4.362,-8.375 -10.991,-9.421 -9.072,0.349 -13.783,5.408 -14.132,15.178 0.698,8.375 5.408,12.719 14.132,13.033 C -4.362,17.777 -0.698,14.341 0,8.479 Z m 0,26.117 c -2.442,2.826 -6.629,4.414 -12.561,4.763 -8.026,0 -14.219,-2.443 -18.581,-7.327 -4.361,-4.886 -6.542,-11.166 -6.542,-18.842 0,-8.026 2.006,-14.394 6.019,-19.105 4.012,-4.71 10.031,-7.065 18.057,-7.065 5.164,0 9.7,1.569 13.608,4.71 v -2.616 c 0,-3.141 -0.986,-6.02 -2.957,-8.636 -1.972,-2.618 -5.749,-3.926 -11.331,-3.926 -5.479,0.349 -10.137,1.919 -13.975,4.71 l -6.804,-7.85 c 5.582,-5.582 13.433,-8.48 23.553,-8.689 l 3.14,0.314 c 6.629,0.28 12.124,2.879 16.487,7.798 4.361,4.92 6.542,11.044 6.542,18.373 V 29.31 L 0,30.88 Z" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path24" - inkscape:connector-curvature="0" /></g><g - id="g26" - transform="translate(720.3033,399.9339)"><path - d="m 0,0 -19.986,51.175 h -17.527 l 29.056,-72.28 H 8.891 l 28.984,72.28 H 20.348 Z" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path28" - inkscape:connector-curvature="0" /></g><path - d="m 762.522,378.828 h 14.655 v 52.392 h -14.655 z" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path30" - inkscape:connector-curvature="0" /><g - id="g32" - transform="translate(769.7443,451.1087)"><path - d="m 0,0 c -2.373,0 -4.257,-0.706 -5.652,-2.12 -1.397,-1.413 -2.094,-3.166 -2.094,-5.26 0,-2.094 0.697,-3.839 2.094,-5.233 1.395,-1.397 3.315,-2.094 5.757,-2.094 2.442,0 4.361,0.697 5.757,2.094 1.395,1.394 2.094,3.139 2.094,5.233 0,2.094 -0.699,3.847 -2.094,5.26 C 4.466,-0.706 2.512,0 0,0" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path34" - inkscape:connector-curvature="0" /></g><g - id="g36" - transform="translate(816.9264,406.8294)"><path - d="m 0,0 c -3.315,2.478 -7.572,3.96 -12.771,4.449 -3.524,0.697 -5.879,1.578 -7.065,2.644 -1.187,1.063 -1.187,2.25 0,3.558 1.186,1.309 3.541,1.963 7.065,1.963 3.56,0 6.525,-1.413 8.898,-4.239 l 8.165,9.211 c -2.374,2.338 -4.92,4.101 -7.642,5.286 -2.721,1.187 -6.542,1.78 -11.462,1.78 -4.257,0 -8.4,-1.422 -12.43,-4.265 -4.03,-2.845 -6.046,-6.971 -6.046,-12.379 0,-5.897 1.771,-9.91 5.313,-12.038 3.541,-2.128 7.44,-3.437 11.697,-3.925 4.712,-0.454 7.476,-1.335 8.297,-2.644 0.819,-1.308 0.645,-2.616 -0.523,-3.924 -1.171,-1.309 -3.761,-1.963 -7.774,-1.963 -4.99,0.453 -8.67,2.092 -11.043,4.92 l -8.113,-9.16 c 2.373,-2.374 5.208,-4.266 8.505,-5.678 3.298,-1.414 7.424,-2.121 12.379,-2.121 5.199,0 9.752,1.361 13.66,4.083 3.908,2.722 5.862,6.559 5.862,11.515 C 4.972,-6.787 3.315,-2.478 0,0" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path38" - inkscape:connector-curvature="0" /></g><g - id="g40" - transform="translate(862.2008,394.9749)"><path - d="m 0,0 c -2.478,-2.669 -5.705,-4.004 -9.683,-4.004 -3.977,0 -7.205,1.335 -9.682,4.004 -2.478,2.67 -3.717,5.992 -3.717,9.97 0,3.978 1.239,7.31 3.717,9.998 2.477,2.685 5.686,4.029 9.63,4.029 4.012,0 7.257,-1.344 9.735,-4.029 C 2.477,17.28 3.716,13.948 3.716,9.97 3.716,5.992 2.477,2.67 0,0 m -9.63,36.716 c -7.608,0 -13.957,-2.547 -19.052,-7.642 -5.095,-5.095 -7.641,-11.445 -7.641,-19.051 0,-7.572 2.546,-13.914 7.641,-19.025 5.095,-5.112 11.444,-7.669 19.052,-7.669 7.606,0 13.956,2.548 19.051,7.642 5.095,5.094 7.641,11.445 7.641,19.052 0,7.606 -2.546,13.956 -7.641,19.051 -5.095,5.095 -11.445,7.642 -19.051,7.642" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path42" - inkscape:connector-curvature="0" /></g><g - id="g44" - transform="translate(911.9489,431.1673)"><path - d="m 0,0 c -5.374,0 -9.927,-1.919 -13.66,-5.757 v 5.81 l -14.655,-1.571 v -50.821 h 14.655 v 32.189 c 2.372,4.92 5.338,7.502 8.898,7.746 3.175,-0.105 5.617,-0.925 7.327,-2.46 L 4.868,-0.419 C 3.332,-0.14 1.709,0 0,0" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path46" - inkscape:connector-curvature="0" /></g><g - id="g48" - transform="translate(548.2423,363.2484)"><path - d="m 0,0 c 16.655,21.121 22.696,44.434 18.328,70.995 3.068,0 5.743,-0.023 8.417,0.007 2.222,0.025 4.443,0.102 6.664,0.175 4.79,0.154 4.818,0.165 5.88,-4.582 3.145,-14.05 2.18,-28.089 -0.179,-42.118 -0.25,-1.492 -0.7,-2.956 -0.864,-4.454 C 37.05,9.081 30.089,3.645 20.165,1.097 13.787,-0.54 7.323,-0.829 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path50" - inkscape:connector-curvature="0" /></g><g - id="g52" - transform="translate(544.6891,396.1771)"><path - d="M 0,0 C 0,2.593 -3.457,4.321 -3.457,4.321 -0.864,5.186 0,8.644 0,8.644 0,8.644 0.865,5.186 3.458,4.321 3.458,4.321 0,2.593 0,0 m -17.099,6.453 c 0,6.742 -8.989,11.237 -8.989,11.237 6.742,2.247 8.989,11.237 8.989,11.237 0,0 2.247,-8.99 8.99,-11.237 0,0 -8.99,-4.495 -8.99,-11.237" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path54" - inkscape:connector-curvature="0" /></g><g - id="g56" - transform="translate(485.0861,429.7923)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.578 -4.53,-4.615 -1.515,-0.934 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.056 -1.539,0.169 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.214 1.175,2.819 1.784,6.161 1.81,9.935 -0.049,3.719 -0.683,7.054 -1.886,9.902 -0.703,1.655 -1.585,3.057 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.127 0.998,0.196 1.539,0.209 l 0.031,10e-4 1.688,-0.154 c 1.045,-0.206 2.104,-0.615 3.061,-1.184 1.755,-1.032 3.302,-2.568 4.598,-4.565 2.155,-3.374 3.315,-7.537 3.357,-12.043 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.051 -0.226,0.137 -0.541,0.326 -1.113,0.602 -1.715,0.814 -3.044,1.241 -9.881,3.187 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.923 30.022,10.923 c 0,0 1.439,1.76 3.453,3.691 10e-4,10e-4 10e-4,10e-4 0.002,0.002 1.052,0.973 2.355,2.076 3.912,3.226 0.046,0.032 0.088,0.063 0.124,0.094 8.708,6.383 25.34,14.162 51.625,9.54 -0.989,1.124 -2.002,2.193 -3.036,3.215 -1.112,0.884 -2.231,1.694 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.868 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 c -0.571,-0.718 -1.122,-1.431 -1.657,-2.14 -0.065,-0.1 -0.141,-0.202 -0.226,-0.307 -1.182,-1.582 -2.271,-3.141 -3.279,-4.674 -3.266,-5.427 -5.631,-11.666 -6.311,-13.546 -10.58,-32.401 2.586,-57.549 5.144,-61.967 8.93,-15.157 24.565,-32.355 50.771,-37.327 0.197,-0.046 0.382,-0.101 0.582,-0.146 1.723,-0.367 4.864,-0.929 8.908,-1.197 1.524,-0.069 3.088,-0.094 4.699,-0.066 1.548,-0.01 2.999,0.017 4.335,0.064 0.396,0.027 0.74,0.041 1.044,0.044 5.102,0.237 8.272,0.774 8.272,0.774 -26.543,1.3 -39.847,13.41 -45.691,21.142 -1.325,1.648 -2.46,3.421 -3.377,5.316 -0.361,0.711 -0.523,1.115 -0.523,1.115 8.459,-7.18 20.294,-13.361 20.294,-13.361 10.611,-4.993 21.737,-7.452 33.524,-5.838 0,0 24.645,2.264 34.464,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.652,-0.526 -1.294,-1.022 -1.926,-1.496 -0.991,-0.65 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.127 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.353 -11.944,24.291 -0.124,6.466 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.947,4.193 3.174,0.074 5.981,0.037 7.458,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.462 -0.617,9.27 -4.29,11.624" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path58" - inkscape:connector-curvature="0" /></g></g></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_with_text_on_dark_full-1024.png b/website/assets/logos/logo_with_text_on_dark_full-1024.png Binary files differdeleted file mode 100644 index eb2e63981..000000000 --- a/website/assets/logos/logo_with_text_on_dark_full-1024.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark_full-128.png b/website/assets/logos/logo_with_text_on_dark_full-128.png Binary files differdeleted file mode 100644 index 4ed21e5cb..000000000 --- a/website/assets/logos/logo_with_text_on_dark_full-128.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark_full-16.png b/website/assets/logos/logo_with_text_on_dark_full-16.png Binary files differdeleted file mode 100644 index d3968da5e..000000000 --- a/website/assets/logos/logo_with_text_on_dark_full-16.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark_full.png b/website/assets/logos/logo_with_text_on_dark_full.png Binary files differdeleted file mode 100644 index 21feea356..000000000 --- a/website/assets/logos/logo_with_text_on_dark_full.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_dark_full.svg b/website/assets/logos/logo_with_text_on_dark_full.svg deleted file mode 100644 index 017e72414..000000000 --- a/website/assets/logos/logo_with_text_on_dark_full.svg +++ /dev/null @@ -1,120 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="786.19244" - height="334.21716" - viewBox="0 0 786.19246 334.21718" - sodipodi:docname="logo_with_text_on_dark_full.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath20"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path18" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="567" - inkscape:window-height="462" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.3046635" - inkscape:cx="541.19762" - inkscape:cy="67.525134" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="0" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-524.53324,714.8519)"><path - d="M 393.39994,285.47606 H 983.04431 V 536.13894 H 393.39994 Z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.36289462" - id="path12" - inkscape:connector-curvature="0" /><g - id="g14"><g - id="g16" - clip-path="url(#clipPath20)"><g - id="g22" - transform="translate(668.8995,400.2874)"><path - d="m 0,0 c -0.698,-5.233 -4.362,-8.375 -10.991,-9.421 -9.072,0.349 -13.783,5.408 -14.132,15.178 0.698,8.375 5.408,12.719 14.132,13.033 C -4.362,17.777 -0.698,14.341 0,8.479 Z m 0,26.117 c -2.442,2.826 -6.629,4.414 -12.561,4.763 -8.026,0 -14.219,-2.443 -18.581,-7.327 -4.361,-4.886 -6.542,-11.166 -6.542,-18.842 0,-8.026 2.006,-14.394 6.019,-19.105 4.012,-4.71 10.031,-7.065 18.057,-7.065 5.164,0 9.7,1.569 13.608,4.71 v -2.616 c 0,-3.141 -0.986,-6.02 -2.957,-8.636 -1.972,-2.618 -5.749,-3.926 -11.331,-3.926 -5.479,0.349 -10.137,1.919 -13.975,4.71 l -6.804,-7.85 c 5.582,-5.582 13.433,-8.48 23.553,-8.689 l 3.14,0.314 c 6.629,0.28 12.124,2.879 16.487,7.798 4.361,4.92 6.542,11.044 6.542,18.373 V 29.31 L 0,30.88 Z" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path24" - inkscape:connector-curvature="0" /></g><g - id="g26" - transform="translate(720.3033,399.9339)"><path - d="m 0,0 -19.986,51.175 h -17.527 l 29.056,-72.28 H 8.891 l 28.984,72.28 H 20.348 Z" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path28" - inkscape:connector-curvature="0" /></g><path - d="m 762.522,378.828 h 14.655 v 52.392 h -14.655 z" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path30" - inkscape:connector-curvature="0" /><g - id="g32" - transform="translate(769.7443,451.1087)"><path - d="m 0,0 c -2.373,0 -4.257,-0.706 -5.652,-2.12 -1.397,-1.413 -2.094,-3.166 -2.094,-5.26 0,-2.094 0.697,-3.839 2.094,-5.233 1.395,-1.397 3.315,-2.094 5.757,-2.094 2.442,0 4.361,0.697 5.757,2.094 1.395,1.394 2.094,3.139 2.094,5.233 0,2.094 -0.699,3.847 -2.094,5.26 C 4.466,-0.706 2.512,0 0,0" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path34" - inkscape:connector-curvature="0" /></g><g - id="g36" - transform="translate(816.9264,406.8294)"><path - d="m 0,0 c -3.315,2.478 -7.572,3.96 -12.771,4.449 -3.524,0.697 -5.879,1.578 -7.065,2.644 -1.187,1.063 -1.187,2.25 0,3.558 1.186,1.309 3.541,1.963 7.065,1.963 3.56,0 6.525,-1.413 8.898,-4.239 l 8.165,9.211 c -2.374,2.338 -4.92,4.101 -7.642,5.286 -2.721,1.187 -6.542,1.78 -11.462,1.78 -4.257,0 -8.4,-1.422 -12.43,-4.265 -4.03,-2.845 -6.046,-6.971 -6.046,-12.379 0,-5.897 1.771,-9.91 5.313,-12.038 3.541,-2.128 7.44,-3.437 11.697,-3.925 4.712,-0.454 7.476,-1.335 8.297,-2.644 0.819,-1.308 0.645,-2.616 -0.523,-3.924 -1.171,-1.309 -3.761,-1.963 -7.774,-1.963 -4.99,0.453 -8.67,2.092 -11.043,4.92 l -8.113,-9.16 c 2.373,-2.374 5.208,-4.266 8.505,-5.678 3.298,-1.414 7.424,-2.121 12.379,-2.121 5.199,0 9.752,1.361 13.66,4.083 3.908,2.722 5.862,6.559 5.862,11.515 C 4.972,-6.787 3.315,-2.478 0,0" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path38" - inkscape:connector-curvature="0" /></g><g - id="g40" - transform="translate(862.2008,394.9749)"><path - d="m 0,0 c -2.478,-2.669 -5.705,-4.004 -9.683,-4.004 -3.977,0 -7.205,1.335 -9.682,4.004 -2.478,2.67 -3.717,5.992 -3.717,9.97 0,3.978 1.239,7.31 3.717,9.998 2.477,2.685 5.686,4.029 9.63,4.029 4.012,0 7.257,-1.344 9.735,-4.029 C 2.477,17.28 3.716,13.948 3.716,9.97 3.716,5.992 2.477,2.67 0,0 m -9.63,36.716 c -7.608,0 -13.957,-2.547 -19.052,-7.642 -5.095,-5.095 -7.641,-11.445 -7.641,-19.051 0,-7.572 2.546,-13.914 7.641,-19.025 5.095,-5.112 11.444,-7.669 19.052,-7.669 7.606,0 13.956,2.548 19.051,7.642 5.095,5.094 7.641,11.445 7.641,19.052 0,7.606 -2.546,13.956 -7.641,19.051 -5.095,5.095 -11.445,7.642 -19.051,7.642" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path42" - inkscape:connector-curvature="0" /></g><g - id="g44" - transform="translate(911.9489,431.1673)"><path - d="m 0,0 c -5.374,0 -9.927,-1.919 -13.66,-5.757 v 5.81 l -14.655,-1.571 v -50.821 h 14.655 v 32.189 c 2.372,4.92 5.338,7.502 8.898,7.746 3.175,-0.105 5.617,-0.925 7.327,-2.46 L 4.868,-0.419 C 3.332,-0.14 1.709,0 0,0" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path46" - inkscape:connector-curvature="0" /></g><g - id="g48" - transform="translate(548.2423,363.2484)"><path - d="m 0,0 c 16.655,21.121 22.696,44.434 18.328,70.995 3.068,0 5.743,-0.023 8.417,0.007 2.222,0.025 4.443,0.102 6.664,0.175 4.79,0.154 4.818,0.165 5.88,-4.582 3.145,-14.05 2.18,-28.089 -0.179,-42.118 -0.25,-1.492 -0.7,-2.956 -0.864,-4.454 C 37.05,9.081 30.089,3.645 20.165,1.097 13.787,-0.54 7.323,-0.829 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path50" - inkscape:connector-curvature="0" /></g><g - id="g52" - transform="translate(544.6891,396.1771)"><path - d="M 0,0 C 0,2.593 -3.457,4.321 -3.457,4.321 -0.864,5.186 0,8.644 0,8.644 0,8.644 0.865,5.186 3.458,4.321 3.458,4.321 0,2.593 0,0 m -17.099,6.453 c 0,6.742 -8.989,11.237 -8.989,11.237 6.742,2.247 8.989,11.237 8.989,11.237 0,0 2.247,-8.99 8.99,-11.237 0,0 -8.99,-4.495 -8.99,-11.237" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path54" - inkscape:connector-curvature="0" /></g><g - id="g56" - transform="translate(485.0861,429.7923)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.578 -4.53,-4.615 -1.515,-0.934 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.056 -1.539,0.169 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.214 1.175,2.819 1.784,6.161 1.81,9.935 -0.049,3.719 -0.683,7.054 -1.886,9.902 -0.703,1.655 -1.585,3.057 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.127 0.998,0.196 1.539,0.209 l 0.031,10e-4 1.688,-0.154 c 1.045,-0.206 2.104,-0.615 3.061,-1.184 1.755,-1.032 3.302,-2.568 4.598,-4.565 2.155,-3.374 3.315,-7.537 3.357,-12.043 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.051 -0.226,0.137 -0.541,0.326 -1.113,0.602 -1.715,0.814 -3.044,1.241 -9.881,3.187 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.923 30.022,10.923 c 0,0 1.439,1.76 3.453,3.691 10e-4,10e-4 10e-4,10e-4 0.002,0.002 1.052,0.973 2.355,2.076 3.912,3.226 0.046,0.032 0.088,0.063 0.124,0.094 8.708,6.383 25.34,14.162 51.625,9.54 -0.989,1.124 -2.002,2.193 -3.036,3.215 -1.112,0.884 -2.231,1.694 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.868 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 c -0.571,-0.718 -1.122,-1.431 -1.657,-2.14 -0.065,-0.1 -0.141,-0.202 -0.226,-0.307 -1.182,-1.582 -2.271,-3.141 -3.279,-4.674 -3.266,-5.427 -5.631,-11.666 -6.311,-13.546 -10.58,-32.401 2.586,-57.549 5.144,-61.967 8.93,-15.157 24.565,-32.355 50.771,-37.327 0.197,-0.046 0.382,-0.101 0.582,-0.146 1.723,-0.367 4.864,-0.929 8.908,-1.197 1.524,-0.069 3.088,-0.094 4.699,-0.066 1.548,-0.01 2.999,0.017 4.335,0.064 0.396,0.027 0.74,0.041 1.044,0.044 5.102,0.237 8.272,0.774 8.272,0.774 -26.543,1.3 -39.847,13.41 -45.691,21.142 -1.325,1.648 -2.46,3.421 -3.377,5.316 -0.361,0.711 -0.523,1.115 -0.523,1.115 8.459,-7.18 20.294,-13.361 20.294,-13.361 10.611,-4.993 21.737,-7.452 33.524,-5.838 0,0 24.645,2.264 34.464,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.652,-0.526 -1.294,-1.022 -1.926,-1.496 -0.991,-0.65 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.127 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.353 -11.944,24.291 -0.124,6.466 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.947,4.193 3.174,0.074 5.981,0.037 7.458,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.462 -0.617,9.27 -4.29,11.624" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path58" - inkscape:connector-curvature="0" /></g></g></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_with_text_on_white.png b/website/assets/logos/logo_with_text_on_white.png Binary files differdeleted file mode 100644 index bf420a057..000000000 --- a/website/assets/logos/logo_with_text_on_white.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_white.svg b/website/assets/logos/logo_with_text_on_white.svg deleted file mode 100644 index 4275efe83..000000000 --- a/website/assets/logos/logo_with_text_on_white.svg +++ /dev/null @@ -1,116 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="607.97211" - height="193.20036" - viewBox="0 0 607.97212 193.20037" - sodipodi:docname="logo_with_text_on_white.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath18"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path16" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="640" - inkscape:window-height="480" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.43085925" - inkscape:cx="325.455" - inkscape:cy="50.910097" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="0" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-614.45037,638.9628)"><g - id="g12"><g - id="g14" - clip-path="url(#clipPath18)"><g - id="g20" - transform="translate(668.8995,400.2876)"><path - d="m 0,0 c -0.698,-5.234 -4.362,-8.375 -10.991,-9.421 -9.072,0.349 -13.783,5.407 -14.132,15.178 0.698,8.374 5.408,12.719 14.132,13.033 C -4.362,17.776 -0.698,14.341 0,8.479 Z m 0,26.117 c -2.442,2.826 -6.629,4.413 -12.561,4.763 -8.026,0 -14.219,-2.443 -18.581,-7.327 -4.361,-4.886 -6.542,-11.167 -6.542,-18.842 0,-8.026 2.006,-14.395 6.019,-19.105 4.012,-4.71 10.031,-7.066 18.057,-7.066 5.164,0 9.7,1.57 13.608,4.711 v -2.617 c 0,-3.141 -0.986,-6.019 -2.957,-8.636 -1.972,-2.617 -5.749,-3.925 -11.331,-3.925 -5.479,0.349 -10.137,1.919 -13.975,4.71 l -6.804,-7.85 c 5.582,-5.582 13.433,-8.48 23.553,-8.689 l 3.14,0.314 c 6.629,0.279 12.124,2.879 16.487,7.798 4.361,4.92 6.542,11.044 6.542,18.372 V 29.31 L 0,30.88 Z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path22" - inkscape:connector-curvature="0" /></g><g - id="g24" - transform="translate(720.3033,399.9331)"><path - d="M 0,0 -19.986,51.176 H -37.513 L -8.457,-21.105 H 8.891 L 37.875,51.176 H 20.348 Z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path26" - inkscape:connector-curvature="0" /></g><path - d="m 762.522,378.828 h 14.655 v 52.392 h -14.655 z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path28" - inkscape:connector-curvature="0" /><g - id="g30" - transform="translate(769.7443,451.1089)"><path - d="m 0,0 c -2.373,0 -4.257,-0.707 -5.652,-2.12 -1.397,-1.413 -2.094,-3.166 -2.094,-5.26 0,-2.094 0.697,-3.839 2.094,-5.234 1.395,-1.396 3.315,-2.094 5.757,-2.094 2.442,0 4.361,0.698 5.757,2.094 1.395,1.395 2.094,3.14 2.094,5.234 0,2.094 -0.699,3.847 -2.094,5.26 C 4.466,-0.707 2.512,0 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path32" - inkscape:connector-curvature="0" /></g><g - id="g34" - transform="translate(816.9264,406.8296)"><path - d="m 0,0 c -3.315,2.477 -7.572,3.96 -12.771,4.449 -3.524,0.697 -5.879,1.578 -7.065,2.643 -1.187,1.064 -1.187,2.251 0,3.559 1.186,1.309 3.541,1.962 7.065,1.962 3.56,0 6.525,-1.412 8.898,-4.239 l 8.165,9.212 c -2.374,2.338 -4.92,4.1 -7.642,5.286 -2.721,1.186 -6.542,1.78 -11.462,1.78 -4.257,0 -8.4,-1.423 -12.43,-4.265 -4.03,-2.845 -6.046,-6.971 -6.046,-12.379 0,-5.898 1.771,-9.91 5.313,-12.038 3.541,-2.129 7.44,-3.437 11.697,-3.925 4.712,-0.454 7.476,-1.335 8.297,-2.645 0.819,-1.307 0.645,-2.615 -0.523,-3.924 -1.171,-1.309 -3.761,-1.963 -7.774,-1.963 -4.99,0.453 -8.67,2.093 -11.043,4.921 l -8.113,-9.161 c 2.373,-2.373 5.208,-4.265 8.505,-5.678 3.298,-1.413 7.424,-2.12 12.379,-2.12 5.199,0 9.752,1.36 13.66,4.083 3.908,2.721 5.862,6.558 5.862,11.514 C 4.972,-6.787 3.315,-2.479 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path36" - inkscape:connector-curvature="0" /></g><g - id="g38" - transform="translate(862.2008,394.9751)"><path - d="m 0,0 c -2.478,-2.67 -5.705,-4.004 -9.683,-4.004 -3.977,0 -7.205,1.334 -9.682,4.004 -2.478,2.669 -3.717,5.992 -3.717,9.97 0,3.978 1.239,7.31 3.717,9.997 2.477,2.686 5.686,4.03 9.63,4.03 4.012,0 7.257,-1.344 9.735,-4.03 C 2.477,17.28 3.716,13.948 3.716,9.97 3.716,5.992 2.477,2.669 0,0 m -9.63,36.716 c -7.608,0 -13.957,-2.548 -19.052,-7.642 -5.095,-5.095 -7.641,-11.445 -7.641,-19.051 0,-7.573 2.546,-13.915 7.641,-19.025 5.095,-5.113 11.444,-7.669 19.052,-7.669 7.606,0 13.956,2.547 19.051,7.642 5.095,5.093 7.641,11.445 7.641,19.052 0,7.606 -2.546,13.956 -7.641,19.051 -5.095,5.094 -11.445,7.642 -19.051,7.642" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path40" - inkscape:connector-curvature="0" /></g><g - id="g42" - transform="translate(911.9489,431.1675)"><path - d="m 0,0 c -5.374,0 -9.927,-1.92 -13.66,-5.758 v 5.81 L -28.315,-1.519 V -52.34 h 14.655 v 32.19 c 2.372,4.92 5.338,7.501 8.898,7.746 3.175,-0.105 5.617,-0.925 7.327,-2.46 L 4.868,-0.419 C 3.332,-0.14 1.709,0 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path44" - inkscape:connector-curvature="0" /></g><g - id="g46" - transform="translate(548.2428,363.2485)"><path - d="m 0,0 c 16.655,21.121 22.696,44.433 18.328,70.995 3.068,0 5.742,-0.023 8.417,0.007 2.221,0.025 4.442,0.102 6.663,0.175 4.79,0.154 4.818,0.165 5.881,-4.582 C 42.434,52.544 41.469,38.505 39.11,24.477 38.859,22.985 38.409,21.521 38.246,20.023 37.05,9.081 30.089,3.645 20.164,1.097 13.786,-0.54 7.323,-0.829 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path48" - inkscape:connector-curvature="0" /></g><g - id="g50" - transform="translate(544.6891,396.1763)"><path - d="M 0,0 C 0,2.594 -3.457,4.322 -3.457,4.322 -0.864,5.187 0,8.644 0,8.644 0,8.644 0.865,5.187 3.458,4.322 3.458,4.322 0,2.594 0,0 m -17.099,6.454 c 0,6.742 -8.989,11.236 -8.989,11.236 6.742,2.248 8.989,11.238 8.989,11.238 0,0 2.248,-8.99 8.99,-11.238 0,0 -8.99,-4.494 -8.99,-11.236" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path52" - inkscape:connector-curvature="0" /></g><g - id="g54" - transform="translate(485.0861,429.7925)"><path - d="m 0,0 c 0,0 -2.214,3.359 -9.736,2.059 0,0 5.987,28.738 36.298,38.806 C 26.562,40.865 -2.82,24.275 0,0 M 0.583,-33.208 0.58,-33.211 c -1.297,-2.026 -2.821,-3.579 -4.53,-4.616 -1.515,-0.933 -3.178,-1.425 -4.743,-1.425 -0.528,0 -1.044,0.057 -1.539,0.17 l -2.209,0.507 2.184,0.603 c 1.63,0.451 3.063,1.347 4.259,2.664 1.014,1.108 1.856,2.485 2.577,4.213 1.175,2.82 1.784,6.162 1.81,9.936 -0.049,3.718 -0.683,7.054 -1.886,9.902 -0.703,1.654 -1.585,3.056 -2.621,4.163 -1.227,1.311 -2.671,2.178 -4.294,2.576 l -2.187,0.538 2.179,0.572 c 0.48,0.126 0.998,0.196 1.539,0.209 h 0.031 l 1.688,-0.153 c 1.045,-0.206 2.104,-0.616 3.061,-1.185 1.755,-1.031 3.302,-2.567 4.598,-4.565 2.155,-3.374 3.315,-7.536 3.357,-12.042 -0.028,-4.548 -1.159,-8.717 -3.271,-12.064 m 101.949,51.176 c 0,0 -0.075,0.05 -0.226,0.136 -0.541,0.327 -1.113,0.603 -1.715,0.815 -3.044,1.241 -9.881,3.186 -21.906,2.623 -0.029,0 -0.056,0 -0.085,-0.001 C 52.916,21.123 30.022,10.922 30.022,10.922 c 0,0 1.439,1.761 3.453,3.692 10e-4,0 10e-4,10e-4 0.002,10e-4 1.052,0.974 2.355,2.076 3.912,3.227 0.046,0.031 0.088,0.063 0.124,0.093 8.708,6.384 25.341,14.163 51.625,9.541 -0.989,1.124 -2.002,2.192 -3.036,3.215 -1.112,0.883 -2.231,1.693 -3.354,2.456 0.02,-0.012 0.039,-0.023 0.059,-0.036 0,0 -17.016,19.415 -48.683,15.891 C 30.19,48.622 25.983,47.867 21.66,46.564 21.653,46.563 21.646,46.562 21.64,46.56 L 21.638,46.558 C 11.48,43.492 0.683,37.387 -8.719,25.911 -9.29,25.193 -9.841,24.479 -10.376,23.77 c -0.065,-0.099 -0.141,-0.202 -0.226,-0.307 -1.182,-1.581 -2.271,-3.14 -3.279,-4.674 -3.266,-5.427 -5.631,-11.665 -6.311,-13.545 -10.58,-32.401 2.586,-57.55 5.144,-61.967 8.93,-15.158 24.565,-32.355 50.771,-37.327 0.197,-0.047 0.382,-0.101 0.582,-0.147 1.723,-0.367 4.864,-0.929 8.908,-1.196 1.524,-0.069 3.088,-0.094 4.699,-0.067 1.548,-0.009 2.999,0.017 4.335,0.064 0.396,0.028 0.74,0.041 1.044,0.044 5.102,0.238 8.272,0.775 8.272,0.775 -26.542,1.299 -39.847,13.409 -45.691,21.142 -1.325,1.648 -2.46,3.42 -3.377,5.316 -0.361,0.71 -0.523,1.115 -0.523,1.115 8.459,-7.181 20.294,-13.362 20.294,-13.362 10.611,-4.993 21.737,-7.451 33.525,-5.837 0,0 24.644,2.263 34.463,25.09 -0.423,0.322 -0.366,0.278 -0.79,0.6 -0.651,-0.526 -1.294,-1.023 -1.926,-1.496 -0.991,-0.651 -1.964,-1.357 -2.937,-2.07 -5.265,-3.485 -9.561,-5.128 -12.12,-5.879 -19.359,-4.887 -37.273,-1.252 -52.93,12.455 -7.253,6.349 -11.754,14.352 -11.944,24.291 -0.124,6.465 -0.19,12.935 -0.136,19.4 0.085,10.181 7.246,17.921 17.394,19.284 20.561,2.759 41.234,3.71 61.948,4.193 3.173,0.073 5.98,0.037 7.457,-3.356 0.025,-0.058 0.363,0.02 0.552,0.035 1.4,4.461 -0.617,9.27 -4.29,11.624" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path56" - inkscape:connector-curvature="0" /></g></g></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/logo_with_text_on_white_bordered.png b/website/assets/logos/logo_with_text_on_white_bordered.png Binary files differdeleted file mode 100644 index bd1a1e4b7..000000000 --- a/website/assets/logos/logo_with_text_on_white_bordered.png +++ /dev/null diff --git a/website/assets/logos/logo_with_text_on_white_bordered.svg b/website/assets/logos/logo_with_text_on_white_bordered.svg deleted file mode 100644 index 08125629d..000000000 --- a/website/assets/logos/logo_with_text_on_white_bordered.svg +++ /dev/null @@ -1,122 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Created with Inkscape (http://www.inkscape.org/) --> - -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - version="1.1" - id="svg2" - xml:space="preserve" - width="607.64587" - height="207.92123" - viewBox="0 0 607.64589 207.92124" - sodipodi:docname="logo_with_text_on_white_bordered.svg" - inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata - id="metadata8"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs - id="defs6"><clipPath - clipPathUnits="userSpaceOnUse" - id="clipPath18"><path - d="M 0,821.614 H 1366 V 0 H 0 Z" - id="path16" - inkscape:connector-curvature="0" /></clipPath></defs><sodipodi:namedview - pagecolor="#ffffff" - bordercolor="#666666" - borderopacity="1" - objecttolerance="10" - gridtolerance="10" - guidetolerance="10" - inkscape:pageopacity="0" - inkscape:pageshadow="2" - inkscape:window-width="640" - inkscape:window-height="480" - id="namedview4" - showgrid="false" - fit-margin-top="0" - fit-margin-left="0" - fit-margin-right="0" - fit-margin-bottom="0" - inkscape:zoom="0.21542963" - inkscape:cx="298.55736" - inkscape:cy="108.65533" - inkscape:window-x="0" - inkscape:window-y="0" - inkscape:window-maximized="0" - inkscape:current-layer="g10" /><g - id="g10" - inkscape:groupmode="layer" - inkscape:label="gvisor_final-logo_20190313" - transform="matrix(1.3333333,0,0,-1.3333333,-612.10927,647.00852)"><g - id="g12"><g - id="g14" - clip-path="url(#clipPath18)"><g - id="g20" - transform="translate(670.7226,400.7367)"><path - d="m 0,0 c -0.687,-5.153 -4.294,-8.246 -10.821,-9.275 -8.933,0.342 -13.571,5.324 -13.914,14.943 0.687,8.245 5.325,12.522 13.914,12.832 C -4.294,17.503 -0.687,14.12 0,8.348 Z m 0,25.715 c -2.404,2.782 -6.527,4.345 -12.367,4.688 -7.902,0 -14,-2.404 -18.294,-7.214 -4.295,-4.81 -6.442,-10.994 -6.442,-18.55 0,-7.903 1.976,-14.172 5.927,-18.811 3.949,-4.638 9.876,-6.956 17.778,-6.956 5.085,0 9.55,1.545 13.398,4.638 v -2.577 c 0,-3.092 -0.971,-5.926 -2.911,-8.502 -1.942,-2.577 -5.66,-3.866 -11.156,-3.866 -5.395,0.344 -9.981,1.89 -13.76,4.638 l -6.699,-7.729 c 5.496,-5.496 13.226,-8.349 23.19,-8.555 l 3.091,0.309 c 6.527,0.275 11.938,2.834 16.233,7.678 4.294,4.844 6.441,10.873 6.441,18.088 V 28.857 L 0,30.403 Z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path22" - inkscape:connector-curvature="0" /></g><g - id="g24" - transform="translate(721.3339,400.388)"><path - d="M 0,0 -19.678,50.387 H -36.935 L -8.326,-20.779 H 8.754 L 37.291,50.387 H 20.034 Z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path26" - inkscape:connector-curvature="0" /></g><path - d="m 762.901,379.609 h 14.429 v 51.583 h -14.429 z" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path28" - inkscape:connector-curvature="0" /><g - id="g30" - transform="translate(770.0126,450.7747)"><path - d="m 0,0 c -2.337,0 -4.191,-0.696 -5.565,-2.088 -1.375,-1.391 -2.062,-3.117 -2.062,-5.179 0,-2.061 0.687,-3.779 2.062,-5.153 1.374,-1.374 3.263,-2.061 5.669,-2.061 2.404,0 4.293,0.687 5.667,2.061 1.375,1.374 2.062,3.092 2.062,5.153 0,2.062 -0.687,3.788 -2.062,5.179 C 4.397,-0.696 2.474,0 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path32" - inkscape:connector-curvature="0" /></g><g - id="g34" - transform="translate(816.4667,407.1781)"><path - d="m 0,0 c -3.264,2.438 -7.455,3.898 -12.573,4.381 -3.471,0.686 -5.789,1.554 -6.957,2.601 -1.168,1.048 -1.168,2.216 0,3.504 1.168,1.289 3.486,1.933 6.957,1.933 3.504,0 6.424,-1.391 8.76,-4.174 l 8.039,9.069 c -2.336,2.302 -4.844,4.038 -7.524,5.206 -2.68,1.167 -6.441,1.751 -11.285,1.751 -4.192,0 -8.271,-1.4 -12.239,-4.199 -3.968,-2.801 -5.951,-6.863 -5.951,-12.187 0,-5.807 1.742,-9.758 5.229,-11.854 3.486,-2.094 7.326,-3.383 11.518,-3.863 4.638,-0.447 7.36,-1.315 8.168,-2.604 0.807,-1.288 0.635,-2.576 -0.515,-3.864 -1.152,-1.289 -3.703,-1.932 -7.653,-1.932 -4.913,0.446 -8.537,2.06 -10.873,4.843 l -7.988,-9.017 c 2.336,-2.337 5.127,-4.201 8.374,-5.592 3.247,-1.392 7.309,-2.087 12.187,-2.087 5.119,0 9.602,1.339 13.45,4.02 3.848,2.679 5.772,6.458 5.772,11.336 C 4.896,-6.683 3.264,-2.44 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path36" - inkscape:connector-curvature="0" /></g><g - id="g38" - transform="translate(861.0429,395.5062)"><path - d="m 0,0 c -2.439,-2.628 -5.616,-3.942 -9.533,-3.942 -3.916,0 -7.095,1.314 -9.533,3.942 -2.44,2.628 -3.66,5.9 -3.66,9.816 0,3.917 1.22,7.198 3.66,9.843 2.438,2.646 5.598,3.968 9.482,3.968 3.949,0 7.145,-1.322 9.584,-3.968 C 2.439,17.014 3.659,13.733 3.659,9.816 3.659,5.9 2.439,2.628 0,0 m -9.481,36.149 c -7.491,0 -13.743,-2.507 -18.758,-7.523 -5.017,-5.017 -7.524,-11.269 -7.524,-18.757 0,-7.456 2.507,-13.7 7.524,-18.732 5.015,-5.034 11.267,-7.55 18.758,-7.55 7.489,0 13.741,2.508 18.757,7.523 5.016,5.016 7.524,11.269 7.524,18.759 0,7.488 -2.508,13.74 -7.524,18.757 -5.016,5.016 -11.268,7.523 -18.757,7.523" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path40" - inkscape:connector-curvature="0" /></g><g - id="g42" - transform="translate(910.0244,431.14)"><path - d="m 0,0 c -5.291,0 -9.773,-1.89 -13.449,-5.668 v 5.72 l -14.43,-1.546 v -50.037 h 14.43 v 31.691 c 2.335,4.845 5.255,7.387 8.76,7.627 3.126,-0.102 5.531,-0.91 7.214,-2.422 L 4.792,-0.412 C 3.28,-0.138 1.683,0 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path44" - inkscape:connector-curvature="0" /></g><g - id="g46" - transform="translate(594.4321,453.1439)"><path - d="m 0,0 c 0,0 -0.204,0.139 -0.45,0.277 -0.906,0.547 -1.856,1 -2.744,1.321 -1.685,0.679 -3.62,1.262 -5.761,1.738 l -2.063,2.533 c -1.793,2.283 -6.09,7.358 -13.132,13.334 -8.142,6.209 -24.212,15.045 -47.595,12.442 -4.578,-0.444 -9.077,-1.318 -13.368,-2.597 l -0.232,-0.068 c -12.978,-3.918 -24.155,-11.512 -33.24,-22.601 -0.6,-0.754 -1.179,-1.504 -1.783,-2.307 l -0.134,-0.191 -0.062,-0.074 c -1.194,-1.596 -2.36,-3.258 -3.485,-4.969 l -0.125,-0.198 c -3.559,-5.915 -6.126,-12.72 -6.85,-14.73 -11.284,-34.556 2.735,-61.502 5.669,-66.567 8.482,-14.4 23.945,-32.461 50.005,-38.975 1.42,-0.354 2.872,-0.676 4.356,-0.96 0.016,-0.004 0.036,-0.009 0.053,-0.013 6.537,-1.118 16.647,-1.928 29.969,-0.317 3.21,0.621 8.236,2.535 8.646,8.445 2.209,0.842 10.261,3.812 10.261,3.812 8.572,3.874 18.586,11.106 24.334,24.546 1.21,2.83 0.277,6.128 -2.171,7.994 l -0.202,0.152 c 0.639,1.557 1.125,3.209 1.488,4.93 l 0.019,0.009 c 0,0 0.063,0.325 0.164,0.854 0.013,0.073 0.028,0.144 0.041,0.215 0.402,2.114 1.294,6.91 1.719,10.035 0.02,0.149 0.029,0.268 0.033,0.371 2.136,14.686 2.099,26.608 -0.156,37.847 1.443,0.114 2.672,1.095 3.106,2.477 l 0.655,2.086 C 9.188,-12.066 6.243,-4.003 0,0" - style="fill:#262262;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path48" - inkscape:connector-curvature="0" /></g><g - id="g50" - transform="translate(551.9267,364.2689)"><path - d="m 0,0 c 16.398,20.796 22.346,43.748 18.045,69.9 3.02,0 5.654,-0.022 8.288,0.007 2.187,0.025 4.374,0.101 6.56,0.172 4.716,0.152 4.743,0.163 5.79,-4.512 C 41.779,51.734 40.83,37.911 38.507,24.1 38.26,22.631 37.817,21.189 37.656,19.715 36.479,8.941 29.625,3.588 19.853,1.08 13.574,-0.531 7.209,-0.816 0,0" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path52" - inkscape:connector-curvature="0" /></g><g - id="g54" - transform="translate(548.4282,396.6898)"><path - d="M 0,0 C 0,2.553 -3.404,4.255 -3.404,4.255 -0.851,5.105 0,8.51 0,8.51 0,8.51 0.851,5.105 3.404,4.255 3.404,4.255 0,2.553 0,0 m -16.835,6.354 c 0,6.638 -8.851,11.063 -8.851,11.063 6.638,2.213 8.851,11.063 8.851,11.063 0,0 2.212,-8.85 8.85,-11.063 0,0 -8.85,-4.425 -8.85,-11.063" - style="fill:#fbb03b;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path56" - inkscape:connector-curvature="0" /></g><g - id="g58" - transform="translate(489.744,429.7865)"><path - d="m 0,0 c 0,0 -2.18,3.308 -9.585,2.026 0,0 5.894,28.296 35.737,38.209 C 26.152,40.235 -2.777,23.901 0,0 m 0.574,-32.696 -0.003,-0.003 c -1.277,-1.994 -2.778,-3.523 -4.46,-4.544 -1.492,-0.919 -3.13,-1.403 -4.67,-1.403 -0.519,0 -1.028,0.055 -1.516,0.167 l -2.174,0.5 2.15,0.593 c 1.605,0.443 3.016,1.325 4.194,2.623 0.997,1.09 1.826,2.447 2.536,4.149 1.158,2.775 1.757,6.066 1.783,9.781 -0.048,3.661 -0.673,6.945 -1.857,9.75 -0.693,1.629 -1.56,3.009 -2.58,4.099 -1.208,1.29 -2.63,2.143 -4.228,2.536 l -2.154,0.529 2.145,0.564 c 0.473,0.125 0.983,0.193 1.516,0.205 l 0.031,0.002 1.662,-0.152 c 1.029,-0.203 2.071,-0.605 3.014,-1.167 1.727,-1.015 3.25,-2.527 4.526,-4.493 2.122,-3.323 3.264,-7.421 3.305,-11.857 C 3.767,-25.296 2.653,-29.4 0.574,-32.696 M 100.951,17.69 c 0,0 -0.074,0.05 -0.223,0.136 -0.532,0.32 -1.095,0.593 -1.688,0.801 -2.997,1.223 -9.729,3.139 -21.568,2.583 -0.029,0 -0.055,0 -0.084,-0.001 C 52.1,20.798 29.559,10.754 29.559,10.754 c 0,0 1.417,1.733 3.4,3.636 0,0 10e-4,0 10e-4,10e-4 1.036,0.958 2.319,2.044 3.853,3.176 0.044,0.031 0.086,0.062 0.122,0.091 8.573,6.286 24.949,13.945 50.829,9.394 -0.615,0.698 -1.254,1.341 -1.887,1.998 l 0.057,-0.009 c 0,0 -5.858,6.886 -16.555,12.616 -0.613,0.331 -1.252,0.659 -1.91,0.985 -0.038,0.018 -0.073,0.038 -0.112,0.057 -0.067,0.033 -0.128,0.057 -0.195,0.089 -8.007,3.888 -19.263,7.05 -33.564,5.458 -3.873,-0.374 -8.015,-1.116 -12.272,-2.399 -0.007,-0.002 -0.013,-0.003 -0.02,-0.005 L 21.304,45.84 c -10,-3.018 -20.632,-9.029 -29.888,-20.328 -0.563,-0.707 -1.105,-1.409 -1.632,-2.109 -0.064,-0.096 -0.138,-0.198 -0.222,-0.301 -1.164,-1.557 -2.236,-3.091 -3.229,-4.602 -3.216,-5.343 -5.544,-11.486 -6.214,-13.337 -10.417,-31.901 2.546,-56.661 5.065,-61.011 8.793,-14.923 24.186,-31.856 49.988,-36.751 0.195,-0.046 0.377,-0.101 0.573,-0.145 1.697,-0.361 4.79,-0.914 8.771,-1.178 1.5,-0.067 3.04,-0.093 4.626,-0.065 1.525,-0.01 2.953,0.016 4.268,0.063 0.39,0.027 0.729,0.04 1.029,0.044 5.023,0.233 8.144,0.762 8.144,0.762 -26.133,1.279 -39.232,13.203 -44.987,20.816 -1.304,1.622 -2.422,3.367 -3.324,5.234 -0.356,0.699 -0.515,1.097 -0.515,1.097 8.328,-7.069 19.98,-13.155 19.98,-13.155 10.449,-4.917 21.402,-7.337 33.008,-5.747 0,0 24.264,2.227 33.932,24.702 -0.417,0.317 -0.361,0.275 -0.777,0.592 -0.642,-0.518 -1.274,-1.007 -1.898,-1.474 -0.975,-0.64 -1.933,-1.336 -2.89,-2.038 -5.184,-3.431 -9.414,-5.048 -11.934,-5.788 -19.06,-4.811 -36.698,-1.232 -52.114,12.263 -7.14,6.251 -11.572,14.131 -11.759,23.917 -0.122,6.365 -0.188,12.734 -0.135,19.101 0.084,10.023 7.135,17.645 17.126,18.986 20.245,2.716 40.598,3.652 60.993,4.129 3.125,0.072 5.888,0.036 7.342,-3.306 0.025,-0.057 0.358,0.021 0.543,0.035 1.379,4.393 -0.607,9.127 -4.223,11.444" - style="fill:#ffffff;fill-opacity:1;fill-rule:nonzero;stroke:none" - id="path60" - inkscape:connector-curvature="0" /></g></g></g></g></svg>
\ No newline at end of file diff --git a/website/assets/logos/powered-gvisor.png b/website/assets/logos/powered-gvisor.png Binary files differdeleted file mode 100644 index e00c74a33..000000000 --- a/website/assets/logos/powered-gvisor.png +++ /dev/null diff --git a/website/blog/2019-11-18-security-basics.md b/website/blog/2019-11-18-security-basics.md deleted file mode 100644 index 938605cc2..000000000 --- a/website/blog/2019-11-18-security-basics.md +++ /dev/null @@ -1,310 +0,0 @@ -# gVisor Security Basics - Part 1 - -This blog is a space for engineers and community members to share perspectives -and deep dives on technology and design within the gVisor project. Though our -logo suggests we're in the business of space exploration (or perhaps fighting -sea monsters), we're actually in the business of sandboxing Linux containers. -When we created gVisor, we had three specific goals in mind; _container-native -security_, _resource efficiency_, and _platform portability_. To put it simply, -gVisor provides _efficient defense-in-depth for containers anywhere_. - -This post addresses gVisor's _container-native security_, specifically how -gVisor provides strong isolation between an application and the host OS. Future -posts will address _resource efficiency_ (how gVisor preserves container -benefits like fast starts, smaller snapshots, and less memory overhead than VMs) -and _platform portability_ (run gVisor wherever Linux OCI containers run). -Delivering on each of these goals requires careful security considerations and a -robust design. - -## What does "sandbox" mean? - -gVisor allows the execution of untrusted containers, preventing them from -adversely affecting the host. This means that the untrusted container is -prevented from attacking or spying on either the host kernel or any other peer -userspace processes on the host. - -For example, if you are a cloud container hosting service, running containers -from different customers on the same virtual machine means that compromises -expose customer data. Properly configured, gVisor can provide sufficient -isolation to allow different customers to run containers on the same host. There -are many aspects to the proper configuration, including limiting file and -network access, which we will discuss in future posts. - -## The cost of compromise - -gVisor was designed around the premise that any security boundary could -potentially be compromised with enough time and resources. We tried to optimize -for a solution that was as costly and time-consuming for an attacker as -possible, at every layer. - -Consequently, gVisor was built through a combination of intentional design -principles and specific technology choices that work together to provide the -security isolation needed for running hostile containers on a host. We'll dig -into it in the next section! - -# Design Principles - -gVisor was designed with some common -[secure design](https://en.wikipedia.org/wiki/Secure_by_design) principles in -mind: Defense-in-Depth, Principle of Least-Privilege, Attack Surface Reduction -and Secure-by-Default[^1]. - -In general, Design Principles outline good engineering practices, but in the -case of security, they also can be thought of as a set of tactics. In a -real-life castle, there is no single defensive feature. Rather, there are many -in combination: redundant walls, scattered draw bridges, small bottle-neck -entrances, moats, etc. - -A simplified version of the design is below -([more detailed version](/docs/))[^2]: - - - -In order to discuss design principles, the following components are important to -know: - -* runsc - binary that packages the Sentry, platform, and Gofer(s) that run - containers. runsc is the drop-in binary for running gVisor in Docker and - Kubernetes. -* Untrusted Application - container running in the sandbox. Untrusted - application/container are used interchangeably in this article. -* Platform Syscall Switcher - intercepts syscalls from the application and - passes them to the Sentry with no further handling. -* Sentry - The "application kernel" in userspace that serves the untrusted - application. Each application instance has its own Sentry. The Sentry - handles syscalls, routes I/O to gofers, and manages memory and CPU, all in - userspace. The Sentry is allowed to make limited, filtered syscalls to the - host OS. -* Gofer - a process that specifically handles different types of I/O for the - Sentry (usually disk I/O). Gofers are also allowed to make filtered syscalls - to the Host OS. -* Host OS - the actual OS on which gVisor containers are running, always some - flavor of Linux (sorry, Windows/MacOS users). - -It is important to emphasize what is being protected from the untrusted -application in this diagram: the host OS and other userspace applications. - -In this post, we are only discussing security-related features of gVisor, and -you might ask, "What about performance, compatibility and stability?" We will -cover these considerations in future posts. - -## Defense-in-Depth - -For gVisor, Defense-in-Depth means each component of the software stack trusts -the other components as little as possible. - -It may seem strange that we would want our own software components to distrust -each other. But by limiting the trust between small, discrete components, each -component is forced to defend itself against potentially malicious input. And -when you stack these components on top of each other, you can ensure that -multiple security barriers must be overcome by an attacker. - -And this leads us to how Defense-in-Depth is applied to gVisor: no single -vulnerability should compromise the host. - -In the "Attacker's Advantage / Defender's Dilemma," the defender must succeed -all the time while the attacker only needs to succeed once. Defense in Depth -inverts this principle: once the attacker successfully compromises any given -software component, they are immediately faced with needing to compromise a -subsequent, distinct layer in order to move laterally or acquire more privilege. - -For example, the untrusted container is isolated from the Sentry. The Sentry is -isolated from host I/O operations by serving those requests in separate -processes called Gofers. And both the untrusted container and its associated -Gofers are isolated from the host process that is running the sandbox. - -An additional benefit is that this generally leads to more robust and stable -software, forcing interfaces to be strictly defined and tested to ensure all -inputs are properly parsed and bounds checked. - -## Least-Privilege - -The principle of Least-Privilege implies that each software component has only -the permissions it needs to function, and no more. - -Least-Privilege is applied throughout gVisor. Each component and more -importantly, each interface between the components, is designed so that only the -minimum level of permission is required for it to perform its function. -Specifically, the closer you are to the untrusted application, the less -privilege you have. - - - -This is evident in how runsc (the drop in gVisor binary for Docker/Kubernetes) -constructs the sandbox. The Sentry has the least privilege possible (it can't -even open a file!). Gofers are only allowed file access, so even if it were -compromised, the host network would be unavailable. Only the runsc binary itself -has full access to the host OS, and even runsc's access to the host OS is often -limited through capabilities / chroot / namespacing. - -Designing a system with Defense-in-Depth and Least-Privilege in mind encourages -small, separate, single-purpose components, each with very restricted -privileges. - -## Attack Surface Reduction - -There are no bugs in unwritten code. In other words, gVisor supports a feature -if and only if it is needed to run host Linux containers. - -### Host Application/Sentry Interface: - -There are a lot of things gVisor does not need to do. For example, it does not -need to support arbitrary device drivers, nor does it need to support video -playback. By not implementing what will not be used, we avoid introducing -potential bugs in our code. - -That is not to say gVisor has limited functionality! Quite the opposite, we -analyzed what is actually needed to run Linux containers and today the Sentry -supports 237 syscalls[^3]<sup>,</sup>[^4], along with the range of critical -/proc and /dev files. However, gVisor does not support every syscall in the -Linux kernel. There are about 350 syscalls[^5] within the 5.3.11 version of the -Linux kernel, many of which do not apply to Linux containers that typically host -cloud-like workloads. For example, we don't support old versions of epoll -(epoll_ctl_old, epoll_wait_old), because they are deprecated in Linux and no -supported workloads use them. - -Furthermore, any exploited vulnerabilities in the implemented syscalls (or -Sentry code in general) only apply to gaining control of the Sentry. More on -this in a later post. - -### Sentry/Host OS Interface: - -The Sentry's interactions with the Host OS are restricted in many ways. For -instance, no syscall is "passed-through" from the untrusted application to the -host OS. All syscalls are intercepted and interpreted. In the case where the -Sentry needs to call the Host OS, we severely limit the syscalls that the Sentry -itself is allowed to make to the host kernel[^6]. - -For example, there are many file-system based attacks, where manipulation of -files or their paths, can lead to compromise of the host[^7]. As a result, the -Sentry does not allow any syscall that creates or opens a file descriptor. All -file descriptors must be donated to the sandbox. By disallowing open or creation -of file descriptors, we eliminate entire categories of these file-based attacks. - -This does not affect functionality though. For example, during startup, runsc -will donate FDs the Sentry that allow for mapping STDIN/STDOUT/STDERR to the -sandboxed application. Also the Gofer may donate an FD to the Sentry, allowing -for direct access to some files. And most files will be remotely accessed -through the Gofers, in which case no FDs are donated to the Sentry. - -The Sentry itself is only allowed access to specific -[allowlisted syscalls](https://github.com/google/gvisor/blob/master/runsc/config/config.go). -Without networking, the Sentry needs 53 host syscalls in order to function, and -with networking, it uses an additional 15[^8]. By limiting the allowlist to only -these needed syscalls, we radically reduce the amount of host OS attack surface. -If any attempts are made to call something outside the allowlist, it is -immediately blocked and the sandbox is killed by the Host OS. - -### Sentry/Gofer Interface: - -The Sentry communicates with the Gofer through a local unix domain socket (UDS) -via a version of the 9P protocol[^9]. The UDS file descriptor is passed to the -sandbox during initialization and all communication between the Sentry and Gofer -happens via 9P. We will go more into how Gofers work in future posts. - -### End Result - -So, of the 350 syscalls in the Linux kernel, the Sentry needs to implement only -237 of them to support containers. At most, the Sentry only needs to call 68 of -the host Linux syscalls. In other words, with gVisor, applications get the vast -majority (and growing) functionality of Linux containers for only 68 possible -syscalls to the Host OS. 350 syscalls to 68 is attack surface reduction. - - - -## Secure-by-default - -The default choice for a user should be safe. If users need to run a less secure -configuration of the sandbox for the sake of performance or application -compatibility, they must make the choice explicitly. - -An example of this might be a networking application that is performance -sensitive. Instead of using the safer, Go-based Netstack in the Sentry, the -untrusted container can instead use the host Linux networking stack directly. -However, this means the untrusted container will be directly interacting with -the host, without the safety benefits of the sandbox. It also means that an -attack could directly compromise the host through his path. - -These less secure configurations are **not** the default. In fact, the user must -take action to change the configuration and run in a less secure mode. -Additionally, these actions make it very obvious that a less secure -configuration is being used. - -This can be as simple as forcing a default runtime flag option to the secure -option. gVisor does this by always using its internal netstack by default. -However, for certain performance sensitive applications, we allow the usage of -the host OS networking stack, but it requires the user to actively set a -flag[^10]. - -# Technology Choices - -Technology choices for gVisor mainly involve things that will give us a security -boundary. - -At a higher level, boundaries in software might be describing a great many -things. It may be discussing the boundaries between threads, boundaries between -processes, boundaries between CPU privilege levels, and more. - -Security boundaries are interfaces that are designed and built so that entire -classes of bugs/vulnerabilities are eliminated. - -For example, the Sentry and Gofers are implemented using Go. Go was chosen for a -number of the features it provided. Go is a fast, statically-typed, compiled -language that has efficient multi-threading support, garbage collection and a -constrained set of "unsafe" operations. - -Using these features enabled safe array and pointer handling. This means entire -classes of vulnerabilities were eliminated, such as buffer overflows and -use-after-free. - -Another example is our use of very strict syscall switching to ensure that the -Sentry is always the first software component that parses and interprets the -calls being made by the untrusted container. Here is an instance where different -platforms use different solutions, but all of them share this common trait, -whether it is through the use of ptrace "a la PTRACE_ATTACH"[^11] or kvm's -ring0[^12]. - -Finally, one of the most restrictive choices was to use seccomp, to restrict the -Sentry from being able to open or create a file descriptor on the host. All file -I/O is required to go through Gofers. Preventing the opening or creation of file -descriptions eliminates whole categories of bugs around file permissions -[like this one](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4557)[^13]. - -# To be continued - Part 2 - -In part 2 of this blog post, we will explore gVisor from an attacker's point of -view. We will use it as an opportunity to examine the specific strengths and -weaknesses of each gVisor component. - -We will also use it to introduce Google's Vulnerability Reward Program[^14], and -other ways the community can contribute to help make gVisor safe, fast and -stable. -<br> -<br> -**Updated (2021-07-14):** this post was updated to use more inclusive language. -<br> - --------------------------------------------------------------------------------- - -[^1]: [https://en.wikipedia.org/wiki/Secure_by_design](https://en.wikipedia.org/wiki/Secure_by_design) -[^2]: [https://gvisor.dev/docs/architecture_guide](https://gvisor.dev/docs/architecture_guide/) -[^3]: [https://github.com/google/gvisor/blob/master/pkg/sentry/syscalls/linux/linux64_amd64.go](https://github.com/google/gvisor/blob/master/pkg/sentry/syscalls/syscalls.go) - -<!-- mdformat off(mdformat formats this into multiple lines) --> -[^4]: Internally that is, it doesn't call to the Host OS to implement them, in fact that is explicitly disallowed, more on that in the future. -<!-- mdformat on --> - -[^5]: [https://elixir.bootlin.com/linux/latest/source/arch/x86/entry/syscalls/syscall_64.tbl#L345](https://elixir.bootlin.com/linux/latest/source/arch/x86/entry/syscalls/syscall_64.tbl#L345) -[^6]: [https://github.com/google/gvisor/tree/master/runsc/boot/filter](https://github.com/google/gvisor/tree/master/runsc/boot/filter) -[^7]: [https://en.wikipedia.org/wiki/Dirty_COW](https://en.wikipedia.org/wiki/Dirty_COW) -[^8]: [https://github.com/google/gvisor/blob/master/runsc/boot/config.go](https://github.com/google/gvisor/blob/master/runsc/boot/config.go) - -<!-- mdformat off(mdformat breaks this url by escaping the parenthesis) --> -[^9]: [https://en.wikipedia.org/wiki/9P_(protocol)](https://en.wikipedia.org/wiki/9P_(protocol)) -<!-- mdformat on --> - -[^10]: [https://gvisor.dev/docs/user_guide/networking/#network-passthrough](https://gvisor.dev/docs/user_guide/networking/#network-passthrough) -[^11]: [https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ptrace/subprocess.go#L390](https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ptrace/subprocess.go#L390) -[^12]: [https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ring0/kernel_amd64.go#L182](https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ring0/kernel_amd64.go#L182) -[^13]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4557) -[^14]: [https://www.google.com/about/appsecurity/reward-program/index.html](https://www.google.com/about/appsecurity/reward-program/index.html) diff --git a/website/blog/2020-04-02-networking-security.md b/website/blog/2020-04-02-networking-security.md deleted file mode 100644 index f3ce02d11..000000000 --- a/website/blog/2020-04-02-networking-security.md +++ /dev/null @@ -1,183 +0,0 @@ -# gVisor Networking Security - -In our -[first blog post](https://gvisor.dev/blog/2019/11/18/gvisor-security-basics-part-1/), -we covered some secure design principles and how they guided the architecture of -gVisor as a whole. In this post, we will cover how these principles guided the -networking architecture of gVisor, and the tradeoffs involved. In particular, we -will cover how these principles culminated in two networking modes, how they -work, and the properties of each. - -## gVisor's security architecture in the context of networking - -Linux networking is complicated. The TCP protocol is over 40 years old, and has -been repeatedly extended over the years to keep up with the rapid pace of -network infrastructure improvements, all while maintaining compatibility. On top -of that, Linux networking has a fairly large API surface. Linux supports -[over 150 options](https://github.com/google/gvisor/blob/960f6a975b7e44c0efe8fd38c66b02017c4fe137/pkg/sentry/strace/socket.go#L476-L644) -for the most common socket types alone. In fact, the net subsystem is one of the -largest and fastest growing in Linux at approximately 1.1 million lines of code. -For comparison, that is several times the size of the entire gVisor codebase. - -At the same time, networking is increasingly important. The cloud era is -arguably about making everything a network service, and in order to make that -work, the interconnect performance is critical. Adding networking support to -gVisor was difficult, not just due to the inherent complexity, but also because -it has the potential to significantly weaken gVisor's security model. - -As outlined in the previous blog post, gVisor's -[secure design principles](https://gvisor.dev/blog/2019/11/18/gvisor-security-basics-part-1/#design-principles) -are: - -1. Defense in Depth: each component of the software stack trusts each other - component as little as possible. -1. Least Privilege: each software component has only the permissions it needs - to function, and no more. -1. Attack Surface Reduction: limit the surface area of the host exposed to the - sandbox. -1. Secure by Default: the default choice for a user should be safe. - -gVisor manifests these principles as a multi-layered system. An application -running in the sandbox interacts with the Sentry, a userspace kernel, which -mediates all interactions with the Host OS and beyond. The Sentry is written in -pure Go with minimal unsafe code, making it less vulnerable to buffer overflows -and related memory bugs that can lead to a variety of compromises including code -injection. It emulates Linux using only a minimal and audited set of Host OS -syscalls that limit the Host OS's attack surface exposed to the Sentry itself. -The syscall restrictions are enforced by running the Sentry with seccomp -filters, which enforce that the Sentry can only use the expected set of -syscalls. The Sentry runs as an unprivileged user and in namespaces, which, -along with the seccomp filters, ensure that the Sentry is run with the Least -Privilege required. - -gVisor's multi-layered design provides Defense in Depth. The Sentry, which does -not trust the application because it may attack the Sentry and try to bypass it, -is the first layer. The sandbox that the Sentry runs in is the second layer. If -the Sentry were compromised, the attacker would still be in a highly restrictive -sandbox which they must also break out of in order to compromise the Host OS. - -To enable networking functionality while preserving gVisor's security -properties, we implemented a -[userspace network stack](https://github.com/google/gvisor/tree/master/pkg/tcpip) -in the Sentry, which we creatively named Netstack. Netstack is also written in -Go, not only to avoid unsafe code in the network stack itself, but also to avoid -a complicated and unsafe Foreign Function Interface. Having its own integrated -network stack allows the Sentry to implement networking operations using up to -three Host OS syscalls to read and write packets. These syscalls allow a very -minimal set of operations which are already allowed (either through the same or -a similar syscall). Moreover, because packets typically come from off-host (e.g. -the internet), the Host OS's packet processing code has received a lot of -scrutiny, hopefully resulting in a high degree of hardening. - - - -## Writing a network stack - -Netstack was written from scratch specifically for gVisor. Because Netstack was -designed and implemented to be modular, flexible and self-contained, there are -now several more projects using Netstack in creative and exciting ways. As we -discussed, a custom network stack has enabled a variety of security-related -goals which would not have been possible any other way. This came at a cost -though. Network stacks are complex and writing a new one comes with many -challenges, mostly related to application compatibility and performance. - -Compatibility issues typically come in two forms: missing features, and features -with behavior that differs from Linux (usually due to bugs). Both of these are -inevitable in an implementation of a complex system spanning many quickly -evolving and ambiguous standards. However, we have invested heavily in this -area, and the vast majority of applications have no issues using Netstack. For -example, -[we now support setting 34 different socket options](https://github.com/google/gvisor/blob/815df2959a76e4a19f5882e40402b9bbca9e70be/pkg/sentry/socket/netstack/netstack.go#L830-L1764) -versus -[only 7 in our initial git commit](https://github.com/google/gvisor/blob/d02b74a5dcfed4bfc8f2f8e545bca4d2afabb296/pkg/sentry/socket/epsocket/epsocket.go#L445-L702). -We are continuing to make good progress in this area. - -Performance issues typically come from TCP behavior and packet processing speed. -To improve our TCP behavior, we are working on implementing the full set of TCP -RFCs. There are many RFCs which are significant to performance (e.g. -[RACK](https://tools.ietf.org/id/draft-ietf-tcpm-rack-03.html) and -[BBR](https://tools.ietf.org/html/draft-cardwell-iccrg-bbr-congestion-control-00)) -that we have yet to implement. This mostly affects TCP performance with -non-ideal network conditions (e.g. cross continent connections). Faster packet -processing mostly improves TCP performance when network conditions are very good -(e.g. within a datacenter). Our primary strategy here is to reduce interactions -with the Go runtime, specifically the garbage collector (GC) and scheduler. We -are currently optimizing buffer management to reduce the amount of garbage, -which will lower the GC cost. To reduce scheduler interactions, we are -re-architecting the TCP implementation to use fewer goroutines. Performance -today is good enough for most applications and we are making steady -improvements. For example, since May of 2019, we have improved the Netstack -runsc -[iperf3 download benchmark](https://github.com/google/gvisor/tree/master/test/benchmarks/network) -score by roughly 15% and upload score by around 10,000X. Current numbers are -about 17 Gbps download and about 8 Gbps upload versus about 42 Gbps and 43 Gbps -for native (Linux) respectively. - -## An alternative - -We also offer an alternative network mode: passthrough. This name can be -misleading as syscalls are never passed through from the app to the Host OS. -Instead, the passthrough mode implements networking in gVisor using the Host -OS's network stack. (This mode is called -[hostinet](https://github.com/google/gvisor/tree/master/pkg/sentry/socket/hostinet) -in the codebase.) Passthrough mode can improve performance for some use cases as -the Host OS's network stack has had an enormous number of person-years poured -into making it highly performant. However, there is a rather large downside to -using passthrough mode: it weakens gVisor's security model by increasing the -Host OS's Attack Surface. This is because using the Host OS's network stack -requires the Sentry to use the Host OS's -[Berkeley socket interface](https://en.wikipedia.org/wiki/Berkeley_sockets). The -Berkeley socket interface is a much larger API surface than the packet interface -that our network stack uses. When passthrough mode is in use, the Sentry is -allowed to use -[15 additional syscalls](https://github.com/google/gvisor/blob/b1576e533223e98ebe4bd1b82b04e3dcda8c4bf1/runsc/boot/filter/config.go#L312-L517). -Further, this set of syscalls includes some that allow the Sentry to create file -descriptors, something that -[we don't normally allow](https://gvisor.dev/blog/2019/11/18/gvisor-security-basics-part-1/#sentry-host-os-interface) -as it opens up classes of file-based attacks. - -There are some networking features that we can't implement on top of syscalls -that we feel are safe (most notably those behind -[ioctl](http://man7.org/linux/man-pages/man2/ioctl.2.html)) and therefore are -not supported. Because of this, we actually support fewer networking features in -passthrough mode than we do in Netstack, reducing application compatibility. -That's right: using our networking stack provides better overall application -compatibility than using our passthrough mode. - -That said, gVisor with passthrough networking still provides a high level of -isolation. Applications cannot specify host syscall arguments directly, and the -sentry's seccomp policy restricts its syscall use significantly more than a -general purpose seccomp policy. - -## Secure by Default - -The goal of the Secure by Default principle is to make it easy to securely -sandbox containers. Of course, disabling network access entirely is the most -secure option, but that is not practical for most applications. To make gVisor -Secure by Default, we have made Netstack the default networking mode in gVisor -as we believe that it provides significantly better isolation. For this reason -we strongly caution users from changing the default unless Netstack flat out -won't work for them. The passthrough mode option is still provided, but we want -users to make an informed decision when selecting it. - -Another way in which gVisor makes it easy to securely sandbox containers is by -allowing applications to run unmodified, with no special configuration needed. -In order to do this, gVisor needs to support all of the features and syscalls -that applications use. Neither seccomp nor gVisor's passthrough mode can do this -as applications commonly use syscalls which are too dangerous to be included in -a secure policy. Even if this dream isn't fully realized today, gVisor's -architecture with Netstack makes this possible. - -## Give Netstack a Try - -If you haven't already, try running a workload in gVisor with Netstack. You can -find instructions on how to get started in our -[Quick Start](/docs/user_guide/quick_start/docker/). We want to hear about both -your successes and any issues you encounter. We welcome your contributions, -whether that be verbal feedback or code contributions, via our -[Gitter channel](https://gitter.im/gvisor/community), -[email list](https://groups.google.com/forum/#!forum/gvisor-users), -[issue tracker](https://gvisor.dev/issue/new), and -[Github repository](https://github.com/google/gvisor). Feel free to express -interest in an [open issue](https://gvisor.dev/issue/), or reach out if you -aren't sure where to start. diff --git a/website/blog/2020-09-18-containing-a-real-vulnerability.md b/website/blog/2020-09-18-containing-a-real-vulnerability.md deleted file mode 100644 index 8a6f7bbf1..000000000 --- a/website/blog/2020-09-18-containing-a-real-vulnerability.md +++ /dev/null @@ -1,226 +0,0 @@ -# Containing a Real Vulnerability - -In the previous two posts we talked about gVisor's -[security design principles](https://gvisor.dev/blog/2019/11/18/gvisor-security-basics-part-1/) -as well as how those are applied in the -[context of networking](https://gvisor.dev/blog/2020/04/02/gvisor-networking-security/). -Recently, a new container escape vulnerability -([CVE-2020-14386](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14386)) -was announced that ties these topics well together. gVisor is -[not vulnerable](https://seclists.org/oss-sec/2020/q3/168) to this specific -issue, but it provides an interesting case study to continue our exploration of -gVisor's security. While gVisor is not immune to vulnerabilities, -[we take several steps](https://gvisor.dev/security/) to minimize the impact and -remediate if a vulnerability is found. - -## Escaping the Container - -First, let’s describe how the discovered vulnerability works. There are numerous -ways one can send and receive bytes over the network with Linux. One of the most -performant ways is to use a ring buffer, which is a memory region shared by the -application and the kernel. These rings are created by calling -[setsockopt(2)](https://man7.org/linux/man-pages/man2/setsockopt.2.html) with -[`PACKET_RX_RING`](https://man7.org/linux/man-pages/man7/packet.7.html) for -receiving and -[`PACKET_TX_RING`](https://man7.org/linux/man-pages/man7/packet.7.html) for -sending packets. - -The vulnerability is in the code that reads packets when `PACKET_RX_RING` is -enabled. There is another option -([`PACKET_RESERVE`](https://man7.org/linux/man-pages/man7/packet.7.html)) that -asks the kernel to leave some space in the ring buffer before each packet for -anything the application needs, e.g. control structures. When a packet is -received, the kernel calculates where to copy the packet to, taking the amount -reserved before each packet into consideration. If the amount reserved is large, -the kernel performed an incorrect calculation which could cause an overflow -leading to an out-of-bounds write of up to 10 bytes, controlled by the attacker. -The data in the write is easily controlled using the loopback to send a crafted -packet and receiving it using a `PACKET_RX_RING` with a carefully selected -`PACKET_RESERVE` size. - -```c -static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, - struct packet_type *pt, struct net_device *orig_dev) -{ -// ... - if (sk->sk_type == SOCK_DGRAM) { - macoff = netoff = TPACKET_ALIGN(po->tp_hdrlen) + 16 + - po->tp_reserve; - } else { - unsigned int maclen = skb_network_offset(skb); - // tp_reserve is unsigned int, netoff is unsigned short. - // Addition can overflow netoff - netoff = TPACKET_ALIGN(po->tp_hdrlen + - (maclen < 16 ? 16 : maclen)) + - po->tp_reserve; - if (po->has_vnet_hdr) { - netoff += sizeof(struct virtio_net_hdr); - do_vnet = true; - } - // Attacker controls netoff and can make macoff be smaller - // than sizeof(struct virtio_net_hdr) - macoff = netoff - maclen; - } -// ... - // "macoff - sizeof(struct virtio_net_hdr)" can be negative, - // resulting in a pointer before h.raw - if (do_vnet && - virtio_net_hdr_from_skb(skb, h.raw + macoff - - sizeof(struct virtio_net_hdr), - vio_le(), true, 0)) { -// ... -``` - -The [`CAP_NET_RAW`](https://man7.org/linux/man-pages/man7/capabilities.7.html) -capability is required to create the socket above. However, in order to support -common debugging tools like `ping` and `tcpdump`, Docker containers, including -those created for Kubernetes, are given `CAP_NET_RAW` by default and thus may be -able to trigger this vulnerability to elevate privileges and escape the -container. - -Next, we are going to explore why this vulnerability doesn’t work in gVisor, and -how gVisor could prevent the escape even if a similar vulnerability existed -inside gVisor’s kernel. - -## Default Protections - -gVisor does not implement `PACKET_RX_RING`, but **does** support raw sockets -which are required for `PACKET_RX_RING`. Raw sockets are a controversial feature -to support in a sandbox environment. While it allows great customizations for -essential tools like `ping`, it may allow packets to be written to the network -without any validation. In general, allowing an untrusted application to write -crafted packets to the network is a questionable idea and a historical source of -vulnerabilities. With that in mind, if `CAP_NET_RAW` is enabled by default, it -would not be _secure by default_ to run untrusted applications. - -After multiple discussions when raw sockets were first implemented, we decided -to disable raw sockets by default, **even if `CAP_NET_RAW` is given to the -application**. Instead, enabling raw sockets in gVisor requires the admin to set -`--net-raw` flag to runsc when configuring the runtime, in addition to requiring -the `CAP_NET_RAW` capability in the application. It comes at the expense that -some tools may not work out of the box, but as part of our -[secure-by-default](https://gvisor.dev/blog/2019/11/18/gvisor-security-basics-part-1/#secure-by-default) -principle, we felt that it was important for the “less secure” configuration to -be explicit. - -Since this bug was due to an overflow in the specific Linux implementation of -the packet ring, gVisor's raw socket implementation is not affected. However, if -there were a vulnerability in gVisor, containers would not be allowed to exploit -it by default. - -As an alternative way to implement this same constraint, Kubernetes allows -[admission controllers](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/) -to be configured to customize requests. Cloud providers can use this to -implement more stringent policies. For example, GKE implements an admission -controller for gVisor that -[removes `CAP_NET_RAW` from gVisor pods](https://cloud.google.com/kubernetes-engine/docs/concepts/sandbox-pods#capabilities) -unless it has been explicitly set in the pod spec. - -## Isolated Kernel - -gVisor has its own application kernel, called the Sentry, that is distinct from -the host kernel. Just like what you would expect from a kernel, gVisor has a -memory management subsystem, virtual file system, and a full network stack. The -host network is only used as a transport to carry packets in and out the -sandbox[^1]. The loopback interface which is used in the exploit stays -completely inside the sandbox, never reaching the host. - -Therefore, even if the Sentry was vulnerable to the attack, there would be two -factors that would prevent a container escape from happening. First, the -vulnerability would be limited to the Sentry, and the attacker would compromise -only the application kernel, bound by a restricted set of -[seccomp](https://en.wikipedia.org/wiki/Seccomp) filters, discussed more in -depth below. Second, the Sentry is a distinct implementation of the API, written -in Go, which provides bounds checking that would have likely prevented access -past the bounds of the shared region (e.g. see -[aio](https://cs.opensource.google/gvisor/gvisor/+/master:pkg/sentry/syscalls/linux/vfs2/aio.go;l=210;drc=a11061d78a58ed75b10606d1a770b035ed944b66?q=file:aio&ss=gvisor%2Fgvisor) -or -[kcov](https://cs.opensource.google/gvisor/gvisor/+/master:pkg/sentry/kernel/kcov.go;l=272?q=file:kcov&ss=gvisor%2Fgvisor), -which have similar shared regions). - -Here, Kubernetes warrants slightly more explanation. gVisor makes pods the unit -of isolation and a pod can run multiple containers. In other words, each pod is -a gVisor instance, and each container is a set of processes running inside -gVisor, isolated via Sentry-internal namespaces like regular containers inside a -pod. If there were a vulnerability in gVisor, the privilege escalation would -allow a container inside the pod to break out to other **containers inside the -same pod**, but the container still **cannot break out of the pod**. - -## Defense in Depth - -gVisor follows a -[common security principle used at Google](https://cloud.google.com/security/infrastructure/design/resources/google_infrastructure_whitepaper_fa.pdf) -that the system should have two layers of protection, and those layers should -require different compromises to be broken. We apply this principle by assuming -that the Sentry (first layer of defense) -[will be compromised and should not be trusted](https://gvisor.dev/blog/2019/11/18/gvisor-security-basics-part-1/#defense-in-depth). -In order to protect the host kernel from a compromised Sentry, we wrap it around -many security and isolations features to ensure only the minimal set of -functionality from the host kernel is exposed. - - - -First, the sandbox runs inside a cgroup that can limit and throttle host -resources being used. Second, the sandbox joins empty namespaces, including user -and mount, to further isolate from the host. Next, it changes the process root -to a read-only directory that contains only `/proc` and nothing else. Then, it -executes with the unprivileged user/group -[`nobody`](https://en.wikipedia.org/wiki/Nobody_\(username\)) with all -capabilities stripped. Last and most importantly, a seccomp filter is added to -tightly restrict what parts of the Linux syscall surface that gVisor is allowed -to access. The allowed host surface is a far smaller set of syscalls than the -Sentry implements for applications to use. Not only restricting the syscall -being called, but also checking that arguments to these syscalls are within the -expected set. Dangerous syscalls like <code>execve(2)</code>, -<code>open(2)</code>, and <code>socket(2)</code> are prohibited, thus an -attacker isn’t able to execute binaries or acquire new resources on the host. - -if there were a vulnerability in gVisor that allowed an attacker to execute code -inside the Sentry, the attacker still has extremely limited privileges on the -host. In fact, a compromised Sentry is much more restricted than a -non-compromised regular container. For CVE-2020-14386 in particular, the attack -would be blocked by more than one security layer: non-privileged user, no -capability, and seccomp filters. - -Although the surface is drastically reduced, there is still a chance that there -is a vulnerability in one of the allowed syscalls. That’s why it’s important to -keep the surface small and carefully consider what syscalls are allowed. You can -find the full set of allowed syscalls -[here](https://cs.opensource.google/gvisor/gvisor/+/master:runsc/boot/filter/). - -Another possible attack vector is resources that are present in the Sentry, like -open file descriptors. The Sentry has file descriptors that an attacker could -potentially use, such as log files, platform files (e.g. `/dev/kvm`), an RPC -endpoint that allows external communication with the Sentry, and a Netstack -endpoint that connects the sandbox to the network. The Netstack endpoint in -particular is a concern because it gives direct access to the network. It’s an -`AF_PACKET` socket that allows arbitrary L2 packets to be written to the -network. In the normal case, Netstack assembles packets that go out the network, -giving the container control over only the payload. But if the Sentry is -compromised, an attacker can craft packets to the network. In many ways this is -similar to anyone sending random packets over the internet, but still this is a -place where the host kernel surface exposed is larger than we would like it to -be. - -## Conclusion - -Security comes with many tradeoffs that are often hard to make, such as the -decision to disable raw sockets by default. However, these tradeoffs have served -us well, and we've found them to have paid off over time. CVE-2020-14386 offers -great insight into how multiple layers of protection can be effective against -such an attack. - -We cannot guarantee that a container escape will never happen in gVisor, but we -do our best to make it as hard as we possibly can. - -If you have not tried gVisor yet, it’s easier than you think. Just follow the -steps [here](https://gvisor.dev/docs/user_guide/install/). -<br> -<br> - --------------------------------------------------------------------------------- - -[^1]: Those packets are eventually handled by the host, as it needs to route - them to local containers or send them out the NIC. The packet will be - handled by many switches, routers, proxies, servers, etc. along the way, - which may be subject to their own vulnerabilities. diff --git a/website/blog/2020-10-22-platform-portability.md b/website/blog/2020-10-22-platform-portability.md deleted file mode 100644 index 4d82940f9..000000000 --- a/website/blog/2020-10-22-platform-portability.md +++ /dev/null @@ -1,120 +0,0 @@ -# Platform Portability - -Hardware virtualization is often seen as a requirement to provide an additional -isolation layer for untrusted applications. However, hardware virtualization -requires expensive bare-metal machines or cloud instances to run safely with -good performance, increasing cost and complexity for Cloud users. gVisor, -however, takes a more flexible approach. - -One of the pillars of gVisor's architecture is portability, allowing it to run -anywhere that runs Linux. Modern Cloud-Native applications run in containers in -many different places, from bare metal to virtual machines, and can't always -rely on nested virtualization. It is important for gVisor to be able to support -the environments where you run containers. - -gVisor achieves portability through an abstraction called a _Platform_. -Platforms can have many implementations, and each implementation can cover -different environments, making use of available software or hardware features. - -## Background - -Before we can understand how gVisor achieves portability using platforms, we -should take a step back and understand how applications interact with their -host. - -Container sandboxes can provide an isolation layer between the host and -application by virtualizing one of the layers below it, including the hardware -or operating system. Many sandboxes virtualize the hardware layer by running -applications in virtual machines. gVisor takes a different approach by -virtualizing the OS layer. - -When an application is run in a normal situation the host operating system loads -the application into user memory and schedules it for execution. The operating -system scheduler eventually schedules the application to a CPU and begins -executing it. It then handles the application's requests, such as for memory and -the lifecycle of the application. gVisor virtualizes these interactions, such as -system calls, and context switching that happen between an application and OS. - -[System calls](https://en.wikipedia.org/wiki/System_call) allow applications to -ask the OS to perform some task for it. System calls look like a normal function -call in most programming languages though works a bit differently under the -hood. When an application system call is encountered some special processing -takes place to do a -[context switch](https://en.wikipedia.org/wiki/Context_switch) into kernel mode -and begin executing code in the kernel before returning a result to the -application. Context switching may happen in other situations as well. For -example, to respond to an interrupt. - -## The Platform Interface - -gVisor provides a sandbox which implements the Linux OS interface, intercepting -OS interactions such as system calls and implements them in the sandbox kernel. - -It does this to limit interactions with the host, and protect the host from an -untrusted application running in the sandbox. The Platform is the bottom layer -of gVisor which provides the environment necessary for gVisor to control and -manage applications. In general, the Platform must: - -1. Provide the ability to create and manage memory address spaces. -2. Provide execution contexts for running applications in those memory address - spaces. -3. Provide the ability to change execution context and return control to gVisor - at specific times (e.g. system call, page fault) - -This interface is conceptually simple, but very powerful. Since the Platform -interface only requires these three capabilities, it gives gVisor enough control -for it to act as the application's OS, while still allowing the use of very -different isolation technologies under the hood. You can learn more about the -Platform interface in the -[Platform Guide](https://gvisor.dev/docs/architecture_guide/platforms/). - -## Implementations of the Platform Interface - -While gVisor can make use of technologies like hardware virtualization, it -doesn't necessarily rely on any one technology to provide a similar level of -isolation. The flexibility of the Platform interface allows for implementations -that use technologies other than hardware virtualization. This allows gVisor to -run in VMs without nested virtualization, for example. By providing an -abstraction for the underlying platform, each implementation can make various -tradeoffs regarding performance or hardware requirements. - -Currently gVisor provides two gVisor Platform implementations; the Ptrace -Platform, and the KVM Platform, each using very different methods to implement -the Platform interface. - - - -The Ptrace Platform uses -[PTRACE\_SYSEMU](http://man7.org/linux/man-pages/man2/ptrace.2.html) to trap -syscalls, and uses the host for memory mapping and context switching. This -platform can run anywhere that ptrace is available, which includes most Linux -systems, VMs or otherwise. - -The KVM Platform uses virtualization, but in an unconventional way. gVisor runs -in a virtual machine but as both guest OS and VMM, and presents no virtualized -hardware layer. This provides a simpler interface that can avoid hardware -initialization for fast start up, while taking advantage of hardware -virtualization support to improve memory isolation and performance of context -switching. - -The flexibility of the Platform interface allows for a lot of room to improve -the existing KVM and ptrace platforms, as well as the ability to utilize new -methods for improving gVisor's performance or portability in future Platform -implementations. - -## Portability - -Through the Platform interface, gVisor is able to support bare metal, virtual -machines, and Cloud environments while still providing a highly secure sandbox -for running untrusted applications. This is especially important for Cloud and -Kubernetes users because it allows gVisor to run anywhere that Kubernetes can -run and provide similar experiences in multi-region, hybrid, multi-platform -environments. - -Give gVisor's open source platforms a try. Using a Platform is as easy as -providing the `--platform` flag to `runsc`. See the documentation on -[changing platforms](https://gvisor.dev/docs/user_guide/platforms/) for how to -use different platforms with Docker. We would love to hear about your experience -so come chat with us in our -[Gitter channel](https://gitter.im/gvisor/community), or send us an -[issue on Github](https://gvisor.dev/issue) if you run into any problems. diff --git a/website/blog/2021-08-31-gvisor-rack.md b/website/blog/2021-08-31-gvisor-rack.md deleted file mode 100644 index e7d4582e4..000000000 --- a/website/blog/2021-08-31-gvisor-rack.md +++ /dev/null @@ -1,120 +0,0 @@ -# gVisor RACK - -gVisor has implemented the [RACK](https://datatracker.ietf.org/doc/html/rfc8985) -(Recent ACKnowledgement) TCP loss-detection algorithm in our network stack, -which improves throughput in the presence of packet loss and reordering. - -TCP is a connection-oriented protocol that detects and recovers from loss by -retransmitting packets. [RACK](https://datatracker.ietf.org/doc/html/rfc8985) is -one of the recent loss-detection methods implemented in Linux and BSD, which -helps in identifying packet loss quickly and accurately in the presence of -packet reordering and tail losses. - -## Background - -The TCP congestion window indicates the number of unacknowledged packets that -can be sent at any time. When packet loss is identified, the congestion window -is reduced depending on the type of loss. The sender will recover from the loss -after all the packets sent before reducing the congestion window are -acknowledged. If the loss is identified falsely by the connection, then the -connection enters loss recovery unnecessarily, resulting in sending fewer -packets. - -Packet loss is identified mainly in two ways: - -1. Three duplicate acknowledgments, which will result in either - [Fast](https://datatracker.ietf.org/doc/html/rfc2001#section-4) or - [SACK](https://datatracker.ietf.org/doc/html/rfc6675) recovery. The - congestion window is reduced depending on the type of congestion control - algorithm. For example, in the - [Reno](https://en.wikipedia.org/wiki/TCP_congestion_control#TCP_Tahoe_and_Reno) - algorithm it is reduced to half. -2. RTO (Retransmission Timeout) which will result in Timeout recovery. The - congestion window is reduced to one - [MSS](https://en.wikipedia.org/wiki/Maximum_segment_size). - -Both of these cases result in reducing the congestion window, with RTO being -more expensive. Most of the existing algorithms do not detect packet reordering, -which get incorrectly identified as packet loss, resulting in an RTO. -Furthermore, the loss of an ACK at the end of a sequence (known as "tail loss") -will also trigger RTO and slow down future transmissions unnecessarily. RACK -helps us to identify loss accurately in all these scenarios, and will avoid -entering RTO. - -## Implementation of RACK - -Implementation of RACK requires support for: - -1. Per-packet transmission timestamps: RACK detects loss depending on the - transmission times of the packet and the timestamp at which ACK was - received. -2. SACK and ability to detect DSACK: Selective Acknowledgement and Duplicate - SACK are used to adjust the timer window after which a packet can be marked - as lost. - -### Packet Reordering - -Packet reordering commonly occurs when different packets take different paths -through a network. The diagram below shows the transmission of four packets -which get reordered in transmission, and the resulting TCP behavior with and -without RACK. - - - -In the above example, the sender sees three duplicate acknowledgments. Without -RACK, this is identified falsely as packet loss, and the congestion window will -be reduced after entering Fast/SACK recovery. - -To detect packet reordering, RACK uses a reorder window, bounded between -[[RTT](https://en.wikipedia.org/wiki/Round-trip_delay)/4, RTT]. The reorder -timer is set to expire after _RTT+reorder\_window_. A packet is marked as lost -when the packets following it were acknowledged using SACK and the reorder timer -expires. The reorder window is increased when a DSACK is received (which -indicates that there is a higher degree of reordering). - -### Tail Loss - -Tail loss occurs when the packets are lost at the end of data transmission. The -diagram below shows an example of tail loss when the last three packets are -lost, and how it is handled with and without RACK. - - - -For tail losses, RACK uses a Tail Loss Probe (TLP), which relies on a timer for -the last packet sent. The TLP timer is set to _2 \* RTT,_ after which a probe is -sent. The probe packet will allow the connection one more chance to detect a -loss by triggering ACK feedback to avoid entering RTO. In the above example, the -loss is recovered without entering the RTO. - -TLP will also help in cases where the ACK was lost but all the packets were -received by the receiver. The below diagram shows that the ACK received for the -probe packet avoided the RTO. - - - -If there was some loss, then the ACK for the probe packet will have the SACK -blocks, which will be used to detect and retransmit the lost packets. - -In gVisor, we have support for -[NewReno](https://datatracker.ietf.org/doc/html/rfc6582) and SACK loss recovery -methods. We -[added support for RACK](https://github.com/google/gvisor/issues/5243) recently, -and it is the default when SACK is enabled. After enabling RACK, our internal -benchmarks in the presence of reordering and tail losses and the data we took -from internal users inside Google have shown ~50% reduction in the number of -RTOs. - -While RACK has improved one aspect of TCP performance by reducing the timeouts -in the presence of reordering and tail losses, in gVisor we plan to implement -the undoing of congestion windows and -[BBRv2](https://datatracker.ietf.org/doc/html/draft-cardwell-iccrg-bbr-congestion-control) -(once there is an RFC available) to further improve TCP performance in less -ideal network conditions. - -If you haven’t already, try gVisor. The instructions to get started are in our -[Quick Start](https://gvisor.dev/docs/user_guide/quick_start/docker/). You can -also get involved with the gVisor community via our -[Gitter channel](https://gitter.im/gvisor/community), -[email list](https://groups.google.com/forum/#!forum/gvisor-users), -[issue tracker](https://gvisor.dev/issue/new), and -[Github repository](https://github.com/google/gvisor). diff --git a/website/blog/BUILD b/website/blog/BUILD deleted file mode 100644 index 0384b9ba9..000000000 --- a/website/blog/BUILD +++ /dev/null @@ -1,68 +0,0 @@ -load("//website:defs.bzl", "doc", "docs") - -package( - default_visibility = ["//website:__pkg__"], - licenses = ["notice"], -) - -exports_files(["index.html"]) - -doc( - name = "security_basics", - src = "2019-11-18-security-basics.md", - authors = [ - "jsprad", - "zkoopmans", - ], - layout = "post", - permalink = "/blog/2019/11/18/gvisor-security-basics-part-1/", -) - -doc( - name = "networking_security", - src = "2020-04-02-networking-security.md", - authors = [ - "igudger", - ], - layout = "post", - permalink = "/blog/2020/04/02/gvisor-networking-security/", -) - -doc( - name = "containing_a_real_vulnerability", - src = "2020-09-18-containing-a-real-vulnerability.md", - authors = [ - "fvoznika", - ], - layout = "post", - permalink = "/blog/2020/09/18/containing-a-real-vulnerability/", -) - -doc( - name = "platform_portability", - src = "2020-10-22-platform-portability.md", - authors = [ - "ianlewis", - "mpratt", - ], - layout = "post", - permalink = "/blog/2020/10/22/platform-portability/", -) - -doc( - name = "gvisor-rack", - src = "2021-08-31-gvisor-rack.md", - authors = [ - "nybidari", - ], - layout = "post", - permalink = "/blog/2021/08/31/gvisor-rack/", -) - -docs( - name = "posts", - deps = [ - ":" + rule - for rule in existing_rules() - ], -) diff --git a/website/blog/README.md b/website/blog/README.md deleted file mode 100644 index e1d685288..000000000 --- a/website/blog/README.md +++ /dev/null @@ -1,62 +0,0 @@ -# gVisor blog - -The gVisor blog is owned and run by the gVisor team. - -## Contact - -Reach out to us on [gitter](https://gitter.im/gvisor/community) or the -[mailing list](https://groups.google.com/forum/#!forum/gvisor-users) if you -would like to write a blog post. - -## Submit a Post - -Anyone can write a blog post and submit it for review. Purely commercial content -or vendor pitches are not allowed. Please refer to the -[blog guidelines](#blog-guidelines) for more guidance about content is that -allowed. - -To submit a blog post, follow the steps below. - -1. [Sign the Contributor License Agreements](https://gvisor.dev/contributing/) - if you have not yet done so. -1. Familiarize yourself with the Markdown format for the - [existing blog posts](https://github.com/google/gvisor/tree/master/website/blog). -1. Write your blog post in a text editor of your choice. -1. (Optional) If you need help with markdown, check out - [StakEdit](https://stackedit.io/app#) or read - [Jekyll's formatting reference](https://jekyllrb.com/docs/posts/#creating-posts) - for more information. -1. Click **Add file** > **Create new file**. -1. Paste your content into the editor and save it. Name the file in the - following way: *[BLOG] Your proposed title* , but don’t put the date in the - file name. The blog reviewers will work with you on the final file name, and - the date on which the blog will be published. -1. When you save the file, GitHub will walk you through the pull request (PR) - process. -1. Send us a message on [gitter](https://gitter.im/gvisor/community) with a - link to your recently created PR. -1. A reviewer will be assigned to the pull request. They check your submission, - and work with you on feedback and final details. When the pull request is - approved, the blog will be scheduled for publication. - -### Blog Guidelines {#blog-guidelines} - -#### Suitable content: - -- **Original content only** -- gVisor features or project updates -- Tutorials and demos -- Use cases -- Content that is specific to a vendor or platform about gVisor installation - and use - -#### Unsuitable Content: - -- Blogs with no content relevant to gVisor -- Vendor pitches - -## Review Process - -Each blog post should be approved by at least one person on the team. Once all -of the review comments have been addressed and approved, a member of the team -will schedule publication of the blog post. diff --git a/website/blog/index.html b/website/blog/index.html deleted file mode 100644 index 272917fc4..000000000 --- a/website/blog/index.html +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: Blog -layout: blog -feed: true -pagination: - enabled: true ---- - -{% for post in paginator.posts %} -<div> - <h2><a href="{{ post.url }}">{{ post.title }}</a></h2> - <div class="blog-meta"> - {% include byline.html authors=post.authors date=post.date %} - </div> - <p>{{ post.excerpt | strip_html }}</p> - <p><a href="{{ post.url }}">Full Post »</a></p> -</div> -{% endfor %} - -{% if paginator.total_pages > 1 %} -{% include paginator.html %} -{% endif %} - -<hr> - -If you would like to contribute to the gVisor blog check out the -<a href="https://github.com/google/gvisor/tree/master/website/blog">instructions</a>. diff --git a/website/cmd/server/BUILD b/website/cmd/server/BUILD deleted file mode 100644 index e4cf91e07..000000000 --- a/website/cmd/server/BUILD +++ /dev/null @@ -1,13 +0,0 @@ -load("//tools:defs.bzl", "go_binary") - -package(licenses = ["notice"]) - -go_binary( - name = "server", - srcs = ["main.go"], - pure = True, - visibility = ["//website:__pkg__"], - deps = [ - "@com_github_google_pprof//driver:go_default_library", - ], -) diff --git a/website/cmd/server/main.go b/website/cmd/server/main.go deleted file mode 100644 index 1e5b56fbb..000000000 --- a/website/cmd/server/main.go +++ /dev/null @@ -1,393 +0,0 @@ -// Copyright 2019 The gVisor Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Server is the main gvisor.dev binary. -package main - -import ( - "flag" - "fmt" - "log" - "net/http" - "net/url" - "os" - "path" - "regexp" - "strings" - - "github.com/google/pprof/driver" -) - -var redirects = map[string]string{ - // GitHub redirects. - "/change": "https://github.com/google/gvisor", - "/issue": "https://github.com/google/gvisor/issues", - "/issues": "https://github.com/google/gvisor/issues", - "/issue/new": "https://github.com/google/gvisor/issues/new", - "/pr": "https://github.com/google/gvisor/pulls", - - // For links. - "/faq": "/docs/user_guide/faq/", - - // From 2020-05-12 to 2020-06-30, the FAQ URL was uppercase. Redirect that - // back to maintain any links. - "/docs/user_guide/FAQ/": "/docs/user_guide/faq/", - - // Redirects to compatibility docs. - "/c": "/docs/user_guide/compatibility/", - "/c/linux/amd64": "/docs/user_guide/compatibility/linux/amd64/", - - // Redirect for old URLs. - "/docs/user_guide/compatibility/amd64/": "/docs/user_guide/compatibility/linux/amd64/", - "/docs/user_guide/compatibility/amd64": "/docs/user_guide/compatibility/linux/amd64/", - "/docs/user_guide/kubernetes/": "/docs/user_guide/quick_start/kubernetes/", - "/docs/user_guide/kubernetes": "/docs/user_guide/quick_start/kubernetes/", - "/docs/user_guide/oci/": "/docs/user_guide/quick_start/oci/", - "/docs/user_guide/oci": "/docs/user_guide/quick_start/oci/", - "/docs/user_guide/docker/": "/docs/user_guide/quick_start/docker/", - "/docs/user_guide/docker": "/docs/user_guide/quick_start/docker/", - "/blog/2020/09/22/platform-portability": "/blog/2020/10/22/platform-portability/", - "/blog/2020/09/22/platform-portability/": "/blog/2020/10/22/platform-portability/", - - // Deprecated, but links continue to work. - "/cl": "https://gvisor-review.googlesource.com", - - // Access package documentation. - "/gvisor": "https://pkg.go.dev/gvisor.dev/gvisor", - - // Code search root. - "/cs": "https://cs.opensource.google/gvisor/gvisor", -} - -type prefixInfo struct { - baseURL string - checkValidID bool - queryEscape bool -} - -var prefixHelpers = map[string]prefixInfo{ - "change": {baseURL: "https://github.com/google/gvisor/commit/%s", checkValidID: true}, - "issue": {baseURL: "https://github.com/google/gvisor/issues/%s", checkValidID: true}, - "issues": {baseURL: "https://github.com/google/gvisor/issues/%s", checkValidID: true}, - "pr": {baseURL: "https://github.com/google/gvisor/pull/%s", checkValidID: true}, - - // Redirects to compatibility docs. - "c/linux/amd64": {baseURL: "/docs/user_guide/compatibility/linux/amd64/#%s", checkValidID: true}, - - // Deprecated, but links continue to work. - "cl": {baseURL: "https://gvisor-review.googlesource.com/c/gvisor/+/%s", checkValidID: true}, - - // Redirect to source documentation. - "gvisor": {baseURL: "https://pkg.go.dev/gvisor.dev/gvisor/%s"}, - - // Redirect to code search, with the path as the query. - "cs": {baseURL: "https://cs.opensource.google/search?q=%s&ss=gvisor", queryEscape: true}, -} - -var ( - validID = regexp.MustCompile(`^[A-Za-z0-9-]*/?$`) - goGetHTML5 = `<!doctype html><html><head><meta charset=utf-8> -<meta name="go-import" content="gvisor.dev/gvisor git https://github.com/google/gvisor"> -<meta name="go-import" content="gvisor.dev/website git https://github.com/google/gvisor-website"> -<title>Go-get</title></head><body></html>` -) - -// cronHandler wraps an http.Handler to check that the request is from the App -// Engine Cron service. -// See: https://cloud.google.com/appengine/docs/standard/go112/scheduling-jobs-with-cron-yaml#validating_cron_requests -func cronHandler(h http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Header.Get("X-Appengine-Cron") != "true" { - http.NotFound(w, r) - return - } - // Fallthrough. - h.ServeHTTP(w, r) - }) -} - -// wrappedHandler wraps an http.Handler. -// -// If the query parameters include go-get=1, then we redirect to a single -// static page that allows us to serve arbitrary Go packages. -func wrappedHandler(h http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - gg, ok := r.URL.Query()["go-get"] - if ok && len(gg) == 1 && gg[0] == "1" { - // Serve a trivial html page. - w.Write([]byte(goGetHTML5)) - return - } - // Fallthrough. - h.ServeHTTP(w, r) - }) -} - -// redirectWithQuery redirects to the given target url preserving query parameters. -func redirectWithQuery(w http.ResponseWriter, r *http.Request, target string) { - url := target - if qs := r.URL.RawQuery; qs != "" { - url += "?" + qs - } - http.Redirect(w, r, url, http.StatusFound) -} - -// hostRedirectHandler redirects the www. domain to the naked domain. -func hostRedirectHandler(h http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if strings.HasPrefix(r.Host, "www.") { - // Redirect to the naked domain. - r.URL.Scheme = "https" // Assume https. - r.URL.Host = r.Host[4:] // Remove the 'www.' - http.Redirect(w, r, r.URL.String(), http.StatusMovedPermanently) - return - } - - if *projectID != "" && r.Host == *projectID+".appspot.com" && *customHost != "" { - // Redirect to the custom domain. - r.URL.Scheme = "https" // Assume https. - r.URL.Host = *customHost - http.Redirect(w, r, r.URL.String(), http.StatusMovedPermanently) - return - } - h.ServeHTTP(w, r) - }) -} - -// prefixRedirectHandler returns a handler that redirects to the given formated url. -func prefixRedirectHandler(prefix string, info prefixInfo) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if p := r.URL.Path; p == prefix { - // Redirect /prefix/ to /prefix. - http.Redirect(w, r, p[:len(p)-1], http.StatusFound) - return - } - id := r.URL.Path[len(prefix):] - if info.checkValidID && !validID.MatchString(id) { - http.Error(w, "Not found", http.StatusNotFound) - return - } - if info.queryEscape { - id = url.QueryEscape(id) - } - target := fmt.Sprintf(info.baseURL, id) - redirectWithQuery(w, r, target) - }) -} - -// redirectHandler returns a handler that redirects to the given url. -func redirectHandler(target string) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - redirectWithQuery(w, r, target) - }) -} - -// registerRedirects registers redirect http handlers. -func registerRedirects(mux *http.ServeMux) { - for prefix, info := range prefixHelpers { - p := "/" + prefix + "/" - mux.Handle(p, hostRedirectHandler(wrappedHandler(prefixRedirectHandler(p, info)))) - } - for path, redirect := range redirects { - mux.Handle(path, hostRedirectHandler(wrappedHandler(redirectHandler(redirect)))) - } -} - -// registerStatic registers static file handlers. -func registerStatic(mux *http.ServeMux, staticDir string) { - mux.Handle("/", hostRedirectHandler(wrappedHandler(http.FileServer(http.Dir(staticDir))))) -} - -// profileMeta implements synthetic flags for pprof. -type profileMeta struct { - // Mux is the mux to register on. - Mux *http.ServeMux - - // SourceURL is the source of the profile. - SourceURL string -} - -func (*profileMeta) ExtraUsage() string { return "" } -func (*profileMeta) AddExtraUsage(string) {} -func (*profileMeta) Bool(_ string, def bool, _ string) *bool { return &def } -func (*profileMeta) Int(_ string, def int, _ string) *int { return &def } -func (*profileMeta) Float64(_ string, def float64, _ string) *float64 { return &def } -func (*profileMeta) StringList(_ string, def string, _ string) *[]*string { return new([]*string) } -func (*profileMeta) String(option string, def string, _ string) *string { - switch option { - case "http": - // Only http is specified. Other options may be accessible via - // the web interface, so we just need to spoof a valid option - // here. The server is actually bound by HTTPServer, below. - value := "localhost:80" - return &value - case "symbolize": - // Don't attempt symbolization. Most profiles should come with - // mappings built-in to the profile itself. - value := "none" - return &value - default: - return &def // Default. - } -} - -// Parse implements plugin.FlagSet.Parse. -func (p *profileMeta) Parse(usage func()) []string { - // Just return the SourceURL. This is interpreted as the profile to - // download. We validate that the URL corresponds to a Google Cloud - // Storage URL below. - return []string{p.SourceURL} -} - -// pprofFixedPrefix is used to limit the exposure to SSRF. -// -// See registerProfile below. -const pprofFixedPrefix = "https://storage.googleapis.com/" - -// allowedBuckets enforces constraints on the pprof target. -// -// If the continuous integration system is changed in the future to use -// additional buckets, they may be allowed here. See registerProfile. -var allowedBuckets = map[string]bool{ - "gvisor-buildkite": true, -} - -// Target returns the URL target. -func (p *profileMeta) Target() string { - return fmt.Sprintf("/profile/%s/", p.SourceURL[len(pprofFixedPrefix):]) -} - -// HTTPServer is a function passed to driver.PProf. -func (p *profileMeta) HTTPServer(args *driver.HTTPServerArgs) error { - target := p.Target() - for subpath, handler := range args.Handlers { - handlerPath := path.Join(target, subpath) - if len(handlerPath) < len(target) { - // Don't clean the target, match only as the literal - // directory path in order to keep relative links - // working in the profile. E.g. /profile/foo/ is the - // base URL for the profile at https://.../foo. - // - // The base target typically shows the dot-based graph, - // which will not work in the image (due to the lack of - // a dot binary to execute). Therefore, we redirect to - // the flamegraph handler. Everything should otherwise - // work the exact same way, except the "Graph" link. - handlerPath = target - handler = redirectHandler(path.Join(handlerPath, "flamegraph")) - } - p.Mux.Handle(handlerPath, handler) - } - return nil -} - -// registerProfile registers the profile handler. -// -// Note that this has a security surface worth considering. -// -// We are passed effectively a URL, which we fetch and parse, -// then display the profile output. We limit the possibility of -// SSRF by interpreting the URL strictly as a part to an object -// in Google Cloud Storage, and further limit the buckets that -// may be used. This contains the vast majority of concerns, -// since objects must at least be uploaded by our CI system. -// -// However, we additionally consider the possibility that users -// craft malicious profile objects (somehow) and pass those URLs -// here as well. It seems feasible that we could parse a profile -// that causes a crash (DOS), but this would be automatically -// handled without a blip. It seems unlikely that we could parse a -// profile that gives full code execution, but even so there is -// nothing in this image except this code and CA certs. At worst, -// code execution would enable someone to serve up content under the -// web domain. This would be ephemeral with the specific instance, -// and persisting such an attack would require constantly crashing -// instances in whatever way gives remote code execution. Even if -// this were possible, it's unlikely that exploiting such a crash -// could be done so constantly and consistently. -// -// The user can also fill the "disk" of this container instance, -// causing an OOM and a crash. This has similar semantics to the -// DOS scenario above, and would just be handled by Cloud Run. -// -// Note that all of the above scenarios would require uploading -// malicious profiles to controller buckets, and a clear audit -// trail would exist in those cases. -func registerProfile(mux *http.ServeMux) { - const urlPrefix = "/profile/" - mux.Handle(urlPrefix, hostRedirectHandler(wrappedHandler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // Extract the URL; this is everything except the final /. - parts := strings.Split(r.URL.Path[len(urlPrefix):], "/") - if len(parts) == 0 { - http.Error(w, "Invalid URL: no bucket provided.", http.StatusNotFound) - return - } - if !allowedBuckets[parts[0]] { - http.Error(w, fmt.Sprintf("Invalid URL: not an allowed bucket (%s).", parts[0]), http.StatusNotFound) - return - } - url := pprofFixedPrefix + strings.Join(parts[:len(parts)-1], "/") - if url == pprofFixedPrefix { - http.Error(w, "Invalid URL: no path provided.", http.StatusNotFound) - return - } - - // Set up the meta handler. This will modify the original mux - // accordingly, and we ultimately return a redirect that - // includes all the original arguments. This means that if we - // ever hit a server that does not have this profile loaded, it - // will load and redirect again. - meta := &profileMeta{ - Mux: mux, - SourceURL: url, - } - if err := driver.PProf(&driver.Options{ - Flagset: meta, - HTTPServer: meta.HTTPServer, - }); err != nil { - http.Error(w, fmt.Sprintf("Invalid profile: %v", err), http.StatusNotImplemented) - return - } - - // Serve the path directly. - mux.ServeHTTP(w, r) - })))) -} - -func envFlagString(name, def string) string { - if val, ok := os.LookupEnv(name); ok { - return val - } - return def -} - -var ( - addr = flag.String("http", envFlagString("HTTP", ":"+envFlagString("PORT", "8080")), "HTTP service address") - staticDir = flag.String("static-dir", envFlagString("STATIC_DIR", "_site"), "static files directory") - - // Uses the standard GOOGLE_CLOUD_PROJECT environment variable set by App Engine. - projectID = flag.String("project-id", envFlagString("GOOGLE_CLOUD_PROJECT", ""), "The App Engine project ID.") - customHost = flag.String("custom-domain", envFlagString("CUSTOM_DOMAIN", "gvisor.dev"), "The application's custom domain.") -) - -func main() { - flag.Parse() - - registerRedirects(http.DefaultServeMux) - registerStatic(http.DefaultServeMux, *staticDir) - registerProfile(http.DefaultServeMux) - - log.Printf("Listening on %s...", *addr) - log.Fatal(http.ListenAndServe(*addr, nil)) -} diff --git a/website/cmd/syscalldocs/BUILD b/website/cmd/syscalldocs/BUILD deleted file mode 100644 index c5a0ed7fe..000000000 --- a/website/cmd/syscalldocs/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -load("//tools:defs.bzl", "go_binary") - -package(licenses = ["notice"]) - -go_binary( - name = "syscalldocs", - srcs = ["main.go"], - visibility = ["//website:__pkg__"], -) diff --git a/website/cmd/syscalldocs/main.go b/website/cmd/syscalldocs/main.go deleted file mode 100644 index 830d2bac7..000000000 --- a/website/cmd/syscalldocs/main.go +++ /dev/null @@ -1,237 +0,0 @@ -// Copyright 2019 The gVisor Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Binary syscalldocs generates system call markdown. -package main - -import ( - "bufio" - "encoding/json" - "flag" - "fmt" - "io" - "os" - "path/filepath" - "sort" - "strings" - "text/template" -) - -// CompatibilityInfo is the collection of all information. -type CompatibilityInfo map[string]map[string]ArchInfo - -// ArchInfo is compatbility doc for an architecture. -type ArchInfo struct { - // Syscalls maps syscall number for the architecture to the doc. - Syscalls map[uintptr]SyscallDoc `json:"syscalls"` -} - -// SyscallDoc represents a single item of syscall documentation. -type SyscallDoc struct { - Name string `json:"name"` - Support string `json:"support"` - Note string `json:"note,omitempty"` - URLs []string `json:"urls,omitempty"` -} - -var mdTemplate = template.Must(template.New("out").Parse(`--- -title: {{.Title}} -description: Syscall Compatibility Reference Documentation for {{.OS}}/{{.Arch}} -layout: docs -category: Compatibility -weight: 50 -permalink: /docs/user_guide/compatibility/{{.OS}}/{{.Arch}}/ -include_in_menu: True ---- - -This table is a reference of {{.OS}} syscalls for the {{.Arch}} architecture and -their compatibility status in gVisor. gVisor does not support all syscalls and -some syscalls may have a partial implementation. - -This page is automatically generated from the source code. - -Of {{.Total}} syscalls, {{.Supported}} syscalls have a full or partial -implementation. There are currently {{.Unsupported}} unsupported -syscalls. {{if .Undocumented}}{{.Undocumented}} syscalls are not yet documented.{{end}} - -<table> - <thead> - <tr> - <th>#</th> - <th>Name</th> - <th>Support</th> - <th>Notes</th> - </tr> - </thead> - <tbody> - {{range $i, $syscall := .Syscalls}} - <tr id="{{.Name}}"> - <td><a href="#{{.Name}}">{{.Number}}</a></td> - <td><a href="{{.DocURL}}" target="_blank" rel="noopener">{{.Name}}</a></td> - <td>{{.Support}}</td> - <td>{{.Note}} {{range $i, $url := .URLs}}<br/>See: <a href="{{.}}">{{.}}</a>{{end}}</td> - </tr> - {{end}} - </tbody> -</table> -`)) - -// Fatalf writes a message to stderr and exits with error code 1 -func Fatalf(format string, a ...interface{}) { - fmt.Fprintf(os.Stderr, format, a...) - os.Exit(1) -} - -// syscallDocURL returns a doc url for a given syscall, doing its best to return a url that exists. -func syscallDocURL(name string) string { - customDocs := map[string]string{ - "io_pgetevents": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - "rseq": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - "io_uring_setup": "https://manpages.debian.org/buster-backports/liburing-dev/io_uring_setup.2.en.html", - "io_uring_enter": "https://manpages.debian.org/buster-backports/liburing-dev/io_uring_enter.2.en.html", - "io_uring_register": "https://manpages.debian.org/buster-backports/liburing-dev/io_uring_register.2.en.html", - "open_tree": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - "move_mount": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - "fsopen": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - "fsconfig": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - "fsmount": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - "fspick": "https://man7.org/linux/man-pages/man2/syscalls.2.html", - } - if url, ok := customDocs[name]; ok { - return url - } - return fmt.Sprintf("http://man7.org/linux/man-pages/man2/%s.2.html", name) -} - -func main() { - inputFlag := flag.String("in", "-", "File to input ('-' for stdin)") - outputDir := flag.String("out", ".", "Directory to output files.") - - flag.Parse() - - var input io.Reader - if *inputFlag == "-" { - input = os.Stdin - } else { - i, err := os.Open(*inputFlag) - if err != nil { - Fatalf("Error opening %q: %v", *inputFlag, err) - } - input = i - } - input = bufio.NewReader(input) - - var info CompatibilityInfo - d := json.NewDecoder(input) - if err := d.Decode(&info); err != nil { - Fatalf("Error reading json: %v", err) - } - - weight := 0 - for osName, osInfo := range info { - for archName, archInfo := range osInfo { - outDir := filepath.Join(*outputDir, osName) - outFile := filepath.Join(outDir, archName+".md") - - if err := os.MkdirAll(outDir, 0755); err != nil { - Fatalf("Error creating directory %q: %v", *outputDir, err) - } - - f, err := os.OpenFile(outFile, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644) - if err != nil { - Fatalf("Error opening file %q: %v", outFile, err) - } - defer f.Close() - - weight += 10 - data := struct { - Title string - OS string - Arch string - Weight int - Total int - Supported int - Unsupported int - Undocumented int - Syscalls []struct { - Name string - Number uintptr - DocURL string - Support string - Note string - URLs []string - } - }{ - Title: strings.Title(osName) + "/" + archName, - OS: osName, - Arch: archName, - Weight: weight, - Total: 0, - Supported: 0, - Unsupported: 0, - Undocumented: 0, - Syscalls: []struct { - Name string - Number uintptr - DocURL string - Support string - Note string - URLs []string - }{}, - } - - for num, s := range archInfo.Syscalls { - switch s.Support { - case "Full Support", "Partial Support": - data.Supported++ - case "Unimplemented": - data.Unsupported++ - default: - data.Undocumented++ - } - data.Total++ - - for i := range s.URLs { - if !strings.HasPrefix(s.URLs[i], "http://") && !strings.HasPrefix(s.URLs[i], "https://") { - s.URLs[i] = "https://" + s.URLs[i] - } - } - - data.Syscalls = append(data.Syscalls, struct { - Name string - Number uintptr - DocURL string - Support string - Note string - URLs []string - }{ - Name: s.Name, - Number: num, - DocURL: syscallDocURL(s.Name), - Support: s.Support, - Note: s.Note, - URLs: s.URLs, - }) - } - - sort.Slice(data.Syscalls, func(i, j int) bool { - return data.Syscalls[i].Number < data.Syscalls[j].Number - }) - - if err := mdTemplate.Execute(f, data); err != nil { - Fatalf("Error writing file %q: %v", outFile, err) - } - } - } -} diff --git a/website/css/main.scss b/website/css/main.scss deleted file mode 100644 index 4b3b7b500..000000000 --- a/website/css/main.scss +++ /dev/null @@ -1,10 +0,0 @@ -// The main style sheet for gvisor.dev - -// NOTE: Do not include file extensions to import .sass and .css files seamlessly. -@import "style"; -@import "front"; -@import "navbar"; -@import "sidebar"; -@import "footer"; -// syntax is generated by rougify. -@import "syntax"; diff --git a/website/defs.bzl b/website/defs.bzl deleted file mode 100644 index 703040882..000000000 --- a/website/defs.bzl +++ /dev/null @@ -1,186 +0,0 @@ -"""Wrappers for website documentation.""" - -load("//tools:defs.bzl", "short_path") - -# DocInfo is a provider which simple adds sufficient metadata to the source -# files (and additional data files) so that a jeyll header can be constructed -# dynamically. This is done the via BUILD system so that the plain -# documentation files can be viewable without non-compliant markdown headers. -DocInfo = provider( - "Encapsulates information for a documentation page.", - fields = [ - "layout", - "description", - "permalink", - "category", - "subcategory", - "weight", - "editpath", - "authors", - "include_in_menu", - ], -) - -def _doc_impl(ctx): - return [ - DefaultInfo( - files = depset(ctx.files.src + ctx.files.data), - ), - DocInfo( - layout = ctx.attr.layout, - description = ctx.attr.description, - permalink = ctx.attr.permalink, - category = ctx.attr.category, - subcategory = ctx.attr.subcategory, - weight = ctx.attr.weight, - editpath = short_path(ctx.files.src[0].short_path), - authors = ctx.attr.authors, - include_in_menu = ctx.attr.include_in_menu, - ), - ] - -doc = rule( - implementation = _doc_impl, - doc = "Annotate a document for jekyll headers.", - attrs = { - "src": attr.label( - doc = "The markdown source file.", - mandatory = True, - allow_single_file = True, - ), - "data": attr.label_list( - doc = "Additional data files (e.g. images).", - allow_files = True, - ), - "layout": attr.string( - doc = "The document layout.", - default = "docs", - ), - "description": attr.string( - doc = "The document description.", - default = "", - ), - "permalink": attr.string( - doc = "The document permalink.", - mandatory = True, - ), - "category": attr.string( - doc = "The document category.", - default = "", - ), - "subcategory": attr.string( - doc = "The document subcategory.", - default = "", - ), - "weight": attr.string( - doc = "The document weight.", - default = "50", - ), - "authors": attr.string_list(), - "include_in_menu": attr.bool( - doc = "Include document in the navigation menu.", - default = True, - ), - }, -) - -def _docs_impl(ctx): - # Tarball is the actual output. - tarball = ctx.actions.declare_file(ctx.label.name + ".tgz") - - # But we need an intermediate builder to translate the files. - builder = ctx.actions.declare_file("%s-builder" % ctx.label.name) - builder_content = [ - "#!/bin/bash", - "set -euo pipefail", - "declare -r T=$(mktemp -d)", - "function cleanup {", - " rm -rf $T", - "}", - "trap cleanup EXIT", - ] - for dep in ctx.attr.deps: - doc = dep[DocInfo] - - # Sanity check the permalink. - if not doc.permalink.endswith("/"): - fail("permalink %s for target %s should end with /" % ( - doc.permalink, - ctx.label.name, - )) - - # Construct the header. - header = """\ -description: {description} -permalink: {permalink} -category: {category} -subcategory: {subcategory} -weight: {weight} -editpath: {editpath} -authors: {authors} -layout: {layout} -include_in_menu: {include_in_menu}""" - - for f in dep.files.to_list(): - # Is this a markdown file? If not, then we ensure that it ends up - # in the same path as the permalink for relative addressing. - if not f.basename.endswith(".md"): - builder_content.append("mkdir -p $T/%s" % doc.permalink) - builder_content.append("cp %s $T/%s" % (f.path, doc.permalink)) - continue - - # Is this a post? If yes, then we must put this in the _posts - # directory. This directory is treated specially with respect to - # pagination and page generation. - dest = f.short_path - if doc.layout == "post": - dest = "_posts/" + f.basename - builder_content.append("echo Processing %s... >&2" % f.short_path) - builder_content.append("mkdir -p $T/$(dirname %s)" % dest) - - # Construct the header dynamically. We include the title field from - # the markdown itself, as this is the g3doc format required. The - # title will be injected by the web layout however, so we don't - # want this to appear in the document. - args = dict([(k, getattr(doc, k)) for k in dir(doc)]) - builder_content.append("title=\"$(grep -E '^# ' %s | head -n 1 | cut -d'#' -f2- || true)\"" % f.path) - builder_content.append("cat >$T/%s <<EOF" % dest) - builder_content.append("---") - builder_content.append("title: $title") - builder_content.append(header.format(**args)) - builder_content.append("---") - builder_content.append("EOF") - - # To generate the final page, we need to strip out the title (which - # was pulled above to generate the annotation in the frontmatter, - # and substitute the [TOC] tag with the {% toc %} plugin tag. Note - # that the pipeline here is almost important, as the grep will - # return non-zero if the file is empty, but we ignore that within - # the pipeline. - builder_content.append("grep -v -E '^# ' %s | sed -e 's|^\\[TOC\\]$|- TOC\\n{:toc}|' >>$T/%s" % - (f.path, dest)) - - builder_content.append("declare -r filename=$(readlink -m %s)" % tarball.path) - builder_content.append("(cd $T && tar -zcf \"${filename}\" .)\n") - ctx.actions.write(builder, "\n".join(builder_content), is_executable = True) - - # Generate the tarball. - ctx.actions.run( - inputs = depset(ctx.files.deps), - outputs = [tarball], - progress_message = "Generating %s" % ctx.label, - executable = builder, - ) - return [DefaultInfo( - files = depset([tarball]), - )] - -docs = rule( - implementation = _docs_impl, - doc = "Construct a site tarball from doc dependencies.", - attrs = { - "deps": attr.label_list( - doc = "All document dependencies.", - ), - }, -) diff --git a/website/index.md b/website/index.md deleted file mode 100644 index c6cd477c2..000000000 --- a/website/index.md +++ /dev/null @@ -1,50 +0,0 @@ -<div class="jumbotron jumbotron-fluid"> - <div class="container"> - <div class="row"> - <div class="col-md-3"></div> - <div class="col-md-6"> - <p>gVisor is an <b>application kernel</b> for <b>containers</b> that provides efficient defense-in-depth anywhere.</p> - <p style="margin-top: 20px;"> - <a class="btn" href="/docs/user_guide/install/">Get started <i class="fas fa-arrow-alt-circle-right ml-2"></i></a> - <a class="btn" href="/docs/">Learn More <i class="fas fa-arrow-alt-circle-right ml-2"></i></a> - </p> - </div> - <div class="col-md-3"></div> - </div> - </div> -</div> - -<div class="container"> <!-- Full page container. --> - -<div class="row"> - <div class="col-md-4"> - <h4 id="seamless-security">Container-native Security <i class="fas fa-lock"></i></h4> - <p>By providing each container with its own application kernel, gVisor - limits the attack surface of the host. This protection does not limit - functionality: gVisor runs unmodified binaries and integrates with container - orchestration systems, such as Docker and Kubernetes, and supports features - such as volumes and sidecars.</p> - <a class="button" href="/docs/architecture_guide/security/">Read More »</a> - </div> - - <div class="col-md-4"> - <h4 id="resource-efficiency">Resource Efficiency <i class="fas fa-feather-alt"></i></h4> - <p>Containers are efficient because workloads of different shapes and sizes - can be packed together by sharing host resources. gVisor uses host-native - abstractions, such as threads and memory mappings, to co-operate with the - host and enable the same resource model as native containers.</p> - <a class="button" href="/docs/architecture_guide/resources/">Read More »</a> - </div> - - <div class="col-md-4"> - <h4 id="platform-portability">Platform Portability <sup>☁</sup>☁</h4> - <p>Modern infrastructure spans multiple cloud services and data centers, - often with a mix of managed services and virtualized or traditional servers. - The pluggable platform architecture of gVisor allows it to run anywhere, - enabling consistent security policies across multiple environments without - having to rearchitect your infrastructure.</p> - <a class="button" href="/docs/architecture_guide/platforms/">Read More »</a> - </div> -</div> - -</div> <!-- container --> diff --git a/website/performance/README.md b/website/performance/README.md deleted file mode 100644 index 1758fc608..000000000 --- a/website/performance/README.md +++ /dev/null @@ -1,10 +0,0 @@ -# Performance data - -This directory holds the CSVs generated by the now removed benchmark-tools -repository. The new functionally equivalent -[benchmark-tools is available.][benchmark-tools] - -In the future, these will be automatically posted to a cloud storage bucket and -loaded dynamically. At that point, this directory will be removed. - -[benchmark-tools]: https://github.com/google/gvisor/tree/master/test/benchmarks diff --git a/website/performance/applications.csv b/website/performance/applications.csv deleted file mode 100644 index 7b4661c60..000000000 --- a/website/performance/applications.csv +++ /dev/null @@ -1,13 +0,0 @@ -runtime,method,metric,result
-runc,http.node,transfer_rate,3814.85
-runc,http.node,latency,11.0
-runc,http.node,requests_per_second,885.81
-runc,http.ruby,transfer_rate,2874.38
-runc,http.ruby,latency,18.0
-runc,http.ruby,requests_per_second,539.97
-runsc,http.node,transfer_rate,1615.54
-runsc,http.node,latency,27.0
-runsc,http.node,requests_per_second,375.13
-runsc,http.ruby,transfer_rate,1382.71
-runsc,http.ruby,latency,38.0
-runsc,http.ruby,requests_per_second,259.75
diff --git a/website/performance/density.csv b/website/performance/density.csv deleted file mode 100644 index 729b44941..000000000 --- a/website/performance/density.csv +++ /dev/null @@ -1,9 +0,0 @@ -runtime,method,metric,result
-runc,density.empty,memory_usage,4092149.76
-runc,density.node,memory_usage,76709888.0
-runc,density.ruby,memory_usage,45737000.96
-runsc,density.empty,memory_usage,23695032.32
-runsc,density.node,memory_usage,124076605.44
-runsc,density.ruby,memory_usage,106141777.92
-runc,density.redis,memory_usage,1055323750.4
-runsc,density.redis,memory_usage,1076686028.8
diff --git a/website/performance/ffmpeg.csv b/website/performance/ffmpeg.csv deleted file mode 100644 index 08661c749..000000000 --- a/website/performance/ffmpeg.csv +++ /dev/null @@ -1,3 +0,0 @@ -runtime,metric,result
-runc,run_time,82.000625
-runsc,run_time,88.24018
diff --git a/website/performance/fio-tmpfs.csv b/website/performance/fio-tmpfs.csv deleted file mode 100644 index 99777d2e4..000000000 --- a/website/performance/fio-tmpfs.csv +++ /dev/null @@ -1,9 +0,0 @@ -runtime,method,metric,result
-runc,fio.read,bandwidth,4240686080
-runc,fio.write,bandwidth,3029744640
-runsc,fio.read,bandwidth,2533604352
-runsc,fio.write,bandwidth,1207536640
-runc,fio.randread,bandwidth,1221472256
-runc,fio.randwrite,bandwidth,1046094848
-runsc,fio.randread,bandwidth,68940800
-runsc,fio.randwrite,bandwidth,67286016
diff --git a/website/performance/fio.csv b/website/performance/fio.csv deleted file mode 100644 index 80d6ae289..000000000 --- a/website/performance/fio.csv +++ /dev/null @@ -1,9 +0,0 @@ -runtime,method,metric,result
-runc,fio.read,bandwidth,252253184
-runc,fio.write,bandwidth,457767936
-runsc,fio.read,bandwidth,252323840
-runsc,fio.write,bandwidth,431845376
-runc,fio.randread,bandwidth,5284864
-runc,fio.randwrite,bandwidth,107758592
-runsc,fio.randread,bandwidth,4403200
-runsc,fio.randwrite,bandwidth,69161984
diff --git a/website/performance/httpd100k.csv b/website/performance/httpd100k.csv deleted file mode 100644 index e92c7e9e0..000000000 --- a/website/performance/httpd100k.csv +++ /dev/null @@ -1,17 +0,0 @@ -connections,runtime,metric,result
-1,runc,transfer_rate,565.35
-1,runc,latency,1.0
-1,runsc,transfer_rate,282.84
-1,runsc,latency,2.0
-5,runc,transfer_rate,3260.57
-5,runc,latency,1.0
-5,runsc,transfer_rate,832.69
-5,runsc,latency,3.0
-10,runc,transfer_rate,4672.01
-10,runc,latency,1.0
-10,runsc,transfer_rate,1095.47
-10,runsc,latency,4.0
-25,runc,transfer_rate,4964.14
-25,runc,latency,2.0
-25,runsc,transfer_rate,961.03
-25,runsc,latency,12.0
diff --git a/website/performance/httpd10240k.csv b/website/performance/httpd10240k.csv deleted file mode 100644 index 60dbe7b40..000000000 --- a/website/performance/httpd10240k.csv +++ /dev/null @@ -1,17 +0,0 @@ -connections,runtime,metric,result
-1,runc,transfer_rate,674.05
-1,runc,latency,1.0
-1,runsc,transfer_rate,243.35
-1,runsc,latency,2.0
-5,runc,transfer_rate,3089.83
-5,runc,latency,1.0
-5,runsc,transfer_rate,981.91
-5,runsc,latency,2.0
-10,runc,transfer_rate,4701.2
-10,runc,latency,1.0
-10,runsc,transfer_rate,1135.08
-10,runsc,latency,4.0
-25,runc,transfer_rate,5021.36
-25,runc,latency,2.0
-25,runsc,transfer_rate,963.26
-25,runsc,latency,12.0
diff --git a/website/performance/iperf.csv b/website/performance/iperf.csv deleted file mode 100644 index 1f3b41aec..000000000 --- a/website/performance/iperf.csv +++ /dev/null @@ -1,5 +0,0 @@ -runtime,method,metric,result
-runc,network.download,bandwidth,746386000.0
-runc,network.upload,bandwidth,709808000.0
-runsc,network.download,bandwidth,640303500.0
-runsc,network.upload,bandwidth,482254000.0
diff --git a/website/performance/redis.csv b/website/performance/redis.csv deleted file mode 100644 index 369b16712..000000000 --- a/website/performance/redis.csv +++ /dev/null @@ -1,35 +0,0 @@ -runtime,method,metric,result
-runc,PING_INLINE,requests_per_second,30525.03
-runc,PING_BULK,requests_per_second,30293.85
-runc,SET,requests_per_second,30257.19
-runc,GET,requests_per_second,30312.21
-runc,INCR,requests_per_second,30525.03
-runc,LPUSH,requests_per_second,30712.53
-runc,RPUSH,requests_per_second,30459.95
-runc,LPOP,requests_per_second,30367.45
-runc,RPOP,requests_per_second,30665.44
-runc,SADD,requests_per_second,30030.03
-runc,HSET,requests_per_second,30656.04
-runc,SPOP,requests_per_second,29940.12
-runc,LRANGE_100,requests_per_second,24224.81
-runc,LRANGE_300,requests_per_second,14302.06
-runc,LRANGE_500,requests_per_second,11728.83
-runc,LRANGE_600,requests_per_second,9900.99
-runc,MSET,requests_per_second,30120.48
-runsc,PING_INLINE,requests_per_second,14528.55
-runsc,PING_BULK,requests_per_second,15627.44
-runsc,SET,requests_per_second,15403.57
-runsc,GET,requests_per_second,15325.67
-runsc,INCR,requests_per_second,15269.51
-runsc,LPUSH,requests_per_second,15172.2
-runsc,RPUSH,requests_per_second,15117.16
-runsc,LPOP,requests_per_second,15257.86
-runsc,RPOP,requests_per_second,15188.33
-runsc,SADD,requests_per_second,15432.1
-runsc,HSET,requests_per_second,15163.0
-runsc,SPOP,requests_per_second,15561.78
-runsc,LRANGE_100,requests_per_second,13365.41
-runsc,LRANGE_300,requests_per_second,9520.18
-runsc,LRANGE_500,requests_per_second,8248.78
-runsc,LRANGE_600,requests_per_second,6544.07
-runsc,MSET,requests_per_second,14367.82
diff --git a/website/performance/startup.csv b/website/performance/startup.csv deleted file mode 100644 index 6bad00df6..000000000 --- a/website/performance/startup.csv +++ /dev/null @@ -1,7 +0,0 @@ -runtime,method,metric,result
-runc,startup.empty,startup_time_ms,1193.10768
-runc,startup.node,startup_time_ms,2557.95336
-runc,startup.ruby,startup_time_ms,2530.12624
-runsc,startup.empty,startup_time_ms,1144.1775
-runsc,startup.node,startup_time_ms,2441.90284
-runsc,startup.ruby,startup_time_ms,2455.69882
diff --git a/website/performance/sysbench-cpu.csv b/website/performance/sysbench-cpu.csv deleted file mode 100644 index f4e6b69a6..000000000 --- a/website/performance/sysbench-cpu.csv +++ /dev/null @@ -1,3 +0,0 @@ -runtime,metric,result
-runc,cpu_events_per_second,103.62
-runsc,cpu_events_per_second,103.21
diff --git a/website/performance/sysbench-memory.csv b/website/performance/sysbench-memory.csv deleted file mode 100644 index 626ff4994..000000000 --- a/website/performance/sysbench-memory.csv +++ /dev/null @@ -1,3 +0,0 @@ -runtime,metric,result
-runc,memory_ops_per_second,13098.73
-runsc,memory_ops_per_second,13107.44
diff --git a/website/performance/syscall.csv b/website/performance/syscall.csv deleted file mode 100644 index 40bdce49e..000000000 --- a/website/performance/syscall.csv +++ /dev/null @@ -1,4 +0,0 @@ -runtime,metric,result
-runc,syscall_time_ns,1939.0
-runsc,syscall_time_ns,38219.0
-runsc-kvm,syscall_time_ns,763.0
diff --git a/website/performance/tensorflow.csv b/website/performance/tensorflow.csv deleted file mode 100644 index 03498bef0..000000000 --- a/website/performance/tensorflow.csv +++ /dev/null @@ -1,3 +0,0 @@ -runtime,metric,result
-runc,run_time,207.1118165
-runsc,run_time,244.473401
|
