summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-06-04Merge release-20210518.0-74-gfb745d7d9 (automated)gVisor bot
2021-06-04Update GitHub packages.Adin Scannell
PiperOrigin-RevId: 377611852
2021-06-04Merge release-20210518.0-73-ga2c88252c (automated)gVisor bot
2021-06-04Allow sniffer receive timeout durations less than one usecSam Balana
Fixes the erronously signaled fatal error when the sniffer receive timeout duration is less than one usec. This was caused by the converstion from float64 to int64; the integer conversion truncated the floating point to 0, which signaled the fatal error. PiperOrigin-RevId: 377600179
2021-06-04Merge release-20210518.0-72-g240629524 (automated)gVisor bot
2021-06-04Add bind syscall tests for ICMP and ICMPv6Sam Balana
Updates #5711 Updates #6021 Updates #6022 PiperOrigin-RevId: 377582446
2021-06-04Merge release-20210518.0-71-g86cf56eb7 (automated)gVisor bot
2021-06-03Add additional mmap seccomp ruleFabricio Voznika
HostFileMapper.RegenerateMappings calls mmap with MAP_SHARED|MAP_FIXED and these were not allowed. Closes #6116 PiperOrigin-RevId: 377428463
2021-06-03Merge release-20210518.0-70-gb3c608ef8 (automated)gVisor bot
2021-06-03Implement stringer for ExitStatusTamir Duberstein
PiperOrigin-RevId: 377370807
2021-06-03Merge release-20210518.0-69-g758713f4c (automated)gVisor bot
2021-06-03Initialize metrics at initTamir Duberstein
Avoids a race condition at kernel initialization. Updates #6057. PiperOrigin-RevId: 377357723
2021-06-03Merge release-20210518.0-68-gddcd17399 (automated)gVisor bot
2021-06-03Reset global_num_signals_received on RegisterSignalHandlerAdam Barth
Previously, the value of global_num_signals_received would persist between tests. Now, we reset the value to zero when we register a signal handler. PiperOrigin-RevId: 377308357
2021-06-02Merge release-20210518.0-67-g9357b4f7e (automated)gVisor bot
2021-06-01Ensure full shutdown of endpoint on notifyCloseMithun Iyer
Address a race with non-blocking connect and socket close, causing the FIN (because of socket close) to not be sent out, even after completing the handshake. The race occurs with this sequence: (1) endpoint Connect starts handshake, sending out SYN (2) handshake complete() releases endpoint lock, waiting on sleeper.Fetch() (3) endpoint Close acquires endpoint lock, does not enqueue FIN (as the endpoint is not yet connected) and asserts notifyClose (4) SYNACK from peer gets enqueued asserting newSegmentWaker (5) handshake complete() re-aqcuires lock, first processes newSegmentWaker event, transitions to ESTABLISHED and proceeds to protocolMainLoop() (6) protocolMainLoop() exits while processing notifyClose When the execution follows the above sequence, no FIN is sent to the peer. This causes the listener side to have a half-open connection sitting in the accept queue. Fix this by ensuring that the protocolMainLoop() performs clean shutdown when the endpoint state is still ESTABLISHED. This would not be a bug, if during handshake complete(), sleeper.Fetch() prioritized notificationWaker over newSegmentWaker. In that case, the handshake would not have completed in (5) above. Fixes #6067 PiperOrigin-RevId: 376994395
2021-06-02Merge release-20210518.0-66-g12f411843 (automated)gVisor bot
2021-06-01Move sync generics to their own packagesTamir Duberstein
The presence of multiple packages in a single directory sometimes confuses `go mod`, producing output like: go: downloading gvisor.dev/gvisor v0.0.0-20210601174640-77dc0f5bc94d $GOMODCACHE/gvisor.dev/gvisor@v0.0.0-20210601174640-77dc0f5bc94d/pkg/linewriter/linewriter.go:21:2: found packages sync (aliases.go) and seqatomic (generic_atomicptr_unsafe.go) in $GOMODCACHE/gvisor.dev/gvisor@v0.0.0-20210601174640-77dc0f5bc94d/pkg/sync imports.go:67:2: found packages tcp (accept.go) and rcv (rcv_test.go) in $GOMODCACHE/gvisor.dev/gvisor@v0.0.0-20210601174640-77dc0f5bc94d/pkg/tcpip/transport/tcp PiperOrigin-RevId: 376956213
2021-06-01Merge release-20210518.0-65-gd7d8a0a5a (automated)gVisor bot
2021-06-01vfs: Don't allow to mount anything on top of detached mountsAndrei Vagin
PiperOrigin-RevId: 376932659
2021-06-01Merge release-20210518.0-64-g77dc0f5bc (automated)gVisor bot
2021-06-01Ignore RST received for a TCP listenerMithun Iyer
The current implementation has a bug where TCP listener does not ignore RSTs from the peer. While handling RST+ACK from the peer, this bug can complete handshakes that use syncookies. This results in half-open connection delivered to the accept queue. Fixes #6076 PiperOrigin-RevId: 376868749
2021-06-01Merge release-20210518.0-63-g4f3746998 (automated)gVisor bot
2021-05-31Update comments on ambient caps to point to bugIan Lewis
PiperOrigin-RevId: 376747671
2021-05-28Merge release-20210518.0-62-g30bca3270 (automated)gVisor bot
2021-05-28Clean up warningsTamir Duberstein
- Typos - Unused arguments - Useless conversions PiperOrigin-RevId: 376362730
2021-05-28Merge release-20210518.0-61-g394c6089c (automated)gVisor bot
2021-05-27Fix test_app task-treeFabricio Voznika
Executing `select {}` to wait forever triggers Go runtime deadlock detection and kills the child, causing the number actual processes be less than expected. PiperOrigin-RevId: 376298799
2021-05-28Merge release-20210518.0-60-ge8fc815b6 (automated)gVisor bot
2021-05-27Fix specific releases and update install instructions.Ian Lewis
Fixes #6084 PiperOrigin-RevId: 376293659
2021-05-27Merge release-20210518.0-59-g121af3773 (automated)gVisor bot
2021-05-27Support SO_BINDTODEVICE in ICMP socketsSam Balana
Adds support for the SO_BINDTODEVICE socket option in ICMP sockets with an accompanying packetimpact test to exercise use of this socket option. Adds a unit test to exercise the NIC selection logic introduced by this change. The remaining unit tests for ICMP sockets need to be added in a subsequent CL. See https://gvisor.dev/issues/5623 for the list of remaining unit tests. Adds a "timeout" field to PacketimpactTestInfo, necessary due to the long runtime of the newly added packetimpact test. Fixes #5678 Fixes #4896 Updates #5623 Updates #5681 Updates #5763 Updates #5956 Updates #5966 Updates #5967 PiperOrigin-RevId: 376271581
2021-05-27Merge release-20210518.0-58-g17df2df75 (automated)gVisor bot
2021-05-27nanosleep has to store the finish time in the restart blockAndrei Vagin
nanosleep has to count time that a thread spent in the stopped state. PiperOrigin-RevId: 376258641
2021-05-27Merge release-20210518.0-57-gdd2e1f07a (automated)gVisor bot
2021-05-27Speed up TestBindToDeviceDistributionKevin Krakauer
Testing only TestBindToDeviceDistribution decreased from 24s to 11s, and with TSAN from 186s to 21s. Note: using `t.Parallel()` actually slows the test down. PiperOrigin-RevId: 376251420
2021-05-27Merge release-20210518.0-56-g62ec2422a (automated)gVisor bot
2021-05-27Merge pull request #6059 from lubinszARM:pr_arm64_bouncegVisor bot
PiperOrigin-RevId: 376233013
2021-05-27Merge release-20210518.0-54-g2c1df1f44 (automated)gVisor bot
2021-05-27Use fake clocks in all testsTamir Duberstein
...except TCP tests and NDP tests that mutate globals. These will be undertaken later. Updates #5940. PiperOrigin-RevId: 376145608
2021-05-27Merge release-20210518.0-53-g93d98b874 (automated)gVisor bot
2021-05-27Avoid warningsTamir Duberstein
- Don't shadow package name - Don't defer in a loop - Remove unnecessary type conversion PiperOrigin-RevId: 376137822
2021-05-27Merge release-20210518.0-52-g097efe81a (automated)gVisor bot
2021-05-26Use the stack RNG everywhereTamir Duberstein
...except in tests. Note this replaces some uses of a cryptographic RNG with a plain RNG. PiperOrigin-RevId: 376070666
2021-05-26Merge release-20210518.0-51-g522ae2dd1 (automated)gVisor bot
2021-05-26Specify subsequent layers as ICMP payloads and add ICMPv6.PointerSam Balana
Moves specification of subsequent layers to the Payload field of the ICMP and ICMPv6 layers. Removes the need to manually encode type-specific ICMP or ICMPv6 headers, such as the "pointer" header of parameter problem messages, in the payload. This is necessary prework to enable matching of more type-specific headers, such as "ident" of echo requests. Fixes a bug where the "reserved" header defined by ICMPv6 RFC 4443 was being incorrectly encoded by ToBytes. This change fixes the implementation by copying the payload into Payload, instead of the MessageBody. PiperOrigin-RevId: 376026420
2021-05-26Merge release-20210518.0-50-gb6f915842 (automated)gVisor bot
2021-05-26Clarify commentTamir Duberstein
PiperOrigin-RevId: 376022495
2021-05-26Merge release-20210518.0-49-g9fcc44f99 (automated)gVisor bot
2021-05-26Add verity getdents testsChong Cai
PiperOrigin-RevId: 376001603