summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-09-18Merge release-20200907.0-148-gca4ecf481 (automated)gVisor bot
2020-09-18Use a tmpfs file for shared anonymous and /dev/zero mmap on VFS2.Jamie Liu
This is more consistent with Linux (see comment on MM.NewSharedAnonMappable()). We don't do the same thing on VFS1 for reasons documented by the updated comment. PiperOrigin-RevId: 332514849
2020-09-18Merge release-20200907.0-147-gf911b43f0 (automated)gVisor bot
2020-09-18Remove SKIP_IF for now-supported features.Kevin Krakauer
Updates #3549. PiperOrigin-RevId: 332501660
2020-09-18Merge release-20200907.0-146-gddf37cb19 (automated)gVisor bot
2020-09-18Reduce the number of steps to get started with gVisorFabricio Voznika
Streamline instruction for the common case. PiperOrigin-RevId: 332488910
2020-09-18Merge release-20200907.0-145-gbd69afdcd (automated)gVisor bot
2020-09-18Count packets dropped by iptables in IPStatsKevin Krakauer
PiperOrigin-RevId: 332486383
2020-09-18Merge release-20200907.0-144-gdedef4392 (automated)gVisor bot
2020-09-18Merge pull request #3972 from btw616:fix/commentsgVisor bot
PiperOrigin-RevId: 332486111
2020-09-18Merge release-20200907.0-142-gfcf8d7c6d (automated)gVisor bot
2020-09-18Enqueue TCP sends arriving in SYN_SENT state.Mithun Iyer
TCP needs to enqueue any send requests arriving when the connection is in SYN_SENT state. The data should be sent out soon after completion of the connection handshake. Fixes #3995 PiperOrigin-RevId: 332482041
2020-09-18Merge release-20200907.0-141-g93fd164fa (automated)gVisor bot
2020-09-18Add "Containing a Real Vulnerability" blog postFabricio Voznika
PiperOrigin-RevId: 332477119
2020-09-18Merge release-20200907.0-140-gef7d9a6fc (automated)gVisor bot
2020-09-18Fix definition of SchedParam.Rahat Mahmood
Linux defines this struct as: struct sched_param { int priority; } ... in include/linux/sched.h. PiperOrigin-RevId: 332473133
2020-09-18Merge release-20200907.0-139-g313e1988c (automated)gVisor bot
2020-09-18Drop ARCH_GET_FSMichael Pratt
Go does not call arch_prctl(ARCH_GET_FS), nor am I sure it ever did. Drop the filter. PiperOrigin-RevId: 332470532
2020-09-18Merge release-20200907.0-138-g360006d89 (automated)gVisor bot
2020-09-18Use common parsing utilities when sniffingGhanan Gowripalan
Extract parsing utilities so they can be used by the sniffer. Fixes #3930 PiperOrigin-RevId: 332401880
2020-09-18Merge release-20200907.0-137-g07d832dbb (automated)gVisor bot
2020-09-17fuse.DeviceFD needs to hold a reference on the associated filesystem.Rahat Mahmood
This fixes a use-after-free in fuse.DeviceFD.Release. PiperOrigin-RevId: 332394146
2020-09-18Merge release-20200907.0-136-g2fbd31e72 (automated)gVisor bot
2020-09-17Test IPv4 WritePackets statsKevin Krakauer
IPv6 tests will be added in another CL along with ip6tables. PiperOrigin-RevId: 332389102
2020-09-18Merge release-20200907.0-135-g0b8d306e6 (automated)gVisor bot
2020-09-17ip6tables: filter table supportKevin Krakauer
`ip6tables -t filter` is now usable. NAT support will come in a future CL. #3549 PiperOrigin-RevId: 332381801
2020-09-18Merge release-20200907.0-134-gd34bda027 (automated)gVisor bot
2020-09-17{Set,Get} SO_LINGER on all endpoints.Nayana Bidari
SO_LINGER is a socket level option and should be stored on all endpoints even though it is used to linger only for TCP endpoints. PiperOrigin-RevId: 332369252
2020-09-18Merge release-20200907.0-133-gc0b74be54 (automated)gVisor bot
2020-09-17Fix root tests target in Makefile.Ayush Ranjan
PiperOrigin-RevId: 332358833
2020-09-18Merge release-20200907.0-132-g23fcbd872 (automated)gVisor bot
2020-09-17[testing] Use container address to talk to server running inside container.Ayush Ranjan
Docker does not have IPv6 port forwarding as tracked by the following issue: https://github.com/moby/moby/issues/11518 So when running bazel itself inside a docker container, we can not use the host port bindings to communicate with sockets inside the container. This was causing integration tests and image tests to fail when run through our Makefile targets. PiperOrigin-RevId: 332355051
2020-09-18Merge release-20200907.0-131-g1e8beb5f1 (automated)gVisor bot
2020-09-17Change sizeofInt32 to string sizeChong Cai
This constant is used to represent int32 stored in file xattrs. The integers are stored as strings there, so the real size should be the string size (number of digits) instead of an int size (4 bytes). PiperOrigin-RevId: 332353217
2020-09-17Merge release-20200907.0-130-gf1f844daa (automated)gVisor bot
2020-09-17Set mode when creating Merkle tree fileChong Cai
PiperOrigin-RevId: 332340342
2020-09-17Merge release-20200907.0-129-g319d1b8ba (automated)gVisor bot
2020-09-17Complete vfs2 implementation of fallocate.Dean Deng
This change includes overlay, special regular gofer files, and hostfs. Fixes #3589. PiperOrigin-RevId: 332330860
2020-09-17Merge release-20200907.0-128-g8070cc338 (automated)gVisor bot
2020-09-17Merge pull request #3979 from jinmouil:feature/fuse-fixgVisor bot
PiperOrigin-RevId: 332328860
2020-09-17Merge release-20200907.0-126-ga4db85fff (automated)gVisor bot
2020-09-17Return ENOPROTOOPT for all SOL_PACKET options.Bhasker Hariharan
This is required to make tcpdump work. tcpdump falls back to not using things like PACKET_RX_RING if setsockopt returns ENOPROTOOPT. This used to be the case before https://github.com/google/gvisor/commit/6f8fb7e0db2790ff1f5ba835780c03fe245e437f. Fixes #3981 PiperOrigin-RevId: 332326517
2020-09-17Fix kernfs unlinkat and rmdirat incorrect resolved path nameJinmou Li
2020-09-17Merge release-20200907.0-125-gd796b100e (automated)gVisor bot
2020-09-17Provide testing container with docker config file.Ayush Ranjan
This is needed by test/e2e/integration_test:TestCheckpointRestore to check for filesystem versioning. PiperOrigin-RevId: 332285566
2020-09-17Merge release-20200907.0-123-gf0b1bd434 (automated)gVisor bot
2020-09-17Merge release-20200907.0-124-gda07e38f7 (automated)gVisor bot
2020-09-17Remove option to panic goferFabricio Voznika
Gofer panics are suppressed by p9 server and an error is returned to the caller, making it effectively the same as returning EROFS. PiperOrigin-RevId: 332282959
2020-09-17Deflake vdso_clock_gettime test.Jamie Liu
PiperOrigin-RevId: 332281930
2020-09-17Merge release-20200907.0-122-g51a2fe8eb (automated)gVisor bot