summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-05-05Merge release-20210419.0-68-g61615f3f1 (automated)gVisor bot
2021-05-05Fix a race in reading last seen ICMP error during handshakeMithun Iyer
On receiving an ICMP error during handshake, the error is propagated by reading `endpoint.lastError`. This can race with the socket layer invoking getsockopt() with SO_ERROR where the same value is read and cleared, causing the handshake to bail out with a non-error state. Fix the race by checking for lastError state and failing the handshake with ErrConnectionAborted if the lastError was read and cleared by say SO_ERROR. The race mentioned in the bug, is caught only with the newly added tcp_test unit test, where we have control over stopping/resuming protocol loop. Adding a packetimpact test as well for sanity testing of ICMP error handling during handshake. Fixes #5922 PiperOrigin-RevId: 372135662
2021-05-05Merge release-20210419.0-67-gd924515b0 (automated)gVisor bot
2021-05-05[perf] Fix profiling in benchmarking jobs.Ayush Ranjan
Due to https://github.com/moby/moby/issues/42345, the docker daemon is passing the incorrect `--root` flag to runsc. So our profiler is not able to find the container stat files where it expects them to be. PiperOrigin-RevId: 372067954
2021-05-05Merge release-20210419.0-66-gd38437807 (automated)gVisor bot
2021-05-04Fix tcp_test listen backlog expectationMithun Iyer
Listen backlog value is 1 more than what is configured by the socket layer listen call. TestListenBacklogFull expects this behavior which is incorrect as it directly invokes endpoint Listen and with cl/369974744, backlog++ logic is moved to the callers of Listen(). This test passes sometimes, because the handshakes could overlap causing the last SYN to arrive at the listener before the previous handshake is enqueued to the accept queue. In such a case the accept queue is still not full and the SYN is replied to. The final ACK of this last handshake would get dropped eventually. PiperOrigin-RevId: 372041827
2021-05-05Merge release-20210419.0-65-g5960674c8 (automated)gVisor bot
2021-05-04Document how to handle build failures from go-marshal verbosity.Rahat Mahmood
With debugging enabled, go-marshal can generate too much output for bazel under default configurations, which can cause builds to fail. The limit defaults to 1 MB. PiperOrigin-RevId: 372030402
2021-05-04Merge release-20210419.0-64-g689b369f5 (automated)gVisor bot
2021-05-04tcp_socket_test: replace tcp_wmem with SO_SNDBUFKevin Krakauer
PiperOrigin-RevId: 372022596
2021-05-04Use cmp.Diff for tcpip.Error comparisonMithun Iyer
PiperOrigin-RevId: 372021039
2021-05-04Remove uses of the binary package from the rest of the sentry.Rahat Mahmood
PiperOrigin-RevId: 372020696
2021-05-04Merge release-20210419.0-61-gd496c285a (automated)gVisor bot
2021-05-04Add TODOs to old reference counting utility.Dean Deng
PiperOrigin-RevId: 372012795
2021-05-04Merge release-20210419.0-60-g95df852bf (automated)gVisor bot
2021-05-04Make Mount.Type optional for bind mountsFabricio Voznika
According to the OCI spec Mount.Type is an optional field and it defaults to "bind" when any of "bind" or "rbind" is included in Mount.Options. Also fix the shim to remove bind/rbind from options when mount is converted from bind to tmpfs inside the Sentry. Fixes #2330 Fixes #3274 PiperOrigin-RevId: 371996891
2021-05-04Merge release-20210419.0-59-gdd3875eab (automated)gVisor bot
2021-05-04Increase error margin for memory accounting test.Dean Deng
PiperOrigin-RevId: 371963265
2021-05-04Merge release-20210419.0-58-g2f5393375 (automated)gVisor bot
2021-05-03Merge pull request #5903 from zchee:safecopy/fix-argsgVisor bot
PiperOrigin-RevId: 371829568
2021-05-03Merge release-20210419.0-56-g279f9fcee (automated)gVisor bot
2021-05-03Implement standard clock safelyGhanan Gowripalan
Previously, tcpip.StdClock depended on linking with the unexposed method time.now to implement tcpip.Clock using the time package. This change updates the standard clock to not require manually linking to this unexported method and use publicly documented functions from the time package. PiperOrigin-RevId: 371805101
2021-05-03Merge release-20210419.0-55-gf0b3298db (automated)gVisor bot
2021-05-03Convey GSO capabilities through GSOEndpointGhanan Gowripalan
...as all GSO capable endpoints must implement GSOEndpoint. PiperOrigin-RevId: 371804175
2021-05-03Merge release-20210419.0-54-g4218ba6fb (automated)gVisor bot
2021-05-03netstack: Add a test for mixed Push/ConsumeTing-Yu Wang
Not really designed to be used this way, but it works and it's been relied upon. Add a test. PiperOrigin-RevId: 371802756
2021-05-03Merge release-20210419.0-53-g1d92396aa (automated)gVisor bot
2021-05-03Temporarily disable atime/mtime check in utimensat test.Dean Deng
PiperOrigin-RevId: 371776583
2021-05-03Merge release-20210419.0-52-g1947c8734 (automated)gVisor bot
2021-05-03Fix deadlock in /proc/[pid]/fd/[num]Fabricio Voznika
In order to resolve path names, fsSymlink.Readlink() may need to reenter kernfs. Change the code so that kernfs.Inode.Readlink() is called without locks and document the new contract. PiperOrigin-RevId: 371770222
2021-05-01Merge release-20210419.0-51-g7cafac9f4 (automated)gVisor bot
2021-05-01[perf] Check caching on IncRef'd dentries before the others.Ayush Ranjan
When a child is added to a parent (directory) dentry, both child and parent are queued for checkCachingLocked(). Make sure that the parent is queued first because the parent gained a ref and so could be removed from the LRU cache hence making space for the new child. This could prevent an LRU cache eviction. In practice, this did seem to help. ~800 RPCs were reduced while building //absl/... (ABSL build benchmark). Evictions hurt in 2 ways - create renameMu contention and destroy a possibly useful dentry which will have to be re-walked and re-opened later. Follow up fix for #5859. PiperOrigin-RevId: 371509392
2021-05-01Merge release-20210419.0-50-gcde8e8b7a (automated)gVisor bot
2021-04-30kvm: prefault a root table page before switching into a user address spaceAndrei Vagin
The root table physical page has to be mapped to not fault in iret or sysret after switching into a user address space. sysret and iret are in the upper half that is global and so page tables of lower levels are already mapped. Fixes #5742 PiperOrigin-RevId: 371458644
2021-05-01Merge release-20210419.0-49-g6fb8c01bb (automated)gVisor bot
2021-04-30Fix //test/syscalls:tcp_socket_test_nativeKevin Krakauer
The data written was larger than the write buffer, and nobody was reading the other end. PiperOrigin-RevId: 371436084
2021-05-01Merge release-20210419.0-48-geb2b39f70 (automated)gVisor bot
2021-04-30Comment ip package in a single placeGhanan Gowripalan
Fixes the below linting error: ``` From Golint: > Package ip has package comment defined in multiple places: > duplicate_address_detection.go > generic_multicast_protocol.go ``` PiperOrigin-RevId: 371430486
2021-04-30Merge release-20210419.0-47-gea89cd38a (automated)gVisor bot
2021-04-30Do not return content if verity translate failsChong Cai
If verification fails for translating mmapped memory, the content should not be returned. This is not an issue for panic mode, but for error mode we should return empty content along with the error. PiperOrigin-RevId: 371393519
2021-04-29Merge release-20210419.0-46-gc958c5a4f (automated)gVisor bot
2021-04-29Fix up TODOs in the codeFabricio Voznika
PiperOrigin-RevId: 371231148
2021-04-29Merge release-20210419.0-45-g9ff0d382d (automated)gVisor bot
2021-04-29[perf] Remove unnecessary existence checks in doCreateAt().Ayush Ranjan
Originally we were making a WalkGetAttrOne RPC to confirm that a file does not exist on the remote filesystem - when there was no cached information about the existence of a dentry at that position. This change avoids making that RPC and speculatively makes the mkdir/mknod/linkat/symlink RPC. They will fail with EEXIST if a file exists at that position as we want. However the error ordering is important. Existence check comes before writability check. So we make the existence check when the writability check fails and give it precedence. This change saves ~76,000 RPCs while building //absl/... (ABSL build benchmark). That is 10% of all RPCs made while running that workload. PiperOrigin-RevId: 371225633
2021-04-29Merge release-20210419.0-44-geefa00f4a (automated)gVisor bot
2021-04-29Implement epoll_pwait2.Jing Chen
PiperOrigin-RevId: 371216407
2021-04-29Merge release-20210419.0-43-g669523f7d (automated)gVisor bot
2021-04-29Remove outdated TODOs in verityChong Cai
PiperOrigin-RevId: 371198372
2021-04-29Merge release-20210419.0-42-ga41c5fe21 (automated)gVisor bot
2021-04-29netstack: Rename pkt.Data().TrimFront() to DeleteFront(), and ...Ting-Yu Wang
... it may now invalidate backing slice references This is currently safe because TrimFront() in VectorisedView only shrinks the view. This may not hold under the a different buffer implementation. Reordering method calls order to allow this. PiperOrigin-RevId: 371167610