| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-07-22 | Merge release-20210712.0-39-gf1f746ddd (automated) | gVisor bot | |
| 2021-07-21 | Add metric to count number of segments acknowledged by DSACK. | Nayana Bidari | |
| - Creates new metric "/tcp/segments_acked_with_dsack" to count the number of segments acked with DSACK. - Added check to verify the metric is getting incremented when a DSACK is sent in the unit tests. PiperOrigin-RevId: 386135949 | |||
| 2021-07-21 | Merge release-20210712.0-38-gbc0ab8ea0 (automated) | gVisor bot | |
| 2021-07-21 | buildkite: update Go | Kevin Krakauer | |
| #6322 tried to update Go to 1.16, but existing nodes fail to upgrade due to the presence of old Go [1]. Specifically when trying to add Go to `/usr/bin`: ``` ln: failed to create symbolic link '/usr/bin/go': File exists ``` Also: - Removing `golang-go` also removes apt installs of `gcc` and `pkg-config`, so those are installed explicitly. - Add `-c` to wget, which will prevent re-downloading Go for each run. - Disable GO111MODULE when building cri-tools and containerd, since we're using pre-module versions of each. 1 - https://buildkite.com/gvisor/pipeline/builds/7285#3593244c-e411-472d-804a-9c7fbbd24762 PiperOrigin-RevId: 386106881 | |||
| 2021-07-21 | Merge release-20210712.0-37-gc259978db (automated) | gVisor bot | |
| 2021-07-21 | Fix required Linux version in networking docs. | Ian Lewis | |
| PiperOrigin-RevId: 386093826 | |||
| 2021-07-21 | Merge release-20210712.0-36-ga89b2f005 (automated) | gVisor bot | |
| 2021-07-21 | Use atomics when checking for parent setgid in VFS2 tmpfs file creation. | Jamie Liu | |
| Reported-by: syzbot+59550b48e06cc0d3b638@syzkaller.appspotmail.com PiperOrigin-RevId: 386075453 | |||
| 2021-07-21 | Merge release-20210712.0-35-ga4d743db5 (automated) | gVisor bot | |
| 2021-07-20 | Enable RACK by default in netstack. | Nayana Bidari | |
| PiperOrigin-RevId: 385944428 | |||
| 2021-07-21 | Merge release-20210712.0-34-g9e805ce93 (automated) | gVisor bot | |
| 2021-07-20 | Expose local address from raw sockets | Ghanan Gowripalan | |
| PiperOrigin-RevId: 385940836 | |||
| 2021-07-21 | Merge release-20210712.0-33-g0184f1a66 (automated) | gVisor bot | |
| 2021-07-20 | Add fsstress test to goferfs | Fabricio Voznika | |
| PiperOrigin-RevId: 385937353 | |||
| 2021-07-21 | Merge release-20210712.0-32-g990cd1a95 (automated) | gVisor bot | |
| 2021-07-20 | Don't kill container when volume is unmounted | Fabricio Voznika | |
| The gofer session is killed when a gofer backed volume is unmounted. The gofer monitor catches the disconnect and kills the container. This changes the gofer monitor to only care about the rootfs connections, which cannot be unmounted. Fixes #6259 PiperOrigin-RevId: 385929039 | |||
| 2021-07-21 | Merge release-20210712.0-31-g49d9ef498 (automated) | gVisor bot | |
| 2021-07-20 | Merge pull request #6220 from laijs:disconnect-fp | gVisor bot | |
| PiperOrigin-RevId: 385919423 | |||
| 2021-07-20 | Merge release-20210712.0-29-g1ad382220 (automated) | gVisor bot | |
| 2021-07-20 | Add go:build directives as required by Go 1.17's gofmt. | Jamie Liu | |
| PiperOrigin-RevId: 385894869 | |||
| 2021-07-20 | Merge release-20210712.0-28-g7ced03b38 (automated) | gVisor bot | |
| 2021-07-20 | ring0: Initialize sentryXCR0 from Kernel.init() | Andrei Vagin | |
| Fixes #6300 PiperOrigin-RevId: 385840917 | |||
| 2021-07-16 | Merge release-20210712.0-27-g5ad30cac2 (automated) | gVisor bot | |
| 2021-07-16 | Automated rollback of changelist 385029528 | Kevin Krakauer | |
| PiperOrigin-RevId: 385200993 | |||
| 2021-07-16 | Merge release-20210712.0-26-g628d7d3a4 (automated) | gVisor bot | |
| 2021-07-15 | Fix refcount increments in gofer.filesystem.Sync. | Fabricio Voznika | |
| fs.renameMu is released and reacquired in `dentry.destroyLocked()` allowing a dentry to be in `fs.syncableDentries` with a negative reference count. Fixes #5263 PiperOrigin-RevId: 385054337 | |||
| 2021-07-16 | Merge release-20210712.0-25-gb6baa377d (automated) | gVisor bot | |
| 2021-07-15 | Update gVisor release signing key to a version that does not expire. | Etienne Perot | |
| PiperOrigin-RevId: 385051420 | |||
| 2021-07-15 | Merge release-20210712.0-24-g6415efa51 (automated) | gVisor bot | |
| 2021-07-15 | buildkite: bump Go version to 1.16 | Kevin Krakauer | |
| We're currently on 1.13, which can cause build issues with code targeting later versions. PiperOrigin-RevId: 385029528 | |||
| 2021-07-15 | Merge release-20210712.0-23-gcd45d7b6c (automated) | gVisor bot | |
| 2021-07-15 | netstack: support SO_RCVBUFFORCE | Kevin Krakauer | |
| TCP is fully supported. As with SO_RCVBUF, other transport protocols perform no-ops per DefaultSocketOptionsHandler.OnSetReceiveBufferSize. PiperOrigin-RevId: 385023239 | |||
| 2021-07-15 | Merge release-20210712.0-22-g67d905075 (automated) | gVisor bot | |
| 2021-07-15 | Merge pull request #6320 from kevinGC:issues-template | gVisor bot | |
| PiperOrigin-RevId: 385019550 | |||
| 2021-07-15 | Merge release-20210705.0-25-g5c20fd3bb (automated) | gVisor bot | |
| 2021-07-14 | Add verity symlink tests | Chong Cai | |
| PiperOrigin-RevId: 384823097 | |||
| 2021-07-14 | Merge release-20210705.0-24-gd02be7858 (automated) | gVisor bot | |
| 2021-07-14 | Replace whitelist with allowlist from docs | Fabricio Voznika | |
| PiperOrigin-RevId: 384796852 | |||
| 2021-07-14 | Merge release-20210705.0-23-ge963657e7 (automated) | gVisor bot | |
| 2021-07-14 | Set tcp endpoint state atomically | Tamir Duberstein | |
| PiperOrigin-RevId: 384776517 | |||
| 2021-07-14 | Merge release-20210705.0-22-ga1044cb88 (automated) | gVisor bot | |
| 2021-07-14 | testing: shrink exhaustion test size to avoid timeouts | Kevin Krakauer | |
| Tested via: ``` bazel test \ //test/syscalls:socket_ipv4_udp_unbound_loopback_nogotsan_test_runsc_ptrace --runs_per_test=2000 ``` PiperOrigin-RevId: 384773477 | |||
| 2021-07-14 | use github issue templates | Kevin Krakauer | |
| 2021-07-14 | Merge release-20210705.0-21-g85a0a353a (automated) | gVisor bot | |
| 2021-07-13 | Replace whitelist with allowlist | Fabricio Voznika | |
| PiperOrigin-RevId: 384586164 | |||
| 2021-07-13 | Merge release-20210705.0-20-gd4dce953b (automated) | gVisor bot | |
| 2021-07-13 | Do not require O_PATH flag to enable verity | Chong Cai | |
| Remove the hack in gVisor vfs that allows verity to bypass the O_PATH check, since ioctl is not allowed on fds opened with O_PATH in linux. Verity still opens the lowerFD with O_PATH to open it as a symlink, but the API no longer expects O_PATH to open a fd to be verity enabled. Now only O_FOLLOW should be specified when opening and enabling verity features. PiperOrigin-RevId: 384567833 | |||
| 2021-07-13 | Merge release-20210705.0-19-gc16e69a9d (automated) | gVisor bot | |
| 2021-07-13 | Use consistent naming for subcontainers | Fabricio Voznika | |
| It was confusing to find functions relating to root and non-root containers. Replace "non-root" and "subcontainer" and make naming consistent in Sandbox and controller. PiperOrigin-RevId: 384512518 | |||
| 2021-07-13 | Merge release-20210705.0-18-g1fe6db8c5 (automated) | gVisor bot | |
 |
index : gvisor | |
| Container Runtime Sandbox |
| summaryrefslogtreecommitdiffhomepage |