summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-03-24Open a temp directory before changing capabilities and user ID-sAndrei Vagin
In cl/302130790, we started using a temp directory which is provided by bazel. By default, a test process has enough permissions to open it, but there is not any guarantee that it still will be able to do this after changing credentials. PiperOrigin-RevId: 302702337
2020-03-24Move tcpip.PacketBuffer and IPTables to stack package.Bhasker Hariharan
This is a precursor to be being able to build an intrusive list of PacketBuffers for use in queuing disciplines being implemented. Updates #2214 PiperOrigin-RevId: 302677662
2020-03-23Support basic /proc/net/dev metrics for netstackIan Lewis
Fixes #506 PiperOrigin-RevId: 302540404
2020-03-23Fix data race in SetSockOpt.Bhasker Hariharan
PiperOrigin-RevId: 302539171
2020-03-23Correctly release taskPathOperation for accessAt.Dean Deng
PiperOrigin-RevId: 302518924
2020-03-23iptables: enable iptables tests as nonblockingKevin Krakauer
PiperOrigin-RevId: 302506064
2020-03-20Statically link libpthread for static c++ binaries.Eyal Soha
The posix_server works fine when run in locally or in docker but fails in the kokoro GCP build environment. Linking libpthread statically fixes it. PiperOrigin-RevId: 302139082
2020-03-20test: Create a separate /tmp mount only for tests with the shared tagAndrei Vagin
The root mount is not shared by default, but all other mounts are shared. So if we create the /tmp mount, this means that we run tests on a shared mount even if tests run without the --shared option. PiperOrigin-RevId: 302130790
2020-03-20Actually wrap rand.Reader in bufio.Reader.Bhasker Hariharan
Updates #231 PiperOrigin-RevId: 302127697
2020-03-20Remove unused variable `sndNxtList`.Ting-Yu Wang
PiperOrigin-RevId: 302110328
2020-03-19Whitelist utimensat(2).Dean Deng
utimensat is used by hostfs for setting timestamps on imported fds. Previously, this would crash the sandbox since utimensat was not allowed. Correct the VFS2 version of hostfs to match the call in VFS1. PiperOrigin-RevId: 301970121
2020-03-19Improve error message when pivot_root failsFabricio Voznika
PiperOrigin-RevId: 301949722
2020-03-19Fix bm-tools to run on bazel.Zach Koopmans
Fixes random stuff that is broken on bazel/kokoro. - random output coming back as "bytes" object instead of str - missed syntax error in bazel - a flag is missing in the version of gcloud on kokoro PiperOrigin-RevId: 301915289
2020-03-19Remove the "frozen" bit from dirents.Zach Koopmans
Frozen was to lock down changes to the host filesystem for hostFS. Now that hostFS is gone, it can be removed. PiperOrigin-RevId: 301907923
2020-03-19Automated rollback of changelist 300409401Michael Pratt
PiperOrigin-RevId: 301891849
2020-03-19Add packetimpact tests to presubmit and CI testingEyal Soha
PiperOrigin-RevId: 301872161
2020-03-19Remove redundant dep in BUILDJay Zhuang
PiperOrigin-RevId: 301859066
2020-03-19Change SocketOperations.readMu to an RWMutex.Bhasker Hariharan
Also get rid of the readViewHasData as it's not required anymore. Updates #231, #357 PiperOrigin-RevId: 301837227
2020-03-19Address comments on workMu removal change.Bhasker Hariharan
Updates #231, #357 PiperOrigin-RevId: 301833669
2020-03-19Remove workMu from tcpip.Endpoint.Bhasker Hariharan
workMu is removed and e.mu is now a mutex that supports TryLock. The packet processing path tries to lock the mutex and if its locked it will just queue the packet and move on. The endpoint.UnlockUser() will process any backlog of packets before unlocking the socket. This simplifies the locking inside tcp endpoints a lot. Further the endpoint.LockUser() implements spinning as long as the lock is not held by another syscall goroutine. This ensures low latency as not spinning leads to the task thread being put to sleep if the lock is held by the packet dispatch path. This is suboptimal as the lower layer rarely holds the lock for long so implementing spinning here helps. If the lock is held by another task goroutine then we just proceed to call LockUser() and the task could be put to sleep. The protocol goroutines themselves just call e.mu.Lock() and block if the lock is currently not available. Updates #231, #357 PiperOrigin-RevId: 301808349
2020-03-18Port imported TTY fds to vfs2.Dean Deng
Refactor fs/host.TTYFileOperations so that the relevant functionality can be shared with VFS2 (fsimpl/host.ttyFD). Incorporate host.defaultFileFD into the default host.fileDescription. This way, there is no need for a separate default_file.go. As in vfs1, the TTY file implementation can be built on top of this default and override operations as necessary (PRead/Read/PWrite/Write, Release, Ioctl). Note that these changes still need to be plumbed into runsc, which refers to imported TTYs in control/proc.go:ExecAsync. Updates #1672. PiperOrigin-RevId: 301718157
2020-03-18Merge pull request #2187 from kevinGC:deflake-connectTCPgVisor bot
PiperOrigin-RevId: 301716568
2020-03-18iptables: deflake DropTCP*Port testsKevin Krakauer
These tests could timeout because net.DialTCP didn't respect the timeout.
2020-03-18Deflake third_party/gvisor/pkg/gate/gate_testAndrei Vagin
TestConcurrentAll executes 1000 goroutines which never sleep, so they are not preempted by Go's runtime. In Go 1.14, async preemption has been added, but the added runtime.Gosched() call will do nothing wrong in this case too. PiperOrigin-RevId: 301705712
2020-03-18Merge pull request #2061 from lubinszARM:pr_restart_syscallgVisor bot
PiperOrigin-RevId: 301700868
2020-03-18Store segment transmit count.Ian Gudger
This will aid in segment reordering detection. Updates #691 PiperOrigin-RevId: 301692638
2020-03-18iptables: skip tests for not-yet-supported featuresKevin Krakauer
PiperOrigin-RevId: 301686266
2020-03-18Fix FDTable.NewFDVFS2Fabricio Voznika
It was looking at VFS1 table to determine where to allocate the next FD from. Updates #1035 PiperOrigin-RevId: 301678858
2020-03-18Automated rollback of changelist 301476456Kevin Krakauer
PiperOrigin-RevId: 301650898
2020-03-18Send the ACK later to stabilize the test.Eyal Soha
PiperOrigin-RevId: 301614096
2020-03-18Automated rollback of changelist 301501607Bhasker Hariharan
PiperOrigin-RevId: 301578043
2020-03-17Wrap rand.Reader in a bufio.Reader.Bhasker Hariharan
rand.Read() results in a syscall to the host on every call instead we can wrap it with a bufio.Reader to buffer and reduce number of syscalls. This is especially important for TCP where every newly created endpoint reads random data to initialize the timestamp offsets for the endpoint. Updates #231 PiperOrigin-RevId: 301501607
2020-03-17iptables: fix type in script name, mark some new tests as skippedKevin Krakauer
PiperOrigin-RevId: 301476456
2020-03-17Remove HostFS from Sentry.Zach Koopmans
PiperOrigin-RevId: 301402181
2020-03-17Packetimpact in Go with c++ stubEyal Soha
PiperOrigin-RevId: 301382690
2020-03-16fdtable: don't try to zap fdtable entry if close is called for non-existing fdAndrei Vagin
FDTable.setAll is used to zap entries, but it grows the table up to a specified fd. Reported-by: syzbot+9e281b0750d2d4caa190@syzkaller.appspotmail.com PiperOrigin-RevId: 301280000
2020-03-16Enforce file size rlimits in VFS2Fabricio Voznika
Updates #1035 PiperOrigin-RevId: 301255357
2020-03-16Add calls to vfs.CheckSetStat to fsimplsFabricio Voznika
Only gofer filesystem was calling vfs.CheckSetStat for vfs.FilesystemImpl.SetStatAt and vfs.FileDescriptionImpl.SetStat. Updates #1193, #1672, #1197 PiperOrigin-RevId: 301226522
2020-03-16Enable ARP resolution in TAP devices.Ting-Yu Wang
PiperOrigin-RevId: 301208471
2020-03-16Merge pull request #1943 from kevinGC:ipt-filter-ipgVisor bot
PiperOrigin-RevId: 301197007
2020-03-16Prevent vnetHdr from escaping in WritePacket.Bhasker Hariharan
PiperOrigin-RevId: 301157950
2020-03-14Disallow kernfs.Inode.SetStat for readonly inodesFabricio Voznika
Updates #1195, #1193 PiperOrigin-RevId: 300950993
2020-03-14Plumb VFS2 imported fds into virtual filesystem.Dean Deng
- When setting up the virtual filesystem, mount a host.filesystem to contain all files that need to be imported. - Make read/preadv syscalls to the host in cases where preadv2 may not be supported yet (likewise for writing). - Make save/restore functions in kernel/kernel.go return early if vfs2 is enabled. PiperOrigin-RevId: 300922353
2020-03-13Add remaining procfs filesFabricio Voznika
Closes #1195 PiperOrigin-RevId: 300867055
2020-03-13Panic if file in FDTable has been destroyedFabricio Voznika
This will give more information about the file to identify where possibly the extra DecRef() would be. PiperOrigin-RevId: 300855874
2020-03-13Fix infinite loop in semaphore.sem.wakeWaiters().Jamie Liu
PiperOrigin-RevId: 300845134
2020-03-13Internal changeZach Koopmans
PiperOrigin-RevId: 300836270
2020-03-13Fix typoMichael Pratt
PiperOrigin-RevId: 300832988
2020-03-13Refactor SLAAC address state into SLAAC prefix stateGhanan Gowripalan
Previously, SLAAC related state was stored on a per-address basis. This was sufficient for the simple case of a single SLAAC address per prefix, but future CLs will introduce temporary addresses which will result in multiple SLAAC addresses for a prefix. This refactor allows storing multiple addresses for a prefix in a single SLAAC prefix state. No behaviour changes - existing tests continue to pass. PiperOrigin-RevId: 300832812
2020-03-13Fix oom_score_adj.Jamie Liu
- Make oomScoreAdj a ThreadGroup field (Linux: signal_struct::oom_score_adj). - Avoid deadlock caused by Task.OOMScoreAdj()/SetOOMScoreAdj() locking Task.mu and TaskSet.mu in the wrong order (via Task.ExitState()). PiperOrigin-RevId: 300814698
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 06:05:54 +0000