| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-10-19 | Merge release-20211005.0-60-g83840125e (automated)build-android | gVisor bot | |
| 2021-10-19 | Drop accept from sentryctl socket filters | Michael Pratt | |
| Now that we use x/sys/unix beyond https://golang.org/cl/313690 we always use accept4 in place of accept. PiperOrigin-RevId: 404265340 | |||
| 2021-10-19 | Merge release-20211005.0-59-g03bc93d2b (automated) | gVisor bot | |
| 2021-10-18 | conntrack: update state of un-NATted connections | Kevin Krakauer | |
| This prevents reaping connections unnecessarily early. This change both moves the state update to the beginning of handlePacket and fixes a bug where un-finalized connections could become un-reapable. Fixes #6748 PiperOrigin-RevId: 404141012 | |||
| 2021-10-18 | Merge release-20211005.0-58-g211bbf82a (automated) | gVisor bot | |
| 2021-10-18 | conntrack: use tcpip.Clock instead of time.Time | Kevin Krakauer | |
| - We should be using a monotonic clock - This will make future testing easier Updates #6748. PiperOrigin-RevId: 404072318 | |||
| 2021-10-18 | Merge release-20211005.0-57-gfa56fbf44 (automated) | gVisor bot | |
| 2021-10-18 | Report ramdiskfs usage correctly | Fabricio Voznika | |
| Updates #1035 PiperOrigin-RevId: 404072231 | |||
| 2021-10-18 | Merge release-20211005.0-56-g832c309ce (automated) | gVisor bot | |
| 2021-10-18 | Change test to use VFS2 | Fabricio Voznika | |
| Updates #1035 PiperOrigin-RevId: 404043283 | |||
| 2021-10-18 | Merge release-20211005.0-55-gfb053829f (automated) | gVisor bot | |
| 2021-10-18 | Update testDeps definition for https://golang.org/cl/354632 | Michael Pratt | |
| The in-progress Go 1.18's testing.corpusEntry changed definition slightly in https://golang.org/cl/354632. Update our definition to the new version. PiperOrigin-RevId: 404040853 | |||
| 2021-10-18 | Merge release-20211005.0-54-gc7e5b4bd6 (automated) | gVisor bot | |
| 2021-10-18 | Add hook to add addition build tags | Michael Pratt | |
| PiperOrigin-RevId: 404025736 | |||
| 2021-10-18 | Merge release-20211005.0-53-geafa3f19e (automated) | gVisor bot | |
| 2021-10-18 | Mount namespace can be nil after task exits | Fabricio Voznika | |
| Updates #1035 PiperOrigin-RevId: 404017795 | |||
| 2021-10-18 | Merge release-20211005.0-52-g4f6cda4d0 (automated) | gVisor bot | |
| 2021-10-18 | Support distinction for RWMutex and read-only locks. | Adin Scannell | |
| Fixes #6590 PiperOrigin-RevId: 404007524 | |||
| 2021-10-15 | Merge release-20211005.0-51-gae8f93e55 (automated) | gVisor bot | |
| 2021-10-15 | Remove SA5011 suppressions | Tamir Duberstein | |
| https://github.com/dominikh/go-tools/issues/924 has been fixed. PiperOrigin-RevId: 403485831 | |||
| 2021-10-15 | Merge release-20211005.0-50-g706f6f35f (automated) | gVisor bot | |
| 2021-10-15 | Satisfy nogo | Ghanan Gowripalan | |
| PiperOrigin-RevId: 403479257 | |||
| 2021-10-15 | Merge release-20211005.0-49-ge4fc15bd8 (automated) | gVisor bot | |
| 2021-10-15 | Implement WriteRawPacket for pipe | Tony Gong | |
| Implement WriteRawPacket for pipe by calling `DeliverNetworkPacket` on the other end with empty values for the route and protocol number, and relies on the `NetworkDispatcher` to decapsulate the link layer header from the raw packet itself. PiperOrigin-RevId: 403461448 | |||
| 2021-10-15 | Merge release-20211005.0-48-g04dc27899 (automated) | gVisor bot | |
| 2021-10-15 | Fix incorrect printf verb | Michael Pratt | |
| tcpip.Error does not implement error and thus cannot be used with %w. This was flagged by nogo. PiperOrigin-RevId: 403458480 | |||
| 2021-10-15 | Merge release-20211005.0-47-g33b41d8fe (automated) | gVisor bot | |
| 2021-10-14 | Report total memory based on limit or host | Fabricio Voznika | |
| gVisor was previously reporting the lower of cgroup limit or 2GB as total memory. This may cause applications to make bad decisions based on amount of memory available to them when more than 2GB is required. This change makes the lower of cgroup limit or the host total memory to be reported inside the sandbox. This also is more inline with docker which always reports host total memory. Note that reporting cgroup limit is strictly better than host total memory when there is a limit set. Fixes #5608 PiperOrigin-RevId: 403241608 | |||
| 2021-10-15 | Merge release-20211005.0-46-g1711fd9ef (automated) | gVisor bot | |
| 2021-10-14 | Fix compiler warnings | Tamir Duberstein | |
| PiperOrigin-RevId: 403241314 | |||
| 2021-10-14 | Merge release-20211005.0-45-g6f4fcc4ba (automated) | gVisor bot | |
| 2021-10-14 | Add a size parameter | Chong Cai | |
| PiperOrigin-RevId: 403214414 | |||
| 2021-10-14 | Merge release-20210927.0-72-g81f284f9d (automated) | gVisor bot | |
| 2021-10-13 | Internal change. | gVisor bot | |
| PiperOrigin-RevId: 402995191 | |||
| 2021-10-13 | Merge release-20210927.0-71-g4e2cc2bef (automated) | gVisor bot | |
| 2021-10-13 | Minor fixes to sharedmem. | Bhasker Hariharan | |
| Use route/protocol from packetbuffer. Sharedmem implementation should use the EgressRoute/NetworkProtocolNumber embedded in the packetbuffer rather than what is passed as parameters to Write(Raw)Packet(s). PiperOrigin-RevId: 402934171 | |||
| 2021-10-13 | Merge release-20210927.0-70-g1796cd89d (automated) | gVisor bot | |
| 2021-10-13 | add create-only raw sockets | Kevin Krakauer | |
| These can be used by applications to manipulate iptables rules without enabling arbitrary reads from and writes to the underlying packet socket. PiperOrigin-RevId: 402924733 | |||
| 2021-10-13 | Merge release-20210927.0-69-g822189379 (automated) | gVisor bot | |
| 2021-10-13 | runsc: allow to run rootless containers on cgroupV2 | Andrei Vagin | |
| Before cl/402392291 and cl/402614820, it worked without any problem. In this case, we just ignore a cgroup configuration. We do the same thing, when we don't have permissions to create new cgroups on cgroupV1. PiperOrigin-RevId: 402913129 | |||
| 2021-10-13 | Merge release-20210927.0-68-gb74bbe11e (automated) | gVisor bot | |
| 2021-10-13 | Represent direction with boolean | Ghanan Gowripalan | |
| ...since direction can only hold one of two possible values. PiperOrigin-RevId: 402855698 | |||
| 2021-10-13 | Merge release-20210927.0-67-g747cb9246 (automated) | gVisor bot | |
| 2021-10-12 | Support Twice NAT | Ghanan Gowripalan | |
| This CL allows both SNAT and DNAT targets to be performed on the same packet. Fixes #5696. PiperOrigin-RevId: 402714738 | |||
| 2021-10-13 | Merge release-20210927.0-66-g049fa8ea9 (automated) | gVisor bot | |
| 2021-10-12 | Merge pull request #6654 from nickkelley42:documentation-nits | gVisor bot | |
| PiperOrigin-RevId: 402705397 | |||
| 2021-10-12 | Merge release-20210927.0-64-ge54ee7a99 (automated) | gVisor bot | |
| 2021-10-12 | Create constants for Keepalive defaults. | Bhasker Hariharan | |
| Fixes #6725 PiperOrigin-RevId: 402683244 | |||
| 2021-10-12 | Merge release-20210927.0-63-g08f1d9616 (automated) | gVisor bot | |
| 2021-10-12 | Separate DNAT and SNAT manip states | Ghanan Gowripalan | |
| This change also refactors the conntrack packet handling code to not perform the actual rewriting of the packet while holding the lock. This change prepares for a followup CL that adds support for twice-NAT. Updates #5696. PiperOrigin-RevId: 402671685 | |||
 |
index : gvisor | |
| Container Runtime Sandbox |
| summaryrefslogtreecommitdiffhomepage |