summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2018-08-14Fix bind() on overlays.Nicolas Lacasse
InodeOperations.Bind now returns a Dirent which will be cached in the Dirent tree. When an overlay is in-use, Bind cannot return the Dirent created by the upper filesystem because the Dirent does not know about the overlay. Instead, overlayBind must create a new overlay-aware Inode and Dirent and return that. This is analagous to how Lookup and overlayLookup work. PiperOrigin-RevId: 208670710 Change-Id: I6390affbcf94c38656b4b458e248739b4853da29
2018-08-13Prevent renames across walk fast path.Adin Scannell
PiperOrigin-RevId: 208533436 Change-Id: Ifc1a4e2d6438a424650bee831c301b1ac0d670a3
2018-08-13Add path sanity checks.Adin Scannell
PiperOrigin-RevId: 208527333 Change-Id: I55291bc6b8bc6b88fdd75baf899a71854c39c1a7
2018-08-10fs: Allow overlays to revalidate files from the upper fs.Nicolas Lacasse
Previously, an overlay would panic if either the upper or lower fs required revalidation for a given Dirent. Now, we allow revalidation from the upper file, but not the lower. If a cached overlay inode does need revalidation (because the upper needs revalidation), then the entire overlay Inode will be discarded and a new overlay Inode will be built with a fresh copy of the upper file. As a side effect of this change, Revalidate must take an Inode instead of a Dirent, since an overlay needs to revalidate individual Inodes. PiperOrigin-RevId: 208293638 Change-Id: Ic8f8d1ffdc09114721745661a09522b54420c5f1
2018-08-10Implemented the splice(2) syscall.Justine Olshan
Currently the implementation matches the behavior of moving data between two file descriptors. However, it does not implement this through zero-copy movement. Thus, this code is a starting point to build the more complex implementation. PiperOrigin-RevId: 208284483 Change-Id: Ibde79520a3d50bc26aead7ad4f128d2be31db14e
2018-08-10Move checkpoint/restore readme to g3doc directory.Nicolas Lacasse
PiperOrigin-RevId: 208282383 Change-Id: Ifa4aaf5d925b17d9a0672ea951a4570d35855300
2018-08-10cache policy: Check policy before returning a negative dirent.Nicolas Lacasse
The cache policy determines whether Lookup should return a negative dirent, or just ENOENT. This CL fixes one spot where we returned a negative dirent without first consulting the policy. PiperOrigin-RevId: 208280230 Change-Id: I8f963bbdb45a95a74ad0ecc1eef47eff2092d3a4
2018-08-10Added a reference to the checkpoint/restore readme.Justine Olshan
In the main readme, checkpoint and restore is listed as an advanced feature, and a link to its readme is provided. PiperOrigin-RevId: 208279833 Change-Id: Ib3db28a8df8ec93cf8d98d5dfd2ee2f75a61e664
2018-08-10README for Checkpoint/Restore.Brielle Broder
PiperOrigin-RevId: 208274833 Change-Id: Iddda875a87205f7b8fa6f5c60b547522b94a6696
2018-08-10Enable checkpoint/restore in cases of UDS use.Brielle Broder
Previously, processes which used file-system Unix Domain Sockets could not be checkpoint-ed in runsc because the sockets were saved with their inode numbers which do not necessarily remain the same upon restore. Now, the sockets are also saved with their paths so that the new inodes can be determined for the sockets based on these paths after restoring. Tests for cases with UDS use are included. Test cleanup to come. PiperOrigin-RevId: 208268781 Change-Id: Ieaa5d5d9a64914ca105cae199fd8492710b1d7ec
2018-08-10Validate FS.base before establishing it in the task's register set.Neel Natu
PiperOrigin-RevId: 208229341 Change-Id: I5d84bc52bbafa073446ef497e56958d0d7955aa8
2018-08-09Fix runsc integration_test when using --network=hostFabricio Voznika
inethost doesn't support netlink and 'ifconfig' call to retrieve IP address fails. Look up IP address in /etc/hosts instead. PiperOrigin-RevId: 208135641 Change-Id: I3c2ce15db6fc7c3306a45e4bfb9cc5d4423ffad3
2018-08-09Fix missing O_LARGEFILE from O_CREAT filesMichael Pratt
Cleanup some more syscall.O_* references while we're here. PiperOrigin-RevId: 208133460 Change-Id: I48db71a38f817e4f4673977eafcc0e3874eb9a25
2018-08-08Basic support for ip link/addr and ifconfigFabricio Voznika
Closes #94 PiperOrigin-RevId: 207997580 Change-Id: I19b426f1586b5ec12f8b0cd5884d5b401d334924
2018-08-08Fix error handling for bad message sizes.Adin Scannell
The message size check is legitimate: the size must be negotiated, which relies on the fixed message limit up front. Sending a message larger than that indicates that the connection is out of sync and is considered a socket error (disconnect). Similarly, sending a size that is too small indicates that the stream is out-of-sync or invalid. PiperOrigin-RevId: 207996551 Change-Id: Icd8b513d5307e9d5953dbb957ee70ceea111098d
2018-08-08Resend packets back to netstack if destined to itselfFabricio Voznika
Add option to redirect packet back to netstack if it's destined to itself. This fixes the problem where connecting to the local NIC address would not work, e.g.: echo bar | nc -l -p 8080 & echo foo | nc 192.168.0.2 8080 PiperOrigin-RevId: 207995083 Change-Id: I17adc2a04df48bfea711011a5df206326a1fb8ef
2018-08-08Protect PCIDs with a mutex.Adin Scannell
Because the Drop method may be called across vCPUs, it is necessary to protect the PCID database with a mutex to prevent concurrent modification. The PCID is assigned prior to entersyscall, so it's safe to block. PiperOrigin-RevId: 207992864 Change-Id: I8b36d55106981f51e30dcf03e12886330bb79d67
2018-08-08Fix data race in unix.BoundEndpoint.UnidirectionalConnect.Ian Gudger
Data race is: Read: (*connectionlessEndpoint).UnidirectionalConnect: writeQueue: e.receiver.(*queueReceiver).readQueue, Write: (*connectionlessEndpoint).Close: e.receiver = nil The problem is that (*connectionlessEndpoint).UnidirectionalConnect assumed that baseEndpoint.receiver is immutable which is explicitly not the case. Fixing this required two changes: 1. Add synchronization around access of baseEndpoint.receiver in (*connectionlessEndpoint).UnidirectionalConnect. 2. Check for baseEndpoint.receiver being nil in (*connectionlessEndpoint).UnidirectionalConnect. PiperOrigin-RevId: 207984402 Change-Id: Icddeeb43805e777fa3ef874329fa704891d14181
2018-08-08Bump rules_go and gazelle to 0.14.0Michael Pratt
PiperOrigin-RevId: 207977844 Change-Id: I980c1ad76339e9e4e8ea6d58c1caf5245befa18a
2018-08-08Enable SACK in runscFabricio Voznika
SACK is disabled by default and needs to be manually enabled. It not only improves performance, but also fixes hangs downloading files from certain websites. PiperOrigin-RevId: 207906742 Change-Id: I4fb7277b67bfdf83ac8195f1b9c38265a0d51e8b
2018-08-07Fix build break in testFabricio Voznika
integration_test runs manually and breakage wasn't detected. Added test to kokoro to ensure breakages are detected in the future. PiperOrigin-RevId: 207772835 Change-Id: Iada81b579b558477d4db3516b38366ef6a2e933d
2018-08-07Hold TaskSet.mu in Task.Parent.Jamie Liu
PiperOrigin-RevId: 207766238 Change-Id: Id3b66d8fe1f44c3570f67fa5ae7ba16021e35be1
2018-08-07Adds support to dump out cubic internal state.Bhasker Hariharan
PiperOrigin-RevId: 207754087 Change-Id: I83abce64348ea93f8692da81a881b364dae2158b
2018-08-07fs: Add new cache policy "remote_revalidate".Nicolas Lacasse
This CL adds a new cache-policy for gofer filesystems that uses the host page cache, but causes dirents to be reloaded on each Walk, and does not cache readdir results. This policy is useful when the remote filesystem may change out from underneath us, as any remote changes will be reflected on the next Walk. Importantly, this cache policy is only consistent if we do not use gVisor's internal page cache, since that page cache is tied to the Inode and may be thrown away upon Revalidation. This cache policy should only be used when the gofer supports donating host FDs, since then gVisor will make use of the host kernel page cache, which will be consistent for all open files in the gofer. In fact, a panic will be raised if a file is opened without a donated FD. PiperOrigin-RevId: 207752937 Change-Id: I233cb78b4695bbe00a4605ae64080a47629329b8
2018-08-07sentry: make epoll.pollEntry wait for the file operation in restore.Zhaozhong Ni
PiperOrigin-RevId: 207737935 Change-Id: I3a301ece1f1d30909715f36562474e3248b6a0d5
2018-08-07Netstack doesn't handle sending after SHUT_WR correctly.Brian Geffon
PiperOrigin-RevId: 207715032 Change-Id: I7b6690074c5be283145192895d706a92e921b22c
2018-08-06Disable KVM dimension because it's making the test flakyFabricio Voznika
PiperOrigin-RevId: 207642348 Change-Id: Iacec9f097ab93b91c0c8eea61b1347e864f57a8b
2018-08-06Tiny reordering to network codeFabricio Voznika
PiperOrigin-RevId: 207581723 Change-Id: I6e4eb1227b5ed302de5e6c891040b670955f1eea
2018-08-06Make ramfs.File savableMichael Pratt
In other news, apparently proc.fdInfo is the last user of ramfs.File. PiperOrigin-RevId: 207564572 Change-Id: I5a92515698cc89652b80bea9a32d309e14059869
2018-08-06Fix a bug in PCIDs.AssignShiruRen
Store the new assigned pcid in p.cache[pt]. Signed-off-by: ShiruRen <renshiru2000@gmail.com> Change-Id: I4aee4e06559e429fb5e90cb9fe28b36139e3b4b6 PiperOrigin-RevId: 207563833
2018-08-03Cubic implementation for Netstack.Bhasker Hariharan
This CL implements CUBIC as described in https://tools.ietf.org/html/rfc8312. PiperOrigin-RevId: 207353142 Change-Id: I329cbf3277f91127e99e488f07d906f6779c6603
2018-08-03stateify: make explicit mode no longer optional.Zhaozhong Ni
PiperOrigin-RevId: 207303405 Change-Id: I17b6433963d78e3631a862b7ac80f566c8e7d106
2018-08-02Copy creds in accessMichael Pratt
PiperOrigin-RevId: 207181631 Change-Id: Ic6205278715a9260fb970efb414fc758ea72c4c6
2018-08-02Update comment referenceMichael Pratt
PiperOrigin-RevId: 207180809 Change-Id: I08c264812919e81b2c56fdd4a9ef06924de8b52f
2018-08-02Isolate image pulling time from container startupFabricio Voznika
mysql image test is timing out sporadically and it's hard to tell where the slow down in coming from. PiperOrigin-RevId: 207147237 Change-Id: I05a4d2c116292695d63cf861f3b89cd1c54b6106
2018-08-02Automated rollback of changelist 207037226Zhaozhong Ni
PiperOrigin-RevId: 207125440 Change-Id: I6c572afb4d693ee72a0c458a988b0e96d191cd49
2018-08-02Add seccomp(2) support.Brian Geffon
Add support for the seccomp syscall and the flag SECCOMP_FILTER_FLAG_TSYNC. PiperOrigin-RevId: 207101507 Change-Id: I5eb8ba9d5ef71b0e683930a6429182726dc23175
2018-08-01Move stack clock to options structIan Gudger
PiperOrigin-RevId: 207039273 Change-Id: Ib8f55a6dc302052ab4a10ccd70b07f0d73b373df
2018-08-01Automated rollback of changelist 207007153Michael Pratt
PiperOrigin-RevId: 207037226 Change-Id: I8b5f1a056d4f3eab17846f2e0193bb737ecb5428
2018-08-01stateify: convert all packages to use explicit mode.Zhaozhong Ni
PiperOrigin-RevId: 207007153 Change-Id: Ifedf1cc3758dc18be16647a4ece9c840c1c636c9
2018-08-01New conditional for adding key/value pairs to maps.Brielle Broder
When adding MultiDeviceKeys and their values into MultiDevice maps, make sure the keys and values have not already been added. This ensures that preexisting key/value pairs are not overridden. PiperOrigin-RevId: 206942766 Change-Id: I9d85f38eb59ba59f0305e6614a52690608944981
2018-07-31Use backoff package for retry logicFabricio Voznika
PiperOrigin-RevId: 206834838 Change-Id: I9a44c6fa5f4766a01f86e90810f025cefecdf2d4
2018-07-31Drop dup2 filterMichael Pratt
It is unused. PiperOrigin-RevId: 206798328 Change-Id: I2d7d27c0e4a0ef51264b900f14f1b3fdad17f2c4
2018-07-31proc: show file flags in fdinfoAndrei Vagin
Currently, there is an attempt to print FD flags, but they are not decoded into a number, so we see something like this: /criu # cat /proc/self/fdinfo/0 flags: {%!o(bool=000false)} Actually, fdinfo has to contain file flags. Change-Id: Idcbb7db908067447eb9ae6f2c3cfb861f2be1a97 PiperOrigin-RevId: 206794498
2018-07-30Cleans up files created if there is a failure.Brielle Broder
PiperOrigin-RevId: 206674267 Change-Id: Ifc4eb19e0882e8bed566e9c553af910925fe6ae2
2018-07-30netstack: support disconnect-on-save option per fdbased link.Zhaozhong Ni
PiperOrigin-RevId: 206659972 Change-Id: I5e0e035f97743b6525ad36bed2c802791609beaf
2018-07-27Make runsc visibility public.Adin Scannell
(Why not?) PiperOrigin-RevId: 206401282 Change-Id: Iadcb7fb8472de7aef7c4bf5182e9a1d339e4d259
2018-07-27Simplify Kokoro configuration.Adin Scannell
PiperOrigin-RevId: 206401009 Change-Id: I26644d1fe637b5a40db013fedf9fc063cc87ce6a
2018-07-27Added the O_LARGEFILE flag.Justine Olshan
This flag will always be true for gVisor files. PiperOrigin-RevId: 206355963 Change-Id: I2f03d2412e2609042df43b06d1318cba674574d0
2018-07-27stateify: support explicit annotation mode; convert refs and stack packages.Zhaozhong Ni
We have been unnecessarily creating too many savable types implicitly. PiperOrigin-RevId: 206334201 Change-Id: Idc5a3a14bfb7ee125c4f2bb2b1c53164e46f29a8