summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-06-19Merge release-20200608.0-95-gd962f9f38 (automated)gVisor bot
2020-06-19Implement UDP cheksum verification.gVisor bot
Test: - TestIncrementChecksumErrors Fixes #2943 PiperOrigin-RevId: 317348158
2020-06-19Merge release-20200608.0-94-ga609fff9d (automated)gVisor bot
2020-06-19Fix vfs2 handling of preadv2/pwritev2 flags.Dean Deng
Check for unsupported flags, and silently support RWF_HIPRI by doing nothing. From pkg/abi/linux/file.go: "gVisor does not implement the RWF_HIPRI feature, but the flag is accepted as a valid flag argument for preadv2/pwritev2." Updates #2923. PiperOrigin-RevId: 317330631
2020-06-19Merge release-20200608.0-93-gf40d023ad (automated)gVisor bot
2020-06-19Don't adjust parent link count if we replace a child dir with another.Dean Deng
Updates #2923. PiperOrigin-RevId: 317314460
2020-06-19Merge release-20200608.0-92-g6b69b955d (automated)gVisor bot
2020-06-19Support all seek options in gofer specialFileFD.Seek.Dean Deng
Updates #2923. PiperOrigin-RevId: 317298186
2020-06-19Merge release-20200608.0-91-g46957ed24 (automated)gVisor bot
2020-06-19Fix synthetic file bugs in gofer fs.Dean Deng
Always check if a synthetic file already exists at a location before creating a file there, and do not try to delete synthetic gofer files from the remote fs. This fixes runsc_ptrace socket tests that create/unlink synthetic, named socket files. Updates #2923. PiperOrigin-RevId: 317293648
2020-06-19Merge release-20200608.0-90-g408f3d2cd (automated)gVisor bot
2020-06-18Fix vfs2 tmpfs link permission checks.Dean Deng
Updates #2923. PiperOrigin-RevId: 317246916
2020-06-19Merge release-20200608.0-89-g70c45e09c (automated)gVisor bot
2020-06-18socket/unix: (*connectionedEndpoint).State() has to take the endpoint lockAndrei Vagin
It accesses e.receiver which is protected by the endpoint lock. WARNING: DATA RACE Write at 0x00c0006aa2b8 by goroutine 189: pkg/sentry/socket/unix/transport.(*connectionedEndpoint).Connect.func1() pkg/sentry/socket/unix/transport/connectioned.go:359 +0x50 pkg/sentry/socket/unix/transport.(*connectionedEndpoint).BidirectionalConnect() pkg/sentry/socket/unix/transport/connectioned.go:327 +0xa3c pkg/sentry/socket/unix/transport.(*connectionedEndpoint).Connect() pkg/sentry/socket/unix/transport/connectioned.go:363 +0xca pkg/sentry/socket/unix.(*socketOpsCommon).Connect() pkg/sentry/socket/unix/unix.go:420 +0x13a pkg/sentry/socket/unix.(*SocketOperations).Connect() <autogenerated>:1 +0x78 pkg/sentry/syscalls/linux.Connect() pkg/sentry/syscalls/linux/sys_socket.go:286 +0x251 Previous read at 0x00c0006aa2b8 by goroutine 270: pkg/sentry/socket/unix/transport.(*baseEndpoint).Connected() pkg/sentry/socket/unix/transport/unix.go:789 +0x42 pkg/sentry/socket/unix/transport.(*connectionedEndpoint).State() pkg/sentry/socket/unix/transport/connectioned.go:479 +0x2f pkg/sentry/socket/unix.(*socketOpsCommon).State() pkg/sentry/socket/unix/unix.go:714 +0xc3e pkg/sentry/socket/unix.(*socketOpsCommon).SendMsg() pkg/sentry/socket/unix/unix.go:466 +0xc44 pkg/sentry/socket/unix.(*SocketOperations).SendMsg() <autogenerated>:1 +0x173 pkg/sentry/syscalls/linux.sendTo() pkg/sentry/syscalls/linux/sys_socket.go:1121 +0x4c5 pkg/sentry/syscalls/linux.SendTo() pkg/sentry/syscalls/linux/sys_socket.go:1134 +0x87 Reported-by: syzbot+c2be37eedc672ed59a86@syzkaller.appspotmail.com PiperOrigin-RevId: 317236996
2020-06-19Merge release-20200608.0-88-g0c169b6ad (automated)gVisor bot
2020-06-18iptables: skip iptables if no rules are setKevin Krakauer
Users that never set iptables rules shouldn't incur the iptables performance cost. Suggested by Ian (@iangudger). PiperOrigin-RevId: 317232921
2020-06-19Merge release-20200608.0-87-g28b8a5cc3 (automated)gVisor bot
2020-06-18iptables: remove metadata structKevin Krakauer
Metadata was useful for debugging and safety, but enough tests exist that we should see failures when (de)serialization is broken. It made stack initialization more cumbersome and it's also getting in the way of ip6tables. PiperOrigin-RevId: 317210653
2020-06-18Merge release-20200608.0-86-g878050b5c (automated)gVisor bot
2020-06-18Enable more VFS2 syscall testsFabricio Voznika
Updates #2923 PiperOrigin-RevId: 317185798
2020-06-18Merge release-20200608.0-85-gf97122f44 (automated)gVisor bot
2020-06-18Acquire lock when accessing MultiDevice's cache in String().Ting-Yu Wang
PiperOrigin-RevId: 317180925
2020-06-18Merge release-20200608.0-84-gf1aa91918 (automated)gVisor bot
2020-06-18Ensure ip6tables module installedKevin Krakauer
This module isn't always loaded automatically. PiperOrigin-RevId: 317164471
2020-06-18Merge release-20200608.0-83-g3970c1274 (automated)gVisor bot
2020-06-18Remove various uses of 'whitelist'Michael Pratt
Updates #2972 PiperOrigin-RevId: 317113059
2020-06-18Merge release-20200608.0-82-g07ff909e7 (automated)gVisor bot
2020-06-18Support setsockopt SO_SNDBUF/SO_RCVBUF for raw/udp sockets.Bhasker Hariharan
Updates #173,#6 Fixes #2888 PiperOrigin-RevId: 317087652
2020-06-18Merge release-20200608.0-81-g09b2fca40 (automated)gVisor bot
2020-06-18Cleanup tcp.timer and tcpip.RouteGhanan Gowripalan
When a tcp.timer or tcpip.Route is no longer used, clean up its resources so that unused memory may be released. PiperOrigin-RevId: 317046582
2020-06-18Merge release-20200608.0-80-g6e0c17052 (automated)gVisor bot
2020-06-17Implement Sync() to directoriesFabricio Voznika
Updates #1035, #1199 PiperOrigin-RevId: 317028108
2020-06-18Merge release-20200608.0-79-g22b0bb213 (automated)gVisor bot
2020-06-17Add TempTmpMount testFabricio Voznika
This currently doesn't work with VSF2. Add test to ensure it's not missed. Updates #1487 PiperOrigin-RevId: 317013792
2020-06-18Merge release-20200608.0-78-g97f6b20e8 (automated)gVisor bot
2020-06-17Move mount configutation to RunOptsFabricio Voznika
Separate mount configuration from links and move it to RunOpts, like the other options. PiperOrigin-RevId: 317010158
2020-06-18Merge release-20200608.0-77-g57286eb64 (automated)gVisor bot
2020-06-17Increase timeouts for NDP testsGhanan Gowripalan
... to help reduce flakes. When waiting for an event to occur, use a timeout of 10s. When waiting for an event to not occur, use a timeout of 1s. Test: Ran test locally w/ run count of 1000 with and without gotsan. PiperOrigin-RevId: 316998128
2020-06-17Merge release-20200608.0-76-g02072fd24 (automated)gVisor bot
2020-06-17Add test for stat("/proc/net/snmp").Ian Gudger
PiperOrigin-RevId: 316974863
2020-06-17Merge release-20200608.0-75-ga5f4deeca (automated)gVisor bot
2020-06-17Internal change.gVisor bot
PiperOrigin-RevId: 316973783
2020-06-17Merge release-20200608.0-74-g28a5c55bb (automated)gVisor bot
2020-06-17Proc test: Allow root mount pathname to be non-root.Nicolas Lacasse
The test was expecting that the root mount pathname was "/", but it doesn't need to be. Only the mount point actually should be "/" (otherwise it is not the root). PiperOrigin-RevId: 316968025
2020-06-17Merge release-20200608.0-73-g505e8f4e3 (automated)gVisor bot
2020-06-17Fix TtlDefault test on linux.Bhasker Hariharan
Different flavors of linux seem to use different defaults we accept 64 or 127 as the TtlDefault in the test. PiperOrigin-RevId: 316961150
2020-06-17Merge release-20200608.0-72-g6d806ee71 (automated)gVisor bot
2020-06-17Remove various uses of 'blacklist'Michael Pratt
Updates #2972 PiperOrigin-RevId: 316942245
2020-06-17Merge release-20200608.0-71-ge5d97cbcc (automated)gVisor bot
2020-06-17Refactor host.canMap.Dean Deng
Simplify the canMap check. We do not have plans to allow mmap for anything beyond regular files, so we can just inline canMap() as a simple file mode check. Updates #1672. PiperOrigin-RevId: 316929654