summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-05-12Merge release-20210503.0-47-g07e32fa69 (automated)gVisor bot
2021-05-12Document design details for refsvfs2 template.Dean Deng
PiperOrigin-RevId: 373437576
2021-05-12Merge release-20210503.0-46-g2f6e85dde (automated)gVisor bot
2021-05-12Internal change.gVisor bot
PiperOrigin-RevId: 373417636
2021-05-12Merge release-20210503.0-45-g8f6bfe257 (automated)gVisor bot
2021-05-11Merge pull request #5694 from kevinGC:align32gVisor bot
PiperOrigin-RevId: 373271579
2021-05-12Merge release-20210503.0-36-g49eb3da98 (automated)gVisor bot
2021-05-11[syserror] Refactor abi/linux.ErrnoZach Koopmans
PiperOrigin-RevId: 373265454
2021-05-11Merge release-20210503.0-35-gf8d22292e (automated)gVisor bot
2021-05-11Internal change.gVisor bot
PiperOrigin-RevId: 373221316
2021-05-11Merge release-20210503.0-34-gebebb3059 (automated)gVisor bot
2021-05-11Change AcquireAssignedAddress to use RLock.Bhasker Hariharan
This is a hot path for all incoming packets and we don't need an exclusive lock here as we are not modifying any of the fields protected by mu here. PiperOrigin-RevId: 373181254
2021-05-11Merge release-20210503.0-33-g60bdf7ed3 (automated)gVisor bot
2021-05-11Move multicounter testutil functions out of network/ipArthur Sfez
This is in preparation of having aggregated NIC stats at the stack level. These validation functions will be needed outside of the network layer packages to test aggregated NIC stats. PiperOrigin-RevId: 373180565
2021-05-11Merge release-20210503.0-32-g1daabac23 (automated)gVisor bot
2021-05-11Process Hop-by-Hop header when forwarding IPv6 packetsNick Brown
Currently, we process IPv6 extension headers when receiving packets but not when forwarding them. This is fine for the most part, with with one exception: RFC 8200 requires that we process the Hop-by-Hop headers even while forwarding packets. This CL adds that support by invoking the Hop-by-hop logic performed when receiving packets during forwarding as well. PiperOrigin-RevId: 373145478
2021-05-11Merge release-20210503.0-31-g1699d702c (automated)gVisor bot
2021-05-10Fix issue reviverIan Lewis
Fixes invocation of the Github issue reviver by including the required 'path' command line option. Also updates the issue reviver to add a 'revived' label to revived issues. Issues with a 'revived' label will no longer be marked as stale. PiperOrigin-RevId: 373046772
2021-05-10Merge release-20210503.0-30-g6c349c675 (automated)gVisor bot
2021-05-10Merge pull request #5764 from zhlhahaha:2126-2gVisor bot
PiperOrigin-RevId: 372993341
2021-05-07explicitly 0-index backing arrayKevin Krakauer
2021-05-07Merge release-20210419.0-79-ge691004e0 (automated)gVisor bot
2021-05-07Merge pull request #5758 from zhlhahaha:2125gVisor bot
PiperOrigin-RevId: 372608247
2021-05-07Init all vCPU when initializing machine on ARM64howard zhang
This patch is to solve problem that vCPU timer mess up when adding vCPU dynamically on ARM64, for detailed information please refer to: https://github.com/google/gvisor/issues/5739 There is no influence on x86 and here are main changes for ARM64: 1. create maxVCPUs number of vCPU in machine initialization 2. we want to sync gvisor vCPU number with host CPU number, so use smaller number between runtime.NumCPU and KVM_CAP_MAX_VCPUS to be maxVCPUS 3. put unused vCPUs into architecture-specific map initialvCPUs 4. When machine need to bind a new vCPU with tid, rather than creating new one, it would pick a vCPU from map initalvCPUs 5. change the setSystemTime function. When vCPU number increasing, the time cost for function setTSC(use syscall to set cntvoff) is liner growth from around 300 ns to 100000 ns, and this leads to the function setSystemTimeLegacy can not get correct offset value. 6. initializing StdioFDs and goferFD before a platform to avoid StdioFDs confects with vCPU fds Signed-off-by: howard zhang <howard.zhang@arm.com>
2021-05-07Merge release-20210419.0-77-g339001204 (automated)gVisor bot
2021-05-06Implement /proc/cmdlineSteve Silva
This change implements /proc/cmdline with a basic faux command line "BOOT_IMAGE=/vmlinuz-[version]-gvisor quiet" so apps that may expect it do not receive errors. Also tests for the existence of /proc/cmdline as part of the system call test suite PiperOrigin-RevId: 372462070
2021-05-06fix build constraintsKevin Krakauer
2021-05-06fix rebase errorKevin Krakauer
2021-05-06mark types as saveableKevin Krakauer
2021-05-06Added more commentsKevin Krakauer
2021-05-06Added commentsKevin Krakauer
2021-05-06Moved to atomicbitops and renamed filesKevin Krakauer
2021-05-06Fix alignment issue with 64-bit atomics on 32 bit machinesKevin Krakauer
2021-05-06Merge release-20210419.0-76-g9800fd8e4 (automated)gVisor bot
2021-05-06Solicit routers as long as RAs are handledGhanan Gowripalan
...to conform with Linux's `accept_ra` sysctl option. ``` accept_ra - INTEGER Accept Router Advertisements; autoconfigure using them. It also determines whether or not to transmit Router Solicitations. If and only if the functional setting is to accept Router Advertisements, Router Solicitations will be transmitted. Possible values are: 0 Do not accept Router Advertisements. 1 Accept Router Advertisements if forwarding is disabled. 2 Overrule forwarding behaviour. Accept Router Advertisements even if forwarding is enabled. Functional default: enabled if local forwarding is disabled. disabled if local forwarding is enabled. ``` With this change, routers may be solicited even if the stack is has forwarding enabled, as long as the interface is configured to handle RAs when forwarding is enabled. PiperOrigin-RevId: 372406501
2021-05-06Merge release-20210419.0-75-gf1afd9e1a (automated)gVisor bot
2021-05-06internal import of Go cloud client librariesgVisor bot
PiperOrigin-RevId: 372376653
2021-05-06Merge release-20210419.0-74-g9f33fe64f (automated)gVisor bot
2021-05-05Fixes to runsc cgroupsFabricio Voznika
When loading cgroups for another process, `/proc/self` was used in a few places, causing the end state to be a mix of the process and self. This is now fixes to always use the proper `/proc/[pid]` path. Added net_prio and net_cls to the list of optional controllers. This is to allow runsc to execute then these cgroups are disabled as long as there are no net_prio and net_cls limits that need to be applied. Deflake TestMultiContainerEvent. Closes #5875 Closes #5887 PiperOrigin-RevId: 372242687
2021-05-05Merge release-20210419.0-73-g47d1b8b4b (automated)gVisor bot
2021-05-05Automated rollback of changelist 361661726Andrei Vagin
PiperOrigin-RevId: 372221411
2021-05-05Merge release-20210419.0-72-g8e40cca4b (automated)gVisor bot
2021-05-05Allow handling RAs when forwarding is enabledGhanan Gowripalan
...to conform with Linux's `accept_ra` sysctl option. ``` accept_ra - INTEGER Accept Router Advertisements; autoconfigure using them. It also determines whether or not to transmit Router Solicitations. If and only if the functional setting is to accept Router Advertisements, Router Solicitations will be transmitted. Possible values are: 0 Do not accept Router Advertisements. 1 Accept Router Advertisements if forwarding is disabled. 2 Overrule forwarding behaviour. Accept Router Advertisements even if forwarding is enabled. Functional default: enabled if local forwarding is disabled. disabled if local forwarding is enabled. ``` PiperOrigin-RevId: 372214640
2021-05-05Send ICMP errors when the network is unreachableNick Brown
Before this change, we would silently drop packets when unable to determine a route to the destination host. This change brings us into line with RFC 792 (IPv4) and RFC 4443 (IPv6), both of which specify that gateways should return an ICMP error to the sender when unable to reach the destination. Startblock: has LGTM from asfez and then add reviewer ghanan PiperOrigin-RevId: 372214051
2021-05-05Merge release-20210419.0-70-g45884ba63 (automated)gVisor bot
2021-05-05Internal changeKevin Krakauer
PiperOrigin-RevId: 372166050
2021-05-05Merge release-20210419.0-69-gbf49a847a (automated)gVisor bot
2021-05-05Don't cleanup NDP state when enabling forwardingGhanan Gowripalan
...to match linux behaviour: ``` $ sudo sysctl net.ipv6.conf.eno1.forwarding net.ipv6.conf.eno1.forwarding = 0 $ ip addr list dev eno1 2: eno1: <...> ... inet6 PREFIX:TEMP_IID/64 scope global temporary dynamic valid_lft 209363sec preferred_lft 64024sec inet6 PREFIX:GLOBAL_STABLE_IID/64 scope global dynamic mngtmpaddr ... valid_lft 209363sec preferred_lft 209363sec inet6 fe80::LINKLOCAL_STABLE_IID/64 scope link valid_lft forever preferred_lft forever $ sudo sysctl -w "net.ipv6.conf.all.forwarding=1" net.ipv6.conf.all.forwarding = 1 $ sudo sysctl net.ipv6.conf.eno1.forwarding net.ipv6.conf.eno1.forwarding = 1 $ ip addr list dev eno1 2: eno1: <...> ... inet6 PREFIX:TEMP_IID/64 scope global temporary dynamic valid_lft 209339sec preferred_lft 64000sec inet6 PREFIX:GLOBAL_STABLE_IID/64 scope global dynamic mngtmpaddr ... valid_lft 209339sec preferred_lft 209339sec inet6 fe80::LINKLOCAL_STABLE_IID/64 scope link valid_lft forever preferred_lft forever $ ip -6 route list ... PREFIX::/64 dev eno1 proto ra metric 100 expires 209241sec pref medium default via fe80::ROUTER_IID dev eno1 proto ra ... ``` PiperOrigin-RevId: 372146689
2021-05-05Merge release-20210419.0-68-g61615f3f1 (automated)gVisor bot
2021-05-05Fix a race in reading last seen ICMP error during handshakeMithun Iyer
On receiving an ICMP error during handshake, the error is propagated by reading `endpoint.lastError`. This can race with the socket layer invoking getsockopt() with SO_ERROR where the same value is read and cleared, causing the handshake to bail out with a non-error state. Fix the race by checking for lastError state and failing the handshake with ErrConnectionAborted if the lastError was read and cleared by say SO_ERROR. The race mentioned in the bug, is caught only with the newly added tcp_test unit test, where we have control over stopping/resuming protocol loop. Adding a packetimpact test as well for sanity testing of ICMP error handling during handshake. Fixes #5922 PiperOrigin-RevId: 372135662