summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2019-08-30Merge 3ec0b64d (automated)gVisor bot
2019-08-30Update image to install docker and fix permissionsAdin Scannell
PiperOrigin-RevId: 266467361
2019-08-30Merge 888e8790 (automated)gVisor bot
2019-08-30Add C++ toolchain and fix compile issues.Adin Scannell
This was accidentally introduced in 31f05d5d4f62c4cd4fe3b95b333d0130aae4b2c1. Fixes #788. PiperOrigin-RevId: 266462843
2019-08-29Merge 863e11ac (automated)gVisor bot
2019-08-29Handle new representation of abstract UDS paths.Rahat Mahmood
When abstract unix domain socket paths are displayed in /proc/net/unix, Linux historically emitted null bytes as padding at the end of the path. Newer versions of Linux (v4.9, e7947ea770d0de434d38a0f823e660d3fd4bebb5) display these as '@' characters. Update proc_net_unix test to handle both version of the padding. PiperOrigin-RevId: 266230200
2019-08-29Implement /proc/net/udp.Rahat Mahmood
PiperOrigin-RevId: 266229756
2019-08-29Merge 0789b9cc (automated)gVisor bot
2019-08-29Merge pull request #655 from praveensastry:feature/runsc-ref-chk-leakgVisor bot
PiperOrigin-RevId: 266226714
2019-08-29Merge eb4aa403 (automated)gVisor bot
2019-08-29Merge 599136b2 (automated)gVisor bot
2019-08-29Compile procter binaries during image creation.Nicolas Lacasse
Using "go run ..." in the ENTRYPOINT causes the go compiler to run each time the container is started. We can just compile the binary once as part of the image. PiperOrigin-RevId: 266212462
2019-08-29Internal change.gVisor bot
PiperOrigin-RevId: 266199211
2019-08-29Add limit_host_fd_translation Gofer mount option.Jamie Liu
PiperOrigin-RevId: 266177409
2019-08-29Don't log an error when stopping the container if it is not running.Nicolas Lacasse
This removes a lot of confusing messages from the test logs. PiperOrigin-RevId: 266164001
2019-08-29Internal change.Adin Scannell
PiperOrigin-RevId: 266073190
2019-08-29Merge f048c8be (automated)gVisor bot
2019-08-28Fix permissions on .ssh filesAdin Scannell
PiperOrigin-RevId: 266066839
2019-08-29Merge 06ae3618 (automated)gVisor bot
2019-08-28Fix kokoro image build scriptsAdin Scannell
The /tmpfs directory needs to be writable, and kokoro needs passwordless sudo access to execute the test scripts. PiperOrigin-RevId: 266063723
2019-08-28Merge 24ecce5d (automated)gVisor bot
2019-08-28Export generated linkAddrEntryEntryTamir Duberstein
PiperOrigin-RevId: 266000128
2019-08-28Merge 784f48a7 (automated)gVisor bot
2019-08-27kokoro: Add scripts to rebuild images.Adin Scannell
These scripts generated the following images: gvisor-kokoro-testing/image-a53bac71541a209e (ubuntu 18.04) gvisor-kokoro-testing/image-f5b20c5fbd23f448 (ubuntu 16.04) Any modifications to these scripts should generate new images. PiperOrigin-RevId: 265843929
2019-08-28Merge 313c767b (automated)gVisor bot
2019-08-27Populate link address cache at dispatchTamir Duberstein
This allows the stack to learn remote link addresses on incoming packets, reducing the need to ARP to send responses. This also reduces the number of round trips to the system clock, since that may also prove to be performance-sensitive. Fixes #739. PiperOrigin-RevId: 265815816
2019-08-27Merge f64d9a7d (automated)gVisor bot
2019-08-27Fix pwritev2 flaky test.Zach Koopmans
Fix a uninitialized memory bug in pwritev2 test. PiperOrigin-RevId: 265772176
2019-08-27Merge 9679f989 (automated)gVisor bot
2019-08-27Fix comment typoMichael Pratt
PiperOrigin-RevId: 265731735
2019-08-27Merge c3956433 (automated)gVisor bot
2019-08-27Fix sendfile(2) error codeFabricio Voznika
When output file is in append mode, sendfile(2) should fail with EINVAL and not EBADF. Closes #721 PiperOrigin-RevId: 265718958
2019-08-27Mount volumes as super userFabricio Voznika
This used to be the case, but regressed after a recent change. Also made a few fixes around it and clean up the code a bit. Closes #720 PiperOrigin-RevId: 265717496
2019-08-27Merge b4cdaef4 (automated)gVisor bot
2019-08-26Don't lose test output.Adin Scannell
PiperOrigin-RevId: 265606322
2019-08-26Merge 1fdefd41 (automated)gVisor bot
2019-08-26netstack/tcp: Add LastAck transition.Rahat Mahmood
Add missing state transition to LastAck, which should happen when the endpoint has already recieved a FIN from the remote side, and is sending its own FIN. PiperOrigin-RevId: 265568314
2019-08-26Add support for Intel cache CPUID leafsMichael Pratt
This exposes L1, L2, etc. cache sizes, cache line size, etc. Across S/R, everything except cache line size can differ from the host. This is because cache line size is critical for correct use of CLFLUSH / CLFLUSHOPT, but as far as I know, the other cache parameters can only affect performance, not correctness. AMD uses different leafs for cache information, which are not yet supported. fail. There are no known cases of cache line size other than 64 in the fleet. PiperOrigin-RevId: 265544786
2019-08-26Merge 7206202b (automated)gVisor bot
2019-08-26Internal change.gVisor bot
PiperOrigin-RevId: 265535438
2019-08-26Merge pull request #696 from xiaobo55x:tcpip_linkgVisor bot
PiperOrigin-RevId: 265534854
2019-08-26Merge ac2200b8 (automated)gVisor bot
2019-08-26Prevent a network endpoint to send/rcv if its address was removedChris Kuiper
This addresses the problem where an endpoint has its address removed but still has outstanding references held by routes used in connected TCP/UDP sockets which prevent the removal of the endpoint. The fix adds a new "expired" flag to the referenced network endpoint, which is set when an endpoint has its address removed. Incoming packets are not delivered to an expired endpoint (unless in promiscuous mode), while sending outgoing packets triggers an error to the caller (unless in spoofing mode). In addition, a few helper functions were added to stack_test.go to reduce code duplications. PiperOrigin-RevId: 265514326
2019-08-26Merge c9c52c02 (automated)gVisor bot
2019-08-26fsgofer_test.go: a socket file path can't be longer than UNIX_MAX_PATH (108)Andrei Vagin
PiperOrigin-RevId: 265478578
2019-08-24Merge a5d01159 (automated)gVisor bot
2019-08-23Second try at flaky futex test.Zach Koopmans
The flake had the call to futex_unlock_pi() returning EINVAL with the FUTEX_OWNER_DIED set. In this case, userspace has to clean up stale state. So instead of calling FUTEX_UNLOCK_PI outright, we'll use the advised atomic compare_exchange as advised in the man page. PiperOrigin-RevId: 265163920
2019-08-23Merge e75a12e8 (automated)gVisor bot
2019-08-23Implement fmt.Stringer on Route by valueTamir Duberstein
This is more convenient, since it implements the interface for both value and pointer. PiperOrigin-RevId: 265086510
2019-08-23Merge f225fdbb (automated)gVisor bot