summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-04-28Merge release-20210419.0-38-g39fdf0b95 (automated)gVisor bot
2021-04-28Use containerd v2 config format in docsIan Lewis
Fixes #5170 PiperOrigin-RevId: 371007691
2021-04-28Remove side effect from test casesFabricio Voznika
Restore capabilities for tests that need to change them. PiperOrigin-RevId: 371007047
2021-04-28Merge release-20210419.0-36-g704728d38 (automated)gVisor bot
2021-04-28Disable test that is always skippedFabricio Voznika
PiperOrigin-RevId: 370989166
2021-04-27Merge release-20210419.0-35-gf54d87b9e (automated)gVisor bot
2021-04-27Remove uses of the binary package from networking code.Rahat Mahmood
Co-Author: ayushranjan PiperOrigin-RevId: 370785009
2021-04-27Merge release-20210419.0-34-g9ec49aabd (automated)gVisor bot
2021-04-27Fix SyscallInfo for epoll_pwait in strace.Jing Chen
PiperOrigin-RevId: 370733869
2021-04-27Merge release-20210419.0-33-g5b207fe78 (automated)gVisor bot
2021-04-26Remove metrics: fallback, vsyscallCount and partialResultNayana Bidari
The newly added Weirdness metric with fields should be used instead of them. Simple query for weirdness metric: http://shortn/_DGNk0z2Up6 PiperOrigin-RevId: 370578132
2021-04-26Merge release-20210419.0-32-g509f5aa57 (automated)gVisor bot
2021-04-26Merge pull request #5898 from zhlhahaha:2126-1gVisor bot
PiperOrigin-RevId: 370569000
2021-04-26Merge release-20210419.0-30-g36fdc6c9e (automated)gVisor bot
2021-04-26Handle tmpfs with 5 fields in /proc/mounts parsing.Adin Scannell
PiperOrigin-RevId: 370565903
2021-04-26Merge release-20210419.0-29-g5b7b7daa4 (automated)gVisor bot
2021-04-26nogo: enable bazel workers and other optimizations.Adin Scannell
This is a suite of changes intended to dramatically speed up nogo speed. First, there are minor changes that help efficiency significantly. * Gob-based encoding is used internally, and JSON only used for the final set of findings. This is done to preserve the existing format (which is consumed by external tooling), and to facilitate manual debugging. * Unnecessary regex compilation is elided in the configuration, and care is taken for merges to prevent redundant entries. I'm not sure quite sure how, but it turns out that this was consumed a significant amount of time, presumably compiling the same regexes over and over again. Second, this change enables bazel workers for nogo analyzers. Workers enable persistent processes instead of creating and tearing down a sandbox every invocation. A library is introduced to abstraction these details, and allow the tools to still be written using standard flags, etc. The key here is that these binaries and the core of nogo become aware of caches with worker.Cache. This allows us to save significant time loading the same set of files and findings over and over again. These caches are keyed by the digests that are provided by bazel, and are capped in overall size. Note that the worker package attempts to capture output during each run, but tools are no longer permitted to write to stdout. This necessitated dropping some spurious output from checklocks. PiperOrigin-RevId: 370505732
2021-04-26fix brace misplaced errorHoward Zhang
Signed-off-by: Howard Zhang <howard.zhang@arm.com>
2021-04-24Merge release-20210419.0-28-gbf6456068 (automated)gVisor bot
2021-04-24Add verity tests for stat, deleted/renamed fileChong Cai
PiperOrigin-RevId: 370219558
2021-04-24Merge release-20210419.0-27-gf373f6704 (automated)gVisor bot
2021-04-23Improve nogo action cache-ability.Adin Scannell
Presently, the standard library facts are not serialized in a deterministic order. This means that they have the possibility to change on each iteration, requiring a large scale re-analysis of all downstream actions, which includes all packages. Improve cache-ability of nogo actions by improving the determinism of the both facts and findings. Internally, default facts should be serialized as a sorted list for this reason already. PiperOrigin-RevId: 370188259
2021-04-23Merge release-20210419.0-26-g80cd26c2f (automated)gVisor bot
2021-04-23hostinet: parse the timeval structure from a SO_TIMESTAMP control messageAndrei Vagin
PiperOrigin-RevId: 370181621
2021-04-23Merge release-20210419.0-25-g915b81379 (automated)gVisor bot
2021-04-23[op] Remove Build job from GitHub actions.Ayush Ranjan
We already have blocking nogo tests which show all findings. This job was building all nogo targets, and posting all the findings to GitHub as a check run. Building nogo takes a while so we actually end up wasting a lot of time doing redundant work. This is aligned with our goal of moving away from GitHub actions to BuildKite only. PiperOrigin-RevId: 370134875
2021-04-22Remove side effect from mount testsFabricio Voznika
Dropping CAP_SYS_ADMIN and not restoring it causes other tests to be skipped. PiperOrigin-RevId: 370002644
2021-04-23Merge release-20210419.0-23-gd1859fe17 (automated)gVisor bot
2021-04-22Add mlock syscall testFabricio Voznika
PiperOrigin-RevId: 369993733
2021-04-22Merge release-20210419.0-22-g2739cf462 (automated)gVisor bot
2021-04-22Fix AF_UNIX listen() w/ zero backlog.Bhasker Hariharan
In https://github.com/google/gvisor/commit/f075522849fa a check to increase zero to a minimum backlog length was removed from sys_socket.go to bring it in parity with linux and then in tcp/endpoint.go we bump backlog by 1. But this broke calling listen on a AF_UNIX socket w/ a zero backlog as in linux it does allow 1 connection even with a zero backlog. This was caught by a php runtime test socket_abstract_path.phpt. PiperOrigin-RevId: 369974744
2021-04-22Merge release-20210419.0-21-g0a6eaed50 (automated)gVisor bot
2021-04-22Add weirdness sentry metric.Nayana Bidari
Weirdness metric contains fields to track the number of clock fallback, partial result and vsyscalls. This metric will avoid the overhead of having three different metrics (fallbackMetric, partialResultMetric, vsyscallCount). PiperOrigin-RevId: 369970218
2021-04-22Merge release-20210419.0-20-gd93907110 (automated)gVisor bot
2021-04-22Also report mount options through /proc/<pid>/mounts.Rahat Mahmood
PiperOrigin-RevId: 369967629
2021-04-22Merge release-20210419.0-19-gdbfdb31e8 (automated)gVisor bot
2021-04-22Add verity tests for modified file/Merkle fileChong Cai
PiperOrigin-RevId: 369909691
2021-04-22Merge release-20210419.0-18-g47bc11515 (automated)gVisor bot
2021-04-21Only carry GSO options in the packet bufferGhanan Gowripalan
With this change, GSO options no longer needs to be passed around as a function argument in the write path. This change is done in preparation for a later change that defers segmentation, and may change GSO options for a packet as it flows down the stack. Updates #170. PiperOrigin-RevId: 369774872
2021-04-21Merge release-20210419.0-17-g6f9db949d (automated)gVisor bot
2021-04-21Merge pull request #5737 from dqminh:tsc-scalinggVisor bot
PiperOrigin-RevId: 369758655
2021-04-21Merge release-20210419.0-15-ge3a5da8ce (automated)gVisor bot
2021-04-21Stub the custom "job" controller required by some workloads.Rahat Mahmood
PiperOrigin-RevId: 369724358
2021-04-21Merge release-20210419.0-14-ge2b5de65c (automated)gVisor bot
2021-04-21Merge release-20210419.0-12-gc2955339d (automated)gVisor bot
2021-04-21Merge pull request #5749 from zhlhahaha:2126gVisor bot
PiperOrigin-RevId: 369686298
2021-04-21Automated rollback of changelist 369325957Michael Pratt
PiperOrigin-RevId: 369686285
2021-04-21Fallback to legacy system time logic when host does not have TSC_CONTROLDaniel Dao
If the host doesn't have TSC scaling feature, then scaling down TSC to the lowest value will fail, and we will fall back to legacy logic anyway, but we leave an ugly log message in host's kernel log. kernel: user requested TSC rate below hardware speed Instead, check for KVM_CAP_TSC_CONTROL when initializing KVM, and fall back to legacy logic early if host's cpu doesn't support that. Signed-off-by: Daniel Dao <dqminh89@gmail.com>
2021-04-20Merge release-20210412.0-40-g07a78ecb2 (automated)gVisor bot
2021-04-20[perf] Remove non-empty directory dentries from gofer LRU cache.Ayush Ranjan
The gofer client's LRU cache has a default limit of 1000 dentries. Any attempt to cache more dentries than that will make the LRU cache evict and destroy the least recently used dentry. However, the eviction is expensive because it requires holding fs.renameMu for writing - which in turn creates a lot of contention. All filesystem operations that involve path traversal require fs.renameMu for reading atleast. Therefore, it is in our best interest to keep the cache small and clean. When a dentry is inserted in the dentry tree, it grabs a ref on its parent for its entire lifetime. Hence the parent is longer evictable (because refs > 0). This change additionally calls checkCachingLocked on directories that have been added to so that they can be removed from the LRU cache if needed. This change implies that the LRU cache will only contain the leaves from the filesystem tree which significantly reduces the LRU cache size and consequently reduces the number of expensive LRU cache evictions. > Why are opened dentries not removed from LRU cache? When a file description is open(2)-ed, the file description holds a ref on its dentry for its entire lifetime. However, calling checkCachingLocked() on opened dentries actually ends up hurting performance. Applications usually open file descriptors for a short duration. So upon close(2), the dentry is reinserted into the cache anyway. So the precautionary work done in removing the opened dentry from the cache went for waste as it did not really reduce an eviction. Local benchmarking has shown that this change improves performance by 3-4%. Across 6 runs, without this change it took 296.127 seconds to build runsc while with this change it took only 285.136 seconds. PiperOrigin-RevId: 369510494