summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-04-06Merge release-20210322.0-52-gfb4c700d0 (automated)gVisor bot
2021-04-05Update gofer dentry permissions only when needed.Ayush Ranjan
Without this change, we ask the gofer server to update the permissions whenever the UID, GID or size is updated via SetStat. Consequently, we don not generate inotify events when the permissions actually change due to SGID bit getting cleared. With this change, we will update the permissions only when needed and generate inotify events. PiperOrigin-RevId: 366946842
2021-04-06Merge release-20210322.0-51-g56c69fb0e (automated)gVisor bot
2021-04-05Fix listen backlog handling to be in parity with LinuxMithun Iyer
- Change the accept queue full condition for a listening endpoint to only honor completed (and delivered) connections. - Use syncookies if the number of incomplete connections is beyond listen backlog. This also cleans up the SynThreshold option code as that is no longer used with this change. - Added a new stack option to unconditionally generate syncookies. Similar to sysctl -w net.ipv4.tcp_syncookies=2 on Linux. - Enable keeping of incomplete connections beyond listen backlog. - Drop incoming SYNs only if the accept queue is filled up. - Drop incoming ACKs that complete handshakes when accept queue is full - Enable the stack to accept one more connection than programmed by listen backlog. - Handle backlog argument being zero, negative for listen, as Linux. - Add syscall and packetimpact tests to reflect the changes above. - Remove TCPConnectBacklog test which is polling for completed connections on the client side which is not reflective of whether the accept queue is filled up by the test. The modified syscall test in this CL addresses testing of connecting sockets. Fixes #3153 PiperOrigin-RevId: 366935921
2021-04-06Merge release-20210322.0-50-g7a7fcf2db (automated)gVisor bot
2021-04-05Report task CPU usage through the cpuacct cgroup controller.Rahat Mahmood
PiperOrigin-RevId: 366923274
2021-04-06Merge release-20210322.0-49-g63340e613 (automated)gVisor bot
2021-04-05Add initial verity ioctl syscall testsChong Cai
PiperOrigin-RevId: 366907152
2021-04-06Merge release-20210322.0-48-g661e5ae7a (automated)gVisor bot
2021-04-05Enable Checkpoint/Restore test with VFS2Fabricio Voznika
Closes #3373 PiperOrigin-RevId: 366903991
2021-04-06Merge release-20210322.0-47-g198e0dcde (automated)gVisor bot
2021-04-05Add fsstress on tmpfs to presubmitFabricio Voznika
Updates #5273 PiperOrigin-RevId: 366902314
2021-04-05Merge release-20210322.0-46-g88f198c2a (automated)gVisor bot
2021-04-05Allow default control values to be set for cgroupfs.Rahat Mahmood
PiperOrigin-RevId: 366891806
2021-04-05Actually don't run unlink_benchmark with TSAN.Ayush Ranjan
This benchmark currently takes > 15 minutes to run in that case. PiperOrigin-RevId: 366891726
2021-04-05Merge release-20210322.0-44-ge7b202364 (automated)gVisor bot
2021-04-05deflake semaphore testKevin Krakauer
There's no reason to actually increment the semaphore, it just introduces the chance of a race. PiperOrigin-RevId: 366851795
2021-04-05Merge release-20210322.0-43-ge21a71bff (automated)gVisor bot
2021-04-05Allow user mount for verity fsChong Cai
Allow user mounting a verity fs on an existing mount by specifying mount flags root_hash and lower_path. PiperOrigin-RevId: 366843846
2021-04-05Set Verity bit in verity_prepare cmdChong Cai
This is needed to enable Xattrs features required by verity. PiperOrigin-RevId: 366843640
2021-04-05Merge release-20210322.0-41-g3007ae647 (automated)gVisor bot
2021-04-05Fail tests when container returns non-zero statusFabricio Voznika
PiperOrigin-RevId: 366839955
2021-04-05Merge release-20210322.0-40-g8161ed411 (automated)gVisor bot
2021-04-05Don't run unlink_benchmark with TSAN.Adin Scannell
This benchmark currently takes > 15 minutes to run in that case. PiperOrigin-RevId: 366817185
2021-04-03Merge release-20210322.0-39-g9a8692c82 (automated)gVisor bot
2021-04-03Remove eternal and enormous tests.Adin Scannell
PiperOrigin-RevId: 366573366
2021-04-03Merge release-20210322.0-38-g932c8abd0 (automated)gVisor bot
2021-04-02Implement cgroupfs.Rahat Mahmood
A skeleton implementation of cgroupfs. It supports trivial cpu and memory controllers with no support for hierarchies. PiperOrigin-RevId: 366561126
2021-04-03Merge release-20210322.0-37-ga0c167447 (automated)gVisor bot
2021-04-02Internal change.gVisor bot
PiperOrigin-RevId: 366555466
2021-04-03Merge release-20210322.0-36-g491b106d6 (automated)gVisor bot
2021-04-02Implement the runsc verity-prepare command.Rahat Mahmood
Implement a new runsc command to set up a sandbox with verityfs and run the measure tool. This is loosely forked from the do command, and currently requires the caller to provide the measure tool binary. PiperOrigin-RevId: 366553769
2021-04-02Merge release-20210322.0-35-g1b53550e5 (automated)gVisor bot
2021-04-02Add vfs1 to go/runsc-benchmarksZach Koopmans
PiperOrigin-RevId: 366470480
2021-04-02Merge release-20210322.0-34-gcc762235c (automated)gVisor bot
2021-04-02Internal change.gVisor bot
PiperOrigin-RevId: 366462448
2021-04-01Merge release-20210322.0-33-gb2ea37401 (automated)gVisor bot
2021-04-01Merge release-20210322.0-32-g513de4039 (automated)gVisor bot
2021-04-01Internal changesBhasker Hariharan
PiperOrigin-RevId: 366344805
2021-04-01Remove invalid dependency.Adin Scannell
PiperOrigin-RevId: 366344222
2021-04-01Merge release-20210322.0-31-g6c10c772e (automated)gVisor bot
2021-04-01Internal change.gVisor bot
PiperOrigin-RevId: 366292533
2021-03-30Merge release-20210322.0-30-g71f3dccbb (automated)gVisor bot
2021-03-30Fix panic when overriding /dev files with VFS2Fabricio Voznika
VFS1 skips over mounts that overrides files in /dev because the list of files is hardcoded. This is not needed for VFS2 and a recent change lifted this restriction. However, parts of the code were still skipping /dev mounts even in VFS2, causing the loader to panic when it ran short of FDs to connect to the gofer. PiperOrigin-RevId: 365858436
2021-03-29Merge release-20210322.0-29-g8a2f7e716 (automated)gVisor bot
2021-03-29[syserror] Split usermem packageZach Koopmans
Split usermem package to help remove syserror dependency in go_marshal. New hostarch package contains code not dependent on syserror. PiperOrigin-RevId: 365651233
2021-03-29Merge release-20210322.0-28-gb125afba4 (automated)gVisor bot
2021-03-29Merge pull request #5728 from zhlhahaha:2091gVisor bot
PiperOrigin-RevId: 365613394
2021-03-29[perf] Reduce contention in ptrace.threadPool.lookupOrCreate().Ayush Ranjan
lookupOrCreate is called from subprocess.switchToApp() and subprocess.syscall(). lookupOrCreate() looks for a thread already created for the current TID. If a thread exists (common case), it returns immediately. Otherwise it creates a new one. This change switches to using a sync.RWMutex. The initial thread existence lookup is now done only with the read lock. So multiple successful lookups can occur concurrently. Only when a new thread is created will it acquire the lock for writing and update the map (which is not the common case). Discovered in mutex profiles from the various ptrace benchmarks. Example: https://gvisor.dev/profile/gvisor-buildkite/fd14bfad-b30f-44dc-859b-80ebac50beb4/843827db-da50-4dc9-a2ea-ecf734dde2d5/tmp/profile/ptrace/BenchmarkFio/operation.write/blockSize.4K/filesystem.tmpfs/benchmarks/fio/mutex.pprof/flamegraph PiperOrigin-RevId: 365612094
2021-03-26Merge release-20210315.0-28-gfbec65fc3 (automated)gVisor bot