summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-08-12Merge release-20210726.0-59-gf06b1fe86 (automated)gVisor bot
2021-08-12test/pipe: use futex() for sync with the signal handerAndrei Vagin
PiperOrigin-RevId: 390399815
2021-08-12Merge release-20210726.0-58-g403c4b1a0 (automated)gVisor bot
2021-08-12Internal change.gVisor bot
PiperOrigin-RevId: 390346783
2021-08-12Merge release-20210726.0-57-g3416a3db7 (automated)gVisor bot
2021-08-12Internal change.gVisor bot
PiperOrigin-RevId: 390318725
2021-08-12Merge release-20210726.0-56-g96459f559 (automated)gVisor bot
2021-08-12Add support for TCP send buffer auto tuning.Nayana Bidari
Send buffer size in TCP indicates the amount of bytes available for the sender to transmit. This change will allow TCP to update the send buffer size when - TCP enters established state. - ACK is received. The auto tuning is disabled when the send buffer size is set with the SO_SNDBUF option. PiperOrigin-RevId: 390312274
2021-08-12Merge release-20210726.0-55-g01cfe5952 (automated)gVisor bot
2021-08-11Add verity stat benchmark testChong Cai
PiperOrigin-RevId: 390284683
2021-08-12Merge release-20210726.0-54-g6d0b40b1d (automated)gVisor bot
2021-08-11[op] Make PacketBuffer Clone() do a deeper copy.Ayush Ranjan
Earlier PacketBuffer.Clone() would do a shallow top level copy of the packet buffer - which involved sharing the *buffer.Buffer between packets. Reading or writing to the buffer in one packet would impact the other. This caused modifications in one packet to affect the other's pkt.Views() which is not desired. Change the clone to do a deeper copy of the underlying buffer list and buffer pointers. The payload buffers (which are immutable) are still shared. This change makes the Clone() operation more expensive as we now need to allocate the entire buffer list. Added unit test to test integrity of packet data after cloning. Reported-by: syzbot+7ffff9a82a227b8f2e31@syzkaller.appspotmail.com Reported-by: syzbot+7d241de0d9072b2b6075@syzkaller.appspotmail.com Reported-by: syzbot+212bc4d75802fa461521@syzkaller.appspotmail.com PiperOrigin-RevId: 390277713
2021-08-12Merge release-20210726.0-53-g4249ba850 (automated)gVisor bot
2021-08-11Do not clear merkle files when creating dentryChong Cai
The dentry for each file/directory can be created/destroyed multiple times during sandbox lifetime. We should not clear the Merkle file each time a dentry is created. PiperOrigin-RevId: 390277107
2021-08-12Merge release-20210726.0-52-g5456fa647 (automated)gVisor bot
2021-08-11Popluate verity directory children namesChong Cai
We were relying on children adding its name to parent's dentry to populate parent's children list. However, this may not work since the parent dentry could be destroyed if its reference count drops to zero. In that case, a new dentry will be created when enabling the parent and it does not contain the children names info. Therefore we need to populate the child names list again to avoid missing children in the directory. PiperOrigin-RevId: 390270227
2021-08-12Merge release-20210726.0-51-gd51bc877f (automated)gVisor bot
2021-08-11Run packet socket tests on FuchsiaGhanan Gowripalan
+ Do not check for CAP_NET_RAW on Fuchsia Fuchsia does not support capabilities the same way Linux does. Instead emulate the check for CAP_NET_RAW by checking if a packet socket may be created. Bug: https://fxbug.dev/79016, https://fxbug.dev/81592 PiperOrigin-RevId: 390263666
2021-08-12Merge release-20210726.0-50-ga50596874 (automated)gVisor bot
2021-08-11Initial cgroupfs support for subcontainersRahat Mahmood
Allow creation and management of subcontainers through cgroupfs directory syscalls. Also add a mechanism to specify a default root container to start new jobs in. This implements the filesystem support for subcontainers, but doesn't implement hierarchical resource accounting or task migration. PiperOrigin-RevId: 390254870
2021-08-12Merge release-20210726.0-49-g09b453cec (automated)gVisor bot
2021-08-11Fix FSSupportsMap checkAdam Barth
Previously, this check always failed because we did not provide MAP_SHARED or MAP_PRIVATE. PiperOrigin-RevId: 390251086
2021-08-11Merge release-20210726.0-48-g8d84c5a8e (automated)gVisor bot
2021-08-11Wrap test queues in Queue object on creation.Rahat Mahmood
PiperOrigin-RevId: 390245901
2021-08-11Merge release-20210726.0-47-g23f8e8481 (automated)gVisor bot
2021-08-11Fix LinkTest.OldnameDoesNotExistAdam Barth
Previous, this test was the same as OldnameIsEmpty. This CL makes the test check what happens if the old name does not exist. PiperOrigin-RevId: 390243070
2021-08-11Merge release-20210726.0-46-gc2353e405 (automated)gVisor bot
2021-08-11[op] Fix //debian:debian.Ayush Ranjan
Co-authored-by: Andrei Vagin <avagin@google.com> PiperOrigin-RevId: 390232925
2021-08-09Merge release-20210726.0-45-g14d6cb443 (automated)gVisor bot
2021-08-09platform/kvm: fix a race condition in vCPU.unlock()Andrei Vagin
Right now, it contains the code: origState := atomic.LoadUint32(&c.state) atomicbitops.AndUint32(&c.state, ^vCPUUser) The problem here is that vCPU.bounce that is called from another thread can add vCPUWaiter when origState has been read but vCPUUser isn't cleared yet. In this case, vCPU.unlock doesn't notify other threads about changes and c.bounce will be stuck in the futex_wait call. PiperOrigin-RevId: 389697411
2021-08-09Merge release-20210726.0-44-g34ec00c5e (automated)gVisor bot
2021-08-09Run raw IP socket syscall tests on FuchsiaGhanan Gowripalan
+ Do not check for CAP_NET_RAW on Fuchsia Fuchsia does not support capabilities the same way Linux does. Instead emulate the check for CAP_NET_RAW by checking if a raw IP sockets may be created. PiperOrigin-RevId: 389663218
2021-08-06Merge release-20210726.0-43-gc07dc3828 (automated)gVisor bot
2021-08-06[SMT] Refactor runsc mititgateZach Koopmans
Refactor mitigate to use /sys/devices/system/cpu/smt/control instead of individual CPU control files. PiperOrigin-RevId: 389215975
2021-08-06Merge release-20210726.0-42-g569f605f4 (automated)gVisor bot
2021-08-05Correctly handle interruptions in blocking msgqueue syscalls.Rahat Mahmood
Reported-by: syzbot+63bde04529f701c76168@syzkaller.appspotmail.com Reported-by: syzbot+69866b9a16ec29993e6a@syzkaller.appspotmail.com PiperOrigin-RevId: 389084629
2021-08-06Merge release-20210726.0-41-g15853bdc8 (automated)gVisor bot
2021-08-05Replace unsafe use of fork() in msgqueue tests.Rahat Mahmood
Msgqueue tests were using fork() to run create a separate thread of execution for passing messages back and forth over a queue. However, the child process after a fork() may only use async-signal-safe functions, which at a minimum exclude gtest asserts. Instead, use threads. PiperOrigin-RevId: 389073744
2021-08-05Merge release-20210726.0-40-ga72efae96 (automated)gVisor bot
2021-08-05Skip mmap test cases if underlying FS doesn't support maps.Rahat Mahmood
For file-based mmap tests, the underlying file system may not support mmaps depending on the sandbox configuration. This is case when caching is disabled for goferfs. PiperOrigin-RevId: 389052722
2021-08-05Merge release-20210726.0-39-g99325baf5 (automated)gVisor bot
2021-08-05Bump gVisor build tags to go1.19Michael Pratt
Go's dev.typeparams branch already claims to be Go 1.18, so our !go1.18 build tags breaking testing gVisor with that branch. Normally I would not want to bump the build tags this early, but I plan to extend checklinkname to check the assumptions in these files and remove the build tags ASAP. So we just go ahead and bump the tags until then to unblock testing. PiperOrigin-RevId: 389037239
2021-08-05Merge release-20210726.0-38-gcaf9403f6 (automated)gVisor bot
2021-08-05Automated rollback of changelist 384508720Kevin Krakauer
PiperOrigin-RevId: 389035388
2021-08-05Merge release-20210726.0-37-g42301ae7d (automated)gVisor bot
2021-08-05Merge pull request #6372 from avagin:AlignedAtomicgVisor bot
PiperOrigin-RevId: 388985968
2021-08-05Merge release-20210726.0-35-g919a7da6d (automated)gVisor bot
2021-08-05Reload the configuration during postinst rather than restarting.Adin Scannell
Fixes #6408 PiperOrigin-RevId: 388978814
2021-08-04Reduce overhead of AlignedAtomic typesAndrei Vagin
AlignedAtomicUint64 is 15 bytes and it takes 16 bytes in structures. On 32-bit systems, variables and structure fields is guaranteed to be 32-bit aligned and this means that we need only 12 bytes to find 8 contiguous bytes.
2021-08-05Merge release-20210726.0-34-g43e3d29b9 (automated)gVisor bot