| Age | Commit message (Collapse) | Author |
|---|
|
PiperOrigin-RevId: 390399815
|
|
|
|
PiperOrigin-RevId: 390346783
|
|
|
|
PiperOrigin-RevId: 390318725
|
|
|
|
Send buffer size in TCP indicates the amount of bytes available for the sender
to transmit. This change will allow TCP to update the send buffer size when
- TCP enters established state.
- ACK is received.
The auto tuning is disabled when the send buffer size is set with the
SO_SNDBUF option.
PiperOrigin-RevId: 390312274
|
|
|
|
PiperOrigin-RevId: 390284683
|
|
|
|
Earlier PacketBuffer.Clone() would do a shallow top level copy of the packet
buffer - which involved sharing the *buffer.Buffer between packets. Reading
or writing to the buffer in one packet would impact the other.
This caused modifications in one packet to affect the other's pkt.Views() which
is not desired. Change the clone to do a deeper copy of the underlying buffer
list and buffer pointers. The payload buffers (which are immutable) are still
shared. This change makes the Clone() operation more expensive as we now need to
allocate the entire buffer list.
Added unit test to test integrity of packet data after cloning.
Reported-by: syzbot+7ffff9a82a227b8f2e31@syzkaller.appspotmail.com
Reported-by: syzbot+7d241de0d9072b2b6075@syzkaller.appspotmail.com
Reported-by: syzbot+212bc4d75802fa461521@syzkaller.appspotmail.com
PiperOrigin-RevId: 390277713
|
|
|
|
The dentry for each file/directory can be created/destroyed multiple
times during sandbox lifetime. We should not clear the Merkle file each
time a dentry is created.
PiperOrigin-RevId: 390277107
|
|
|
|
We were relying on children adding its name to parent's dentry to
populate parent's children list. However, this may not work since the
parent dentry could be destroyed if its reference count drops to zero.
In that case, a new dentry will be created when enabling the parent and
it does not contain the children names info. Therefore we need to
populate the child names list again to avoid missing children in the
directory.
PiperOrigin-RevId: 390270227
|
|
|
|
+ Do not check for CAP_NET_RAW on Fuchsia
Fuchsia does not support capabilities the same way Linux does. Instead
emulate the check for CAP_NET_RAW by checking if a packet socket may
be created.
Bug: https://fxbug.dev/79016, https://fxbug.dev/81592
PiperOrigin-RevId: 390263666
|
|
|
|
Allow creation and management of subcontainers through cgroupfs
directory syscalls. Also add a mechanism to specify a default root
container to start new jobs in.
This implements the filesystem support for subcontainers, but doesn't
implement hierarchical resource accounting or task migration.
PiperOrigin-RevId: 390254870
|
|
|
|
Previously, this check always failed because we did not provide MAP_SHARED
or MAP_PRIVATE.
PiperOrigin-RevId: 390251086
|
|
|
|
PiperOrigin-RevId: 390245901
|
|
|
|
Previous, this test was the same as OldnameIsEmpty. This CL makes the test check
what happens if the old name does not exist.
PiperOrigin-RevId: 390243070
|
|
|
|
Co-authored-by: Andrei Vagin <avagin@google.com>
PiperOrigin-RevId: 390232925
|
|
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
|
|
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
|
|
|
|
|
|
Right now, it contains the code:
origState := atomic.LoadUint32(&c.state)
atomicbitops.AndUint32(&c.state, ^vCPUUser)
The problem here is that vCPU.bounce that is called from another thread can add
vCPUWaiter when origState has been read but vCPUUser isn't cleared yet. In this
case, vCPU.unlock doesn't notify other threads about changes and c.bounce will
be stuck in the futex_wait call.
PiperOrigin-RevId: 389697411
|
|
|
|
+ Do not check for CAP_NET_RAW on Fuchsia
Fuchsia does not support capabilities the same way Linux does. Instead
emulate the check for CAP_NET_RAW by checking if a raw IP sockets may
be created.
PiperOrigin-RevId: 389663218
|
|
In some cases, epoll fd would be registered in another epoll fd. Process
may call epoll_wait on the upper layer epoll fd, and the lower layer epoll
fd should generate EPOLLIN event if itself get any event.
But in VFS2, events generated for epoll fd could only be cleaned when
(*EpollInstance).ReadEvents is called. And this function is only called
when epoll_wait on the epoll fd. Therefore, when epoll_wait on the upper
layer epoll fd, the events generated in lower layer epoll fd would not
be cleaned even if it's not valid anymore, and lower layer epoll fd would
not report event to upper layer even if new event is triggered.
In this commit, (*EpollInstance).Readiness would also clean invalid events.
So, when epoll_wait on the upper layer epoll fd, Readiness function called
on lower layer epoll fd would clean invalid events. And lower layer could
report event to upper layer if new event is triggered.
A syscall test case is added to verify the commit.
Fixes https://github.com/google/gvisor/issues/6427
Signed-off-by: Jielong Zhou <jielong.zjl@antgroup.com>
|
|
|
|
Refactor mitigate to use /sys/devices/system/cpu/smt/control instead
of individual CPU control files.
PiperOrigin-RevId: 389215975
|
|
|
|
Reported-by: syzbot+63bde04529f701c76168@syzkaller.appspotmail.com
Reported-by: syzbot+69866b9a16ec29993e6a@syzkaller.appspotmail.com
PiperOrigin-RevId: 389084629
|
|
|
|
Msgqueue tests were using fork() to run create a separate thread of
execution for passing messages back and forth over a queue. However,
the child process after a fork() may only use async-signal-safe
functions, which at a minimum exclude gtest asserts.
Instead, use threads.
PiperOrigin-RevId: 389073744
|
|
|
|
For file-based mmap tests, the underlying file system may not support
mmaps depending on the sandbox configuration. This is case when
caching is disabled for goferfs.
PiperOrigin-RevId: 389052722
|
|
|
|
Go's dev.typeparams branch already claims to be Go 1.18, so our !go1.18 build
tags breaking testing gVisor with that branch.
Normally I would not want to bump the build tags this early, but I plan to
extend checklinkname to check the assumptions in these files and remove the
build tags ASAP. So we just go ahead and bump the tags until then to unblock
testing.
PiperOrigin-RevId: 389037239
|
|
|
|
PiperOrigin-RevId: 389035388
|
|
|
|
PiperOrigin-RevId: 388985968
|
|
|
