summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-02-04Merge release-20210125.0-84-g41510d274 (automated)gVisor bot
2021-02-04Move getcpu() to core filter listMichael Pratt
Some versions of the Go runtime call getcpu(), so add it for compatibility. The hostcpu package already uses getcpu() on arm64. PiperOrigin-RevId: 355717757
2021-02-04Merge release-20210125.0-83-gaed9d8ce9 (automated)gVisor bot
2021-02-04Call kernfs.syntheticDir.InitRefs() on creation.Nicolas Lacasse
PiperOrigin-RevId: 355675900
2021-02-04Merge release-20210125.0-82-g63c9dd365 (automated)gVisor bot
2021-02-04images: Rework syzkaller documentation.Andrei Vagin
PiperOrigin-RevId: 355660221
2021-02-04Merge release-20210125.0-81-geaba5bc7e (automated)gVisor bot
2021-02-04Fix flaky packetimpact testNayana Bidari
PiperOrigin-RevId: 355645297
2021-02-04Merge release-20210125.0-80-gfa2d3698c (automated)gVisor bot
2021-02-04[infra] Do not recompile integration test executables each time.Ayush Ranjan
Instead build the executable into the image. PiperOrigin-RevId: 355631672
2021-02-04Merge release-20210125.0-79-gf2c881f68 (automated)gVisor bot
2021-02-03[vfs] Make sticky bit check consistent with Linux.Ayush Ranjan
Our implementation of vfs.CheckDeleteSticky was not consistent with Linux, specifically not consistent with fs/linux.h:check_sticky(). One of the biggest differences was that the vfs implementation did not allow the owner of the sticky directory to delete files inside it that belonged to other users. This change makes our implementation consistent with Linux. Also adds an integration test to check for this. This bug is also present in VFS1. Updates #3027 PiperOrigin-RevId: 355557425
2021-02-04Merge release-20210125.0-78-g0dbc11297 (automated)gVisor bot
2021-02-03Compile-time constants are constexprTamir Duberstein
PiperOrigin-RevId: 355506299
2021-02-03Merge release-20210125.0-77-g52ad6ceee (automated)gVisor bot
2021-02-03Remove gazelle noise patchTamir Duberstein
Confirmed gazelle generates no significant noise. Fix documented gazelle invocation while I'm here. PiperOrigin-RevId: 355452758
2021-02-03Merge release-20210125.0-76-gd1bb263b9 (automated)gVisor bot
2021-02-03Merge pull request #5352 from weisdd:patch-1gVisor bot
PiperOrigin-RevId: 355449206
2021-02-03Merge release-20210125.0-74-ge3bce9689 (automated)gVisor bot
2021-02-03Add a function to enable RACK in tests.Nayana Bidari
- Adds a function to enable RACK in tests. - RACK update functions are guarded behind the flag tcpRecovery. PiperOrigin-RevId: 355435973
2021-02-03Merge release-20210125.0-73-gd3113ad44 (automated)gVisor bot
2021-02-03Merge pull request #5418 from amscanne:codespacegVisor bot
PiperOrigin-RevId: 355434313
2021-02-03Merge release-20210125.0-69-g5106e66fd (automated)gVisor bot
2021-02-02Merge pull request #5373 from oke-py:docsgVisor bot
PiperOrigin-RevId: 355324521
2021-02-03Merge release-20210125.0-67-gbfad3be0b (automated)gVisor bot
2021-02-02Make ubuntutest image x86 only.Ayush Ranjan
PiperOrigin-RevId: 355315140
2021-02-02Merge release-20210125.0-66-gfb422db70 (automated)gVisor bot
2021-02-02Update go-tools to 2020.2.1Tamir Duberstein
...and a bunch of other things as I worked through the rot. Notably: - Upgrade to bazel 4.0.0 - Upgrade to Go 1.15.7 Remove go_branch stderr suppression; this made it quite difficult to see what was failing while developing this patch. PiperOrigin-RevId: 355257833
2021-02-02Merge release-20210125.0-65-gff8b308a3 (automated)gVisor bot
2021-02-02Remove call to Notify from pipe.VFSPipeFD.CopyOutFrom.Jamie Liu
This was missed in cl/351911375; pipe.VFSPipeFD.SpliceFromNonPipe already calls Notify. PiperOrigin-RevId: 355246655
2021-02-02Merge release-20210125.0-64-gfcc2468db (automated)gVisor bot
2021-02-02Add CPUSet for runsc mitigate.Zach Koopmans
PiperOrigin-RevId: 355242055
2021-02-02Merge release-20210125.0-63-g49f783fb6 (automated)gVisor bot
2021-02-02Rename HandleNDupAcks in TCP.Nayana Bidari
Rename HandleNDupAcks() to HandleLossDetected() as it will enter this when is detected after: - reorder window expires and TLP (in case of RACK) - dupAckCount >= 3 PiperOrigin-RevId: 355237858
2021-02-02Merge release-20210125.0-62-g5f7bf3152 (automated)gVisor bot
2021-02-02Stub out basic `runsc events --stat` CPU functionalityKevin Krakauer
Because we lack gVisor-internal cgroups, we take the CPU usage of the entire pod and divide it proportionally according to sentry-internal usage stats. This fixes `kubectl top pods`, which gets a pod's CPU usage by summing the usage of its containers. Addresses #172. PiperOrigin-RevId: 355229833
2021-02-02Merge release-20210125.0-61-gf884ea13b (automated)gVisor bot
2021-02-02Move ring0 package.Adin Scannell
This allows the package to serve as a general purpose ring0 support package, as opposed to being bound to specific sentry platforms. Updates #5039 PiperOrigin-RevId: 355220044
2021-02-02Merge release-20210125.0-60-gd6d169320 (automated)gVisor bot
2021-02-02Merge release-20210125.0-59-g017348af9 (automated)gVisor bot
2021-02-02Add ETIMEDOUT to partial result listFabricio Voznika
Reported-by: syzbot+db8d83f93b84fcb84374@syzkaller.appspotmail.com PiperOrigin-RevId: 355213994
2021-02-02Drop gazelle target from the Makefile.Adin Scannell
This is replaced with a straight call to bazel. Unfortunately, the built gazelle target requires a bazel installation to run anyways. PiperOrigin-RevId: 355211990
2021-02-02Merge release-20210125.0-58-g8c7c5abaf (automated)gVisor bot
2021-02-02Add support for rate limiting out of window ACKs.Bhasker Hariharan
Netstack today will send dupACK's with no rate limit for incoming out of window segments. This can result in ACK loops for example if a TCP socket connects to itself (actually permitted by TCP). Where the ACK sent in response to packets being out of order itself gets considered as an out of window segment resulting in another ACK being generated. PiperOrigin-RevId: 355206877
2021-02-02Merge release-20210125.0-57-g3817c7349 (automated)gVisor bot
2021-02-02Remove go_tool_library references.Adin Scannell
This is required only for the built-in bazel nogo functionality. Since we roll these targets manually via the wrappers, we don't need to use go_tool_library. The inconsistent use of these targets leads to conflicting instantiations of go_default_library and go_tool_library, which both contain the same output files. PiperOrigin-RevId: 355184975
2021-02-02Merge release-20210125.0-56-g00d21b9ae (automated)gVisor bot
2021-02-02Assert TCP_INFO size before checking contentTamir Duberstein
Also sync syscall test expectations on Fuchisa. PiperOrigin-RevId: 355163492
2021-02-02Merge release-20210125.0-55-g5fa683ffd (automated)gVisor bot
2021-02-02Minor page tables improvements.Adin Scannell
* Make split safe. * Enable looking up next valid address. * Support mappings with !accessType.Any(), distinct from unmap. These changes allow for the use of pagetables in low-level OS packages, such as ring0, and allow for the use of pagetables for more generic address space reservation (by writing entries with no access specified). Updates #5039 PiperOrigin-RevId: 355109016