summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-03-03Merge pull request #2008 from lubinszARM:pr_skip_vsyscallgVisor bot
PiperOrigin-RevId: 298683693
2020-03-03Merge pull request #2043 from lubinszARM:pr_clean1gVisor bot
PiperOrigin-RevId: 298683502
2020-03-03Fix datarace on TransportEndpointInfo.ID and clean up semantics.Ian Gudger
Ensures that all access to TransportEndpointInfo.ID is either: * In a function ending in a Locked suffix. * While holding the appropriate mutex. This primary affects the checkV4Mapped method on affected endpoints, which has been renamed to checkV4MappedLocked. Also document the method and change its argument to be a value instead of a pointer which had caused some awkwardness. This race was possible in the udp and icmp endpoints between Connect and uses of TransportEndpointInfo.ID including in both itself and Bind. The tcp endpoint did not suffer from this bug, but benefited from better documentation. Updates #357 PiperOrigin-RevId: 298682913
2020-03-03Move temp_umask to test/util.Adin Scannell
PiperOrigin-RevId: 298667595
2020-03-03code clean: minor changes to compatible with ubuntu18.04Bin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-03-02Fix panic caused by invalid address for Bind in packet sockets.Nayana Bidari
PiperOrigin-RevId: 298476533
2020-03-02Merge pull request #2039 from avagin:update-golang.org-x-sysgVisor bot
PiperOrigin-RevId: 298457842
2020-03-02Fix data-race when reading/writing e.amss.Bhasker Hariharan
PiperOrigin-RevId: 298451319
2020-03-02Update golang.org/x/sysAndrei Vagin
It was downgraded by mistake in e5d9a4010bdb ("Add ability to execute go.mod in gopath context.") Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-03-02Do not read-lock NIC recursivelyGhanan Gowripalan
A deadlock may occur if a write lock on a RWMutex is blocked between nested read lock attempts as the inner read lock attempt will be blocked in this scenario. Example (T1 and T2 are differnt goroutines): T1: obtain read-lock T2: attempt write-lock (blocks) T1: attempt inner/nested read-lock (blocks) Here we can see that T1 and T2 are deadlocked. Tests: Existing tests pass. PiperOrigin-RevId: 298426678
2020-03-02Merge pull request #1885 from avagin:arm64-pcidsgVisor bot
PiperOrigin-RevId: 298405064
2020-03-02socket: take readMu to access readViewAndrei Vagin
DATA RACE in netstack.(*SocketOperations).fetchReadView Write at 0x00c001dca138 by goroutine 1001: gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).fetchReadView() pkg/sentry/socket/netstack/netstack.go:418 +0x85 gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).coalescingRead() pkg/sentry/socket/netstack/netstack.go:2309 +0x67 gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).nonBlockingRead() pkg/sentry/socket/netstack/netstack.go:2378 +0x183d Previous read at 0x00c001dca138 by goroutine 1111: gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).Ioctl() pkg/sentry/socket/netstack/netstack.go:2666 +0x533 gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Ioctl() Reported-by: syzbot+d4c3885fcc346f08deb6@syzkaller.appspotmail.com PiperOrigin-RevId: 298387377
2020-03-02Take write lock when removing xattrMichael Pratt
PiperOrigin-RevId: 298380654
2020-02-28Merge pull request #1929 from avagin:arm64-cpuidgVisor bot
PiperOrigin-RevId: 297982488
2020-02-28watchdog: print panic error message before other messagesAndrei Vagin
This is needed for syzkaller to proper classify issues. Right now, all watchdog issues are duped to one with the subject "panic: Sentry detected stuck task(s). See stack trace and message above for more details". PiperOrigin-RevId: 297975363
2020-02-28Define CPUIDInstruction for arm64Andrei Vagin
There is no cpuid instruction on arm64, so we need to defined it just to avoid a compile time error. Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-02-28Run `./tools/go_mod.sh tidy`.Nicolas Lacasse
These dependencies do not need to be in our go.mod or go.sum files. PiperOrigin-RevId: 297942163
2020-02-28pcids.go isn't arch-specificAndrei Vagin
Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-02-28Bump rules_go to 0.22.0 and go toolchain to 1.14.Nicolas Lacasse
PiperOrigin-RevId: 297915917
2020-02-28Mark gettid and getdents as nogotsanZach Koopmans
PiperOrigin-RevId: 297915815
2020-02-28Make pipe buffer implementation standard.Adin Scannell
A follow-up change will convert the networking code to use this standard pipe implementation. PiperOrigin-RevId: 297903206
2020-02-28Merge pull request #1827 from amscanne:fix_go_modgVisor bot
PiperOrigin-RevId: 297895651
2020-02-28Allow to specify a separate log for GO's runtime messagesAndrei Vagin
GO's runtime calls the write system call twice to print "panic:" and "the reason of this panic", so here is a race window when other threads can print something to the log and we will see something like this: panic: log messages from another thread The reason of the panic. This confuses the syzkaller blacklist and dedup detection. It also makes the logs generally difficult to read. e.g., data races often have one side of the race, followed by a large "diagnosis" dump, finally followed by the other side of the race. PiperOrigin-RevId: 297887895
2020-02-28Hide /dev/net/tun when using hostinet.Ting-Yu Wang
/dev/net/tun does not currently work with hostinet. This has caused some program starts failing because it thinks the feature exists. PiperOrigin-RevId: 297876196
2020-02-28Add ability to execute go.mod in gopath context.Adin Scannell
2020-02-28Change dup2 call to dup3Fabricio Voznika
We changed syscalls to allow dup3 for ARM64. Updates #1198 PiperOrigin-RevId: 297870816
2020-02-28skip vsyscall test cases on Arm64Bin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-02-27Fix apt-get reliability issues.Adin Scannell
This is frequently causing the core build scripts to fail. The core ubuntu distribution will perform an auto-update at first start, which may cause the lock file to be held. All apt-get commands may be done in a loop in order to retry to avoid this issue. We may want to consider retrying other pieces, but for now this should avoid the most frequent cause of build flakes. PiperOrigin-RevId: 297704789
2020-02-27Log oom_score_adj value on errorFabricio Voznika
Updates #1873 PiperOrigin-RevId: 297695241
2020-02-27Implement automated marshalling for newtypes on arrays.Rahat Mahmood
PiperOrigin-RevId: 297693838
2020-02-27Merge pull request #1346 from ↵gVisor bot
google:dependabot/bundler/benchmarks/workloads/ruby/puma-3.12.2 PiperOrigin-RevId: 297690302
2020-02-27Fix a race in TCP endpoint teardown and teardown the stack in tcp_test.Ian Gudger
Call stack.Close on stacks when we are done with them in tcp_test. This avoids leaking resources and reduces the test's flakiness when race/gotsan is enabled. It also provides test coverage for the race also fixed in this change, which can be reliably triggered with the stack.Close change (and without the other changes) when race/gotsan is enabled. The race was possible when calling Abort (via stack.Close) on an endpoint processing a SYN segment as part of a passive connect. Updates #1564 PiperOrigin-RevId: 297685432
2020-02-27Merge of a369c88c0c4ece5239855000d28df045111c1be7gVisor bot
PiperOrigin-RevId: 297674924
2020-02-27Bump puma from 3.12.1 to 3.12.2 in /benchmarks/workloads/rubydependabot[bot]
Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 3.12.2. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v3.12.1...v3.12.2) Signed-off-by: dependabot[bot] <support@github.com>
2020-02-27Bump puma from 3.12.0 to 3.12.2 in /benchmarks/workloads/ruby_templatedependabot[bot]
Bumps [puma](https://github.com/puma/puma) from 3.12.0 to 3.12.2. <details> <summary>Release notes</summary> *Sourced from [puma's releases](https://github.com/puma/puma/releases).* > v3.12.1 </details> <details> <summary>Changelog</summary> *Sourced from [puma's changelog](https://github.com/puma/puma/blob/master/History.md).* > ## 4.3.1 and 3.12.2 / 2019-12-05 > > * Security > * Fix: a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. CVE-2019-16770. > > ## 4.3.0 / 2019-11-07 > > * Features > * Strip whitespace at end of HTTP headers ([#2010](https://github-redirect.dependabot.com/puma/puma/issues/2010)) > * Optimize HTTP parser for JRuby ([#2012](https://github-redirect.dependabot.com/puma/puma/issues/2012)) > * Add SSL support for the control app and cli ([#2046](https://github-redirect.dependabot.com/puma/puma/issues/2046), [#2052](https://github-redirect.dependabot.com/puma/puma/issues/2052)) > > * Bugfixes > * Fix Errno::EINVAL when SSL is enabled and browser rejects cert ([#1564](https://github-redirect.dependabot.com/puma/puma/issues/1564)) > * Fix pumactl defaulting puma to development if an environment was not specified ([#2035](https://github-redirect.dependabot.com/puma/puma/issues/2035)) > * Fix closing file stream when reading pid from pidfile ([#2048](https://github-redirect.dependabot.com/puma/puma/issues/2048)) > * Fix a typo in configuration option `--extra_runtime_dependencies` ([#2050](https://github-redirect.dependabot.com/puma/puma/issues/2050)) > > ## 4.2.1 / 2019-10-07 > > * 3 bugfixes > * Fix socket activation of systemd (pre-existing) unix binder files ([#1842](https://github-redirect.dependabot.com/puma/puma/issues/1842), [#1988](https://github-redirect.dependabot.com/puma/puma/issues/1988)) > * Deal with multiple calls to bind correctly ([#1986](https://github-redirect.dependabot.com/puma/puma/issues/1986), [#1994](https://github-redirect.dependabot.com/puma/puma/issues/1994), [#2006](https://github-redirect.dependabot.com/puma/puma/issues/2006)) > * Accepts symbols for `verify_mode` ([#1222](https://github-redirect.dependabot.com/puma/puma/issues/1222)) > > ## 4.2.0 / 2019-09-23 > > * 6 features > * Pumactl has a new -e environment option and reads `config/puma/<environment>.rb` config files ([#1885](https://github-redirect.dependabot.com/puma/puma/issues/1885)) > * Semicolons are now allowed in URL paths (MRI only), useful for Angular or Redmine ([#1934](https://github-redirect.dependabot.com/puma/puma/issues/1934)) > * Allow extra dependencies to be defined when using prune_bundler ([#1105](https://github-redirect.dependabot.com/puma/puma/issues/1105)) > * Puma now reports the correct port when binding to port 0, also reports other listeners when binding to localhost ([#1786](https://github-redirect.dependabot.com/puma/puma/issues/1786)) > * Sending SIGINFO to any Puma worker now prints currently active threads and their backtraces ([#1320](https://github-redirect.dependabot.com/puma/puma/issues/1320)) > * Puma threads all now have their name set on Ruby 2.3+ ([#1968](https://github-redirect.dependabot.com/puma/puma/issues/1968)) > * 4 bugfixes > * Fix some misbehavior with phased restart and externally SIGTERMed workers ([#1908](https://github-redirect.dependabot.com/puma/puma/issues/1908), [#1952](https://github-redirect.dependabot.com/puma/puma/issues/1952)) > * Fix socket closing on error ([#1941](https://github-redirect.dependabot.com/puma/puma/issues/1941)) > * Removed unnecessary SIGINT trap for JRuby that caused some race conditions ([#1961](https://github-redirect.dependabot.com/puma/puma/issues/1961)) > * Fix socket files being left around after process stopped ([#1970](https://github-redirect.dependabot.com/puma/puma/issues/1970)) > * Absolutely thousands of lines of test improvements and fixes thanks to [@&#8203;MSP-Greg](https://github.com/MSP-Greg) > > ## 4.1.1 / 2019-09-05 > > * 3 bugfixes > * Revert our attempt to not dup STDOUT/STDERR ([#1946](https://github-redirect.dependabot.com/puma/puma/issues/1946)) > * Fix socket close on error ([#1941](https://github-redirect.dependabot.com/puma/puma/issues/1941)) > * Fix workers not shutting down correctly ([#1908](https://github-redirect.dependabot.com/puma/puma/issues/1908)) > > ## 4.1.0 / 2019-08-08 > ></tr></table> ... (truncated) </details> <details> <summary>Commits</summary> - [`bb29fc7`](https://github.com/puma/puma/commit/bb29fc7fe8f822d0f72706a1ae86e49af3476777) 3.12.2 - [`058df12`](https://github.com/puma/puma/commit/058df12b78e7d1ec661c3b8777f26a736c26675b) 4.3.1 and 4.2.1 release notes - [`06053e6`](https://github.com/puma/puma/commit/06053e60908074bb38293d4449ea261cb009b53e) Merge pull request from GHSA-7xx3-m584-x994 - [`461c9e9`](https://github.com/puma/puma/commit/461c9e99783e5f69e632acedae83be55017d5fe4) Docs files - [`7e2c88d`](https://github.com/puma/puma/commit/7e2c88d4131a1a70f551287e49b8f527d29d0469) v3.12.1 - [`36964ec`](https://github.com/puma/puma/commit/36964ec42982d7b3205760bc2bf9ccf3fec8af69) Merge pull request [#1700](https://github-redirect.dependabot.com/puma/puma/issues/1700) from schneems/schneems/fix-puma-rack-handler-config - [`c24c0c8`](https://github.com/puma/puma/commit/c24c0c883496f581d9092bbe7f7431129eeb7190) Rack handler should use provided default host - [`e5d566e`](https://github.com/puma/puma/commit/e5d566ed81f3663d70f0318f8bf3d858734cb74b) Merge pull request [#1682](https://github-redirect.dependabot.com/puma/puma/issues/1682) from MSP-Greg/update-travis-ruby - [`cecc44a`](https://github.com/puma/puma/commit/cecc44aa0ae326e46031b48023253d08df706455) Merge pull request [#1701](https://github-redirect.dependabot.com/puma/puma/issues/1701) from schneems/schneems/m - [`ce57cfb`](https://github.com/puma/puma/commit/ce57cfb8c3c8259cda13c322de32dd4ff07ec03a) Allow running individual tests via the `m` gem. - Additional commits viewable in [compare view](https://github.com/puma/puma/compare/v3.12.0...v3.12.2) </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&previous-version=3.12.0&new-version=3.12.2)](https://help.github.com/articles/configuring-automated-security-fixes) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/google/gvisor/network/alerts). </details> COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/1345 from google:dependabot/bundler/benchmarks/workloads/ruby_template/puma-3.12.2 2be8d923b4cf5452e763ce369803f2729876b209 PiperOrigin-RevId: 297664218
2020-02-27Merge pull request #1971 from ↵gVisor bot
google:dependabot/bundler/benchmarks/workloads/ruby/rack-2.2.2 PiperOrigin-RevId: 297664184
2020-02-27Bump rack from 2.0.7 to 2.2.2 in /benchmarks/workloads/rubydependabot[bot]
Bumps [rack](https://github.com/rack/rack) from 2.0.7 to 2.2.2. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/2.0.7...v2.2.2) Signed-off-by: dependabot[bot] <support@github.com>
2020-02-27Internal change.Nayana Bidari
PiperOrigin-RevId: 297638665
2020-02-27Use automated release notes, if available.Adin Scannell
PiperOrigin-RevId: 297628615
2020-02-26Fix construct of linux.Stat for arm64.Rahat Mahmood
PiperOrigin-RevId: 297494373
2020-02-26Merge pull request #1912 from lubinszARM:pr_kvm_buildgVisor bot
PiperOrigin-RevId: 297492004
2020-02-26Add getsockopt tests for SO_SNDTIMEO and SO_RCVTIMEOJay Zhuang
PiperOrigin-RevId: 297485310
2020-02-25Add VFS.NewDisconnectedMount().Jamie Liu
Analogous to Linux's kern_mount(). PiperOrigin-RevId: 297259580
2020-02-25Fix DATA RACE in fs.MayDelete.Adin Scannell
MayDelete must lock the directory also, otherwise concurrent renames may race. Note that this also changes the methods to be aligned with the actual Remove and RemoveDirectory methods to minimize confusion when reading the code. (It was hard to see that resolution was correct.) PiperOrigin-RevId: 297258304
2020-02-25Merge pull request #1271 from lubinszARM:pr_ring0_1gVisor bot
PiperOrigin-RevId: 297230721
2020-02-25Add netlink sockopt logging to strace.Ian Gudger
PiperOrigin-RevId: 297220008
2020-02-25Use link-local source address for link-local multicastGhanan Gowripalan
Tests: - header_test.TestIsV6LinkLocalMulticastAddress - header_test.TestScopeForIPv6Address - stack_test.TestIPv6SourceAddressSelectionScopeAndSameAddress PiperOrigin-RevId: 297215576
2020-02-25Add option to skip stuck tasks waiting for address spaceFabricio Voznika
PiperOrigin-RevId: 297192390
2020-02-25Merge pull request #1816 from xiaobo55x:trap_flaggVisor bot
PiperOrigin-RevId: 297191168
2020-02-25Port most syscalls to VFS2.Jamie Liu
pipe and pipe2 aren't ported, pending a slight rework of pipe FDs for VFS2. mount and umount2 aren't ported out of temporary laziness. access and faccessat need additional FSImpl methods to implement properly, but are stubbed to prevent googletest from CHECK-failing. Other syscalls require additional plumbing. Updates #1623 PiperOrigin-RevId: 297188448