Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 304542967
|
|
NAME_MAX should be enforced per filesystem implementation
because other file systems may not have the same restriction.
Gofer filesystem now keeps a reference to the kernel clock to
avoid lookup in the Context on file access to update atime.
Update access, modification, and status change times in tmpfs.
Updates #1197, #1198.
PiperOrigin-RevId: 304527148
|
|
As per RFC 6980 section 5, nodes MUST silently ignore NDP messages if
the packet carrying them include an IPv6 Fragmentation Header.
Test: ipv6_test.TestNDPValidation
PiperOrigin-RevId: 304519379
|
|
PiperOrigin-RevId: 304508083
|
|
This is mostly required for PipeTest_OffsetCalls.
The options are DenyPRead/PWrite rather than AllowPRead/PWrite since, in Linux
terms, fs/open.c:do_dentry_open sets FMODE_PREAD|FMODE_PWRITE unconditionally
(although it allows filesystem implementations of open to unset these flags),
so they're set for most FDs; it's usually FDs created outside of open(2) that
don't get them, e.g.:
- Syscall-created pipes (fs/pipe.c:create_pipe_files =>
fs/file_table.c:alloc_file_pseudo)
- Epoll instances (fs/eventpoll.c:do_epoll_create =>
fs/anon_inodes.c:anon_inode_getfile => alloc_file_pseudo)
- Sockets (net/socket.c:sock_alloc_file => alloc_file_pseudo)
This CL adds the flags to epoll instances; a subsequent CL reworks the VFS2
implementation of pipe FDs to be filesystem-independent and adds the flags
there, and sockets aren't implemented yet.
Updates #1035
PiperOrigin-RevId: 304506434
|
|
Tests:
- ipv6_test.TestHopLimitValidation
- ipv6_test.TestRouterAdvertValidation
PiperOrigin-RevId: 304495723
|
|
PiperOrigin-RevId: 304447031
|
|
PiperOrigin-RevId: 304440599
|
|
The test is flaky in cooperative S/R mode because TCP timers are not restored
across a S/R. This can cause the TCPLinger2 timer to not fire. This change
disables S/R before setting the TCP_LINGER2 timeout.
PiperOrigin-RevId: 304430536
|
|
"gcloud" may be installed as a snap, under "/snap/bin". Make
sure this is in our PATH so that we can use gcloud.
PiperOrigin-RevId: 304297180
|
|
Previously, go-marshal only allowed literals for array
lengths. However, it's very common for ABI structs to have a fix-sized
array whose length is defined by a constant; for example PATH_MAX.
Having to convert all such arrays to have literal lengths is too
awkward.
PiperOrigin-RevId: 304289345
|
|
Timeouts were increased to deflake pkg/tcpip/stack:stack_x_test tests
that depend on timers. Some timeouts used previously were intended for
tests that do not depend on timers, so this change updates those
timeouts to give more time for a timer-based event to occur. This
change also de-parallelizes non-subtests to reduce the number of active
timers.
Test: bazel test //pkg/tcpip/stack:stack_x_test --runs_per_test=500
PiperOrigin-RevId: 304287622
|
|
PiperOrigin-RevId: 304234086
|
|
This allows control over the gRPC timeouts as needed.
PiperOrigin-RevId: 304225713
|
|
PiperOrigin-RevId: 304221302
|
|
The build tag for 32-bit x86 is 386, not i386.
Updates #2298
PiperOrigin-RevId: 304206373
|
|
Refactor the existing socket interface to share methods between VFS1 and VFS2.
The method signatures do not contain anything filesystem-related, so they don't
need to be re-defined for VFS2.
Updates #1476, #1478, #1484, #1485.
PiperOrigin-RevId: 304184545
|
|
Previously, the import statement collision detection mechanism aborted
go-marshal whenever it detected two imports in any package that has
the same local name. Consider this trivial package, defined by the the
following two source files:
file1.go:
package example
import (
path/a/to/foo
)
...
file2.go:
package example
import (
another/package/with/final/component/foo
)
...
Go-marshal previously couldn't handle generating code for the the
above package, even if none of the types marked for marshalling used
either of the imported foo packages. This turns out to be too
restrictive as we run into this a lot in practice. Examples include
"encoding/binary" vs "gvisor/pkg/binary/binary", and "sync" vs
"gvisor/pkg/sync/sync".
This change allows go-marshal to proceed with marshalling, and only
abort if the code generated by go-marshal references any such
ambiguous import names.
PiperOrigin-RevId: 304131190
|
|
PiperOrigin-RevId: 304119255
|
|
PiperOrigin-RevId: 304098611
|
|
A socket mount where anonymous sockets will reside is added to the
VirtualFilesystem. Socketfs is built on top of kernfs.
Updates #1476, #1478, #1484, #1485.
PiperOrigin-RevId: 304095251
|
|
PiperOrigin-RevId: 304068950
|
|
When copyUp fails, we attempt to clean up the upper filesystem by removing any
files that have already been copied-up. If the cleanup fails, we panic because
the "overlay filesystem is in an inconsistent state".
This CL adds the original copy-up error to the panic information, to hopefully
make it easier to track down how the overlay filesystem got into the
inconsistent state.
PiperOrigin-RevId: 304053370
|
|
Some extra fields were added to the Mount type to expose necessary data to the
proc filesystem.
PiperOrigin-RevId: 304053361
|
|
PiperOrigin-RevId: 304053357
|
|
This flag is set on Rome CPUs, but it is not documented.
PiperOrigin-RevId: 303825532
|
|
PiperOrigin-RevId: 303805784
|
|
In the case of other signals (preemption), inject a normal bounce and
defer the signal until the vCPU has been returned from guest mode.
PiperOrigin-RevId: 303799678
|
|
PiperOrigin-RevId: 303773475
|
|
PiperOrigin-RevId: 303753027
|
|
/proc/[pid]/mount* omit mounts whose mount point is outside the chroot, which
is checked (indirectly) via __d_path().
PiperOrigin-RevId: 303434226
|
|
Both have analogues in Linux:
* struct file_system_type has a char *name field.
* struct super_block keeps a pointer to the file_system_type.
These fields are necessary to support the `filesystem type` field in
/proc/[pid]/mountinfo.
PiperOrigin-RevId: 303434063
|
|
Enables handling the Hop by Hop and Destination Options extension
headers, but options are not yet supported. All options will be
treated as unknown and their respective action will be followed.
Note, the stack does not yet support sending ICMPv6 error messages in
response to options that cannot be handled/parsed. That will come
in a later change (Issue #2211).
Tests:
- header_test.TestIPv6UnknownExtHdrOption
- header_test.TestIPv6OptionsExtHdrIterErr
- header_test.TestIPv6OptionsExtHdrIter
- ipv6_test.TestReceiveIPv6ExtHdrs
PiperOrigin-RevId: 303433085
|
|
BoundEndpointAt() is needed to support Unix sockets bound at a
file path, corresponding to BoundEndpoint() in VFS1.
Updates #1476.
PiperOrigin-RevId: 303258251
|
|
Using the host-defined file owner matches VFS1. It is more correct to use the
host-defined mode, since the cached value may become out of date. However,
kernfs.Inode.Mode() does not return an error--other filesystems on kernfs are
in-memory so retrieving mode should not fail. Therefore, if the host syscall
fails, we rely on a cached value instead.
Updates #1672.
PiperOrigin-RevId: 303220864
|
|
PiperOrigin-RevId: 303212189
|
|
PiperOrigin-RevId: 303208407
|
|
Enables the reassembly of fragmented IPv6 packets and handling of the
Routing extension header with a Segments Left value of 0. Atomic
fragments are handled as described in RFC 6946 to not interfere with
"normal" fragment traffic. No specific routing header type is supported.
Note, the stack does not yet support sending ICMPv6 error messages in
response to IPv6 packets that cannot be handled/parsed. That will come
in a later change (Issue #2211).
Test:
- header_test.TestIPv6RoutingExtHdr
- header_test.TestIPv6FragmentExtHdr
- header_test.TestIPv6ExtHdrIterErr
- header_test.TestIPv6ExtHdrIter
- ipv6_test.TestReceiveIPv6ExtHdrs
- ipv6_test.TestReceiveIPv6Fragments
RELNOTES: n/a
PiperOrigin-RevId: 303189584
|
|
Analagous to Linux's mount.mnt_id. This ID is displayed in
/proc/[pid]/mountinfo.
PiperOrigin-RevId: 303185564
|
|
|
|
This feature will match UID and GID of the packet creator, for locally
generated packets. This match is only valid in the OUTPUT and POSTROUTING
chains. Forwarded packets do not have any socket associated with them.
Packets from kernel threads do have a socket, but usually no owner.
|
|
PiperOrigin-RevId: 303159175
|
|
PiperOrigin-RevId: 303158421
|
|
PiperOrigin-RevId: 303156734
|
|
PiperOrigin-RevId: 303147253
|
|
- Change receiver of endpoint lookup functions
- Remove unused struct fields and functions in test
- s/%v/%s/ for errors
- Capitalize NIC
https://github.com/golang/go/wiki/CodeReviewComments#initialisms
PiperOrigin-RevId: 303119580
|
|
PiperOrigin-RevId: 303105826
|
|
Updates #1035
PiperOrigin-RevId: 303021328
|
|
Tests were run assuming a runtime of "runsc" was present, and did not
have --net-raw enabled.
|
|
PiperOrigin-RevId: 303010530
|