summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-11-05Fix failure setting OOM score adjustmentFabricio Voznika
When OOM score adjustment needs to be set, all the containers need to be loaded to find all containers that belong to the sandbox. However, each load signals the container to ensure it is still alive. OOM score adjustment is set during creation and deletion of every container, generating a flood of signals to all containers. The fix removes the signal check when it's not needed. There is also a race fetching OOM score adjustment value from the parent when the sandbox exits at the same time (the time it took to signal containers above made this window quite large). The fix is to store the original value in the sandbox state file and use it when the value needs to be restored. Also add more logging and made the existing ones more consistent to help with debugging. PiperOrigin-RevId: 340940799
2020-11-05[runtime tests] Exclude ext/pcre/tests/cache_limit.phpt.Ayush Ranjan
PiperOrigin-RevId: 340925131
2020-11-05Deflake semaphore_test.Jamie Liu
- Disable saving in tests that wait for EINTR. - Do not execute async-signal-unsafe code after fork() (see fork(2)'s manpage, "After a fork in a multithreaded program ...") - Check for errors returned by semctl(GETZCNT). PiperOrigin-RevId: 340901353
2020-11-04Unlock tcp endpoint mutex before blocking forever.Dean Deng
This was occasionally causing tests to get stuck due to races with the save process, during which the same mutex is acquired. PiperOrigin-RevId: 340789616
2020-11-04Make the regex for inet6Line in packetimpact/netdevs more accurateZeling Feng
PiperOrigin-RevId: 340763455
2020-11-04Include file size in Merkle hashChong Cai
The file size can now also be verified. Also, since we are zero-padding the last block of the data, we cannot differentiate the cases between zero-padded block from the blocks that are ends with zeroes. With the size included this can be addressed, as those cases would have different file size. PiperOrigin-RevId: 340695510
2020-11-03Update WORKSPACE to use Go 1.15.2Ian Lewis
Updates #2785 PiperOrigin-RevId: 340566576
2020-11-03Fix more nogo testsTing-Yu Wang
PiperOrigin-RevId: 340536306
2020-11-03[vfs2] Do not drop inotify waiters across S/R.Dean Deng
The waits-for relationship between an epoll instance and an inotify fd should be restored. This fixes flaky inotify vfs2 tests. PiperOrigin-RevId: 340531367
2020-11-03Make pipe min/max sizes match linux.Nicolas Lacasse
The default pipe size already matched linux, and is unchanged. Furthermore `atomicIOBytes` is made a proper constant (as it is in Linux). We were plumbing usermem.PageSize everywhere, so this is no functional change. PiperOrigin-RevId: 340497006
2020-11-03Merge pull request #3617 from laijs:upperhalfgVisor bot
PiperOrigin-RevId: 340484823
2020-11-03Release mutex before blocking during TCP handshake route resolution.Dean Deng
Without releasing the mutex, operations on the endpoint following a nonblocking connect will not make progress until connect is complete. PiperOrigin-RevId: 340467654
2020-11-03arm64 kvm: inject sError to trigger sigbuslubinszARM
Use an sErr injection to trigger sigbus when we receive EFAULT from the run ioctl. After applying this patch, mmap_test_runsc_kvm will be passed on Arm64. Signed-off-by: Bin Lu <bin.lu@arm.com> COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/4542 from lubinszARM:pr_kvm_mmap_1 f81bd42466d1d60a581e5fb34de18b78878c68c1 PiperOrigin-RevId: 340461239
2020-11-02Implement command GETZCNT for semctl.Jing Chen
PiperOrigin-RevId: 340389884
2020-11-02[vfs2] Refactor kernfs checkCreateLocked.Dean Deng
Don't return the filename, since it can already be determined by the caller. This was causing a panic in RenameAt, which relied on the name to be nonempty even if the error was EEXIST. Reported-by: syzbot+e9f117d000301e42361f@syzkaller.appspotmail.com PiperOrigin-RevId: 340381946
2020-11-02Send NUD probes in a separate gorountineSam Balana
Send NUD probes in another gorountine to free the thread of execution for finishing the state transition. This is necessary to avoid deadlock where sending and processing probes are done in the same call stack, such as loopback and integration tests. Fixes #4701 PiperOrigin-RevId: 340362481
2020-11-02Skip log.Sprintfs when leak check logging is not enabled.Dean Deng
PiperOrigin-RevId: 340361998
2020-11-02Clean up the code of setupTimeWaitCloseAndrei Vagin
The active_closefd has to be shutdown only for write, otherwise the second poll will always return immediately. The second poll should not be called from a separate thread. PiperOrigin-RevId: 340319071
2020-11-02Pass hashing algorithms in verity fs optsChong Cai
PiperOrigin-RevId: 340275942
2020-11-02Automated rollback of changelist 339945377Dean Deng
PiperOrigin-RevId: 340274194
2020-11-02Block external network for testsAndrei Vagin
And in this case, tests will run in separate network namespaces and will not affect each other. PiperOrigin-RevId: 340267734
2020-11-03kvm: share upper halves among all pagtablesLai Jiangshan
Fixes: #509 Signed-off-by: Lai Jiangshan <jiangshan.ljs@antfin.com> Signed-off-by: Lai Jiangshan <laijs@linux.alibaba.com>
2020-11-01Fix returned error when deleting non-existant addressIan Lewis
PiperOrigin-RevId: 340149214
2020-10-31net/tcpip: connect to unset loopback address has to return EADDRNOTAVAILAndrei Vagin
In the docker container, the ipv6 loopback address is not set, and connect("::1") has to return ENEADDRNOTAVAIL in this case. Without this fix, it returns EHOSTUNREACH. PiperOrigin-RevId: 340002915
2020-10-30Adjust error handling in kernfs rename.Dean Deng
Read-only directories (e.g. under /sys, /proc) should return EPERM for rename. PiperOrigin-RevId: 339979022
2020-10-30Fix rename error handling for VFS2 kernfs.Dean Deng
The non-errno error was causing panics before. PiperOrigin-RevId: 339969348
2020-10-30Automated rollback of changelist 339750876Dean Deng
PiperOrigin-RevId: 339945377
2020-10-30Separate kernel.Task.AsCopyContext() into CopyContext() and OwnCopyContext().Jamie Liu
kernel.copyContext{t} cannot be used outside of t's task goroutine, for three reasons: - t.CopyScratchBuffer() is task-goroutine-local. - Calling t.MemoryManager() without running on t's task goroutine or locking t.mu violates t.MemoryManager()'s preconditions. - kernel.copyContext passes t as context.Context to MM IO methods, which is illegal outside of t's task goroutine (cf. kernel.Task.Value()). Fix this by splitting AsCopyContext() into CopyContext() (which takes an explicit context.Context and is usable outside of the task goroutine) and OwnCopyContext() (which uses t as context.Context, but is only usable by t's task goroutine). PiperOrigin-RevId: 339933809
2020-10-30Merge pull request #4564 from zhlhahaha:1981gVisor bot
PiperOrigin-RevId: 339921446
2020-10-30Add the gVisor admission webhookKevin Krakauer
PiperOrigin-RevId: 339913577
2020-10-30Avoid creating users if user is root already.Adin Scannell
PiperOrigin-RevId: 339886754
2020-10-29Add IPv4 reassembly packetimpact testArthur Sfez
The IPv6 reassembly test was also refactored to be easily extended with more cases. PiperOrigin-RevId: 339768605
2020-10-29[infra] Deflake Go / generate (pull_request.Ayush Ranjan
#4673 does not seem to work. Try this new approach. PiperOrigin-RevId: 339754794
2020-10-29Automated rollback of changelist 339675182Dean Deng
PiperOrigin-RevId: 339750876
2020-10-29Make RedirectTarget thread safeKevin Krakauer
Fixes #4613. PiperOrigin-RevId: 339746784
2020-10-29Fix TCP wildcard bind failure when netstack is v6 onlyTing-Yu Wang
TCP endpoint unconditionly binds to v4 even when the stack only supports v6. PiperOrigin-RevId: 339739392
2020-10-29Keep magic constants out of netstackKevin Krakauer
PiperOrigin-RevId: 339721152
2020-10-29Add support for bare IPv4 in packetimpact testsArthur Sfez
PiperOrigin-RevId: 339699771
2020-10-29Delay goroutine creation during TCP handshake for accept/connect.Dean Deng
Refactor TCP handshake code so that when connect is initiated, the initial SYN is sent before creating a goroutine to handle the rest of the handshake (which blocks). Similarly, the initial SYN-ACK is sent inline when SYN is received during accept. Some additional cleanup is done as well. Eventually we would like to complete connections in the dispatcher without requiring a wakeup to complete the handshake. This refactor makes that easier. Updates #231 PiperOrigin-RevId: 339675182
2020-10-28Add url option for blog authorsIan Lewis
PiperOrigin-RevId: 339608078
2020-10-28[infra] Deflake Go / generate (pull_request) GitHub action.Ayush Ranjan
As you can see https://github.com/google/gvisor/commits/master, there are a lot of red commits. This is because the Go / generate GitHub action flakes. On merge, two variants of this workflow run: - one triggered by the pull request (copybara force pushes to the PR right before merge) - one triggered by the push (merge) If the push action ends up finishing before the pull request action can run go_branch.sh, then the changes that go_branch.sh makes is already pushed to the remote go branch. Consequently, the pull request action ends up having nothing to commit causing this action to fail. This change also fixes lint warnings. Now we skip running the go_branch.sh if we find that our current working commit has already been committed to remote. PiperOrigin-RevId: 339586760
2020-10-28Add leak checking for kernfs.Dentry.Dean Deng
Updates #1486. PiperOrigin-RevId: 339581879
2020-10-28Add logging option to leak checker.Dean Deng
Also refactor the template and CheckedObject interface to make this cleaner. Updates #1486. PiperOrigin-RevId: 339577120
2020-10-28Add the payload directly to the ICMPv4 typeArthur Sfez
This makes handling inbound fragmented packets easier, because a fragmented packet might not have an actual ICMP header but only a payload. After this change, the ICMPv4 is the last layer you can get because the payload is embedded in it. Note that this makes it consistent with the ICMPv6 implementation. While I'm here, I've also added the Ident and Sequence fields on the ICMPv4 type. Defaults are still zero. PiperOrigin-RevId: 339577094
2020-10-28Traversal embedded libraries, even for go_library rules.Adin Scannell
PiperOrigin-RevId: 339570821
2020-10-28Merge pull request #4630 from lemin9538:lemin_arm64_devgVisor bot
PiperOrigin-RevId: 339540747
2020-10-28Invalidate overlay.dentry.dirents during open() file creation.Jamie Liu
Updates #1199 PiperOrigin-RevId: 339528827
2020-10-28Avoid time.Now in NUDTamir Duberstein
Use the stack clock instead. Change NeighborEntry.UpdatedAt to UpdatedAtNanos. PiperOrigin-RevId: 339520566
2020-10-28[vfs] Refactor hostfs mmap into kernfs util.Ayush Ranjan
PiperOrigin-RevId: 339505487
2020-10-28Merge pull request #2849 from lubinszARM:pr_memory_barriergVisor bot
PiperOrigin-RevId: 339504677