summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-03-23Merge branch 'detachable-fdbased' into go-detachable-fdbased2go-detachable-fdbasedMikael Magnusson
2021-03-23Make fdbased endpoint detachabledetachable-fdbasedMikael Magnusson
Cancel the inbound dispatchers if the endpoint is detached. Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
2021-03-23Merge release-20210315.0-10-g7dbd6924a (automated)gVisor bot
2021-03-22Update apt repository to limit to supported architectures.Adin Scannell
Fixes #5703 PiperOrigin-RevId: 364492235
2021-03-23Merge release-20210315.0-9-gc0bd71c5a (automated)gVisor bot
2021-03-22[lisa] Support dynamic types for all types.Ayush Ranjan
We were only supporting dynamic struct types. With this change, users can make any type dynamic. The tool (correctly) blindly just generates the remaining methods needed to implement Marshallable using the 3 methods defined by the user on the dynamic type. This is helpful in situations like: type StringArray []string Added a test for such a use case. PiperOrigin-RevId: 364463164
2021-03-22Merge release-20210315.0-8-g9e86dfc9c (automated)gVisor bot
2021-03-22Fix logs for packetimpact tests cleanupZeling Feng
- Don't cleanup containers in Network.Cleanup, otherwise containers will be killed and removed several times. - Don't set AutoRemove for containers. This will prevent the confusing 'removal already in progress' messages. Fixes #3795 PiperOrigin-RevId: 364404414
2021-03-22Merge release-20210315.0-7-ga073d7697 (automated)gVisor bot
2021-03-22Return tcpip.Error from (*Stack).GetMainNICAddressGhanan Gowripalan
PiperOrigin-RevId: 364381970
2021-03-22Merge release-20210315.0-6-g6bd2c6ce7 (automated)gVisor bot
2021-03-22Emit comment about build tags in gomarshal generated files.Rahat Mahmood
This may be useful for tracking down where build tags come from and understanding tag import issues in generated files. PiperOrigin-RevId: 364374931
2021-03-22Merge release-20210315.0-5-gb428fd02e (automated)gVisor bot
2021-03-22Avoid calling sync on each write in writethrough mode.Nicolas Lacasse
PiperOrigin-RevId: 364370595
2021-03-22Merge release-20210315.0-4-gcbac2d9f9 (automated)gVisor bot
2021-03-22Fix and merge tcp_{outside_the_window,tcp_unacc_seq_ack}_closingZeling Feng
The tests were not using the correct windowSize so the testing segments were actually within the window for seqNumOffset=0 tests. The issue is already fixed by #5674. PiperOrigin-RevId: 364252630
2021-03-18Merge release-20210309.0-41-g7fac7e32f (automated)gVisor bot
2021-03-18Translate syserror when validating partial IO errorsFabricio Voznika
syserror allows packages to register translators for errors. These translators should be called prior to checking if the error is valid, otherwise it may not account for possible errors that can be returned from different packages, e.g. safecopy.BusError => syserror.EFAULT. Second attempt, it passes tests now :-) PiperOrigin-RevId: 363714508
2021-03-18Address post submit comments for fs benchmarks.Zach Koopmans
Also, drop fio total reads/writes to 1GB as 10GB is prohibitively slow. PiperOrigin-RevId: 363714060
2021-03-18Merge release-20210309.0-39-g5c4f4ed9e (automated)gVisor bot
2021-03-18Skip /dev submount hack on VFS2.Jamie Liu
containerd usually configures both /dev and /dev/shm as tmpfs mounts, e.g.: ``` "mounts": [ ... { "destination": "/dev", "type": "tmpfs", "source": "/run/containerd/io.containerd.runtime.v2.task/moby/10eedbd6a0e7937ddfcab90f2c25bd9a9968b734c4ae361318142165d445e67e/tmpfs", "options": [ "nosuid", "strictatime", "mode=755", "size=65536k" ] }, ... { "destination": "/dev/shm", "type": "tmpfs", "source": "/run/containerd/io.containerd.runtime.v2.task/moby/10eedbd6a0e7937ddfcab90f2c25bd9a9968b734c4ae361318142165d445e67e/shm", "options": [ "nosuid", "noexec", "nodev", "mode=1777", "size=67108864" ] }, ... ``` (This is mostly consistent with how Linux is usually configured, except that /dev is conventionally devtmpfs, not regular tmpfs. runc/libcontainer implements OCI-runtime-spec-undocumented behavior to create /dev/{ptmx,fd,stdin,stdout,stderr} in non-bind /dev mounts. runsc silently switches /dev to devtmpfs. In VFS1, this is necessary to get device files like /dev/null at all, since VFS1 doesn't support real device special files, only what is hardcoded in devfs. VFS2 does support device special files, but using devtmpfs is the easiest way to get pre-created files in /dev.) runsc ignores many /dev submounts in the spec, including /dev/shm. In VFS1, this appears to be to avoid introducing a submount overlay for /dev, and is mostly fine since the typical mode for the /dev/shm mount is ~consistent with the mode of the /dev/shm directory provided by devfs (modulo the sticky bit). In VFS2, this is vestigial (VFS2 does not use submount overlays), and devtmpfs' /dev/shm mode is correct for the mount point but not the mount. So turn off this behavior for VFS2. After this change: ``` $ docker run --rm -it ubuntu:focal ls -lah /dev/shm total 0 drwxrwxrwt 2 root root 40 Mar 18 00:16 . drwxr-xr-x 5 root root 360 Mar 18 00:16 .. $ docker run --runtime=runsc --rm -it ubuntu:focal ls -lah /dev/shm total 0 drwxrwxrwx 1 root root 0 Mar 18 00:16 . dr-xr-xr-x 1 root root 0 Mar 18 00:16 .. $ docker run --runtime=runsc-vfs2 --rm -it ubuntu:focal ls -lah /dev/shm total 0 drwxrwxrwt 2 root root 40 Mar 18 00:16 . drwxr-xr-x 5 root root 320 Mar 18 00:16 .. ``` Fixes #5687 PiperOrigin-RevId: 363699385
2021-03-17Merge release-20210309.0-38-gd3a433caa (automated)gVisor bot
2021-03-17Do not use martian loopback packets in testsGhanan Gowripalan
Transport demuxer and UDP tests should not use a loopback address as the source address for packets injected into the stack as martian loopback packets will be dropped in a later change. PiperOrigin-RevId: 363479681
2021-03-17Merge release-20210309.0-37-g4065604e1 (automated)gVisor bot
2021-03-17Drop loopback traffic from outside of the stackGhanan Gowripalan
Loopback traffic should be stack-local but gVisor has some clients that depend on the ability to receive loopback traffic that originated from outside of the stack. Because of this, we guard this change behind IP protocol options. Test: integration_test.TestExternalLoopbackTraffic PiperOrigin-RevId: 363461242
2021-03-17Merge release-20210309.0-36-g3dd7ad13b (automated)gVisor bot
2021-03-16Fix tcp_fin_retransmission_netstack_testZeling Feng
Netstack does not check ACK number for FIN-ACK packets and goes into TIMEWAIT unconditionally. Fixing the state machine will give us back the retransmission of FIN. PiperOrigin-RevId: 363301883
2021-03-16Merge release-20210309.0-35-g5eede4e75 (automated)gVisor bot
2021-03-16Fix a race with synRcvdCount and acceptMithun Iyer
There is a race in handling new incoming connections on a listening endpoint that causes the endpoint to reply to more incoming SYNs than what is permitted by the listen backlog. The race occurs when there is a successful passive connection handshake and the synRcvdCount counter is decremented, followed by the endpoint delivered to the accept queue. In the window of time between synRcvdCount decrementing and the endpoint being enqueued for accept, new incoming SYNs can be handled without honoring the listen backlog value, as the backlog could be perceived not full. Fixes #5637 PiperOrigin-RevId: 363279372
2021-03-16Merge release-20210309.0-34-g607a1e481 (automated)gVisor bot
2021-03-16setgid directory support in overlayfsKevin Krakauer
PiperOrigin-RevId: 363276495
2021-03-16Merge release-20210309.0-33-g05193de1c (automated)gVisor bot
2021-03-16Unexport methods on NDPOptionGhanan Gowripalan
They are not used outside of the header package. PiperOrigin-RevId: 363237708
2021-03-16Merge release-20210309.0-32-g68065d1ce (automated)gVisor bot
2021-03-16Detect looped-back NDP DAD messagesGhanan Gowripalan
...as per RFC 7527. If a looped-back DAD message is received, do not fail DAD since our own DAD message does not indicate that a neighbor has the address assigned. Test: ndp_test.TestDADResolveLoopback PiperOrigin-RevId: 363224288
2021-03-16Merge release-20210309.0-31-gebd7c1b88 (automated)gVisor bot
2021-03-16Do not call into Stack from LinkAddressRequestGhanan Gowripalan
Calling into the stack from LinkAddressRequest is not needed as we already have a reference to the network endpoint (IPv6) or network interface (IPv4/ARP). PiperOrigin-RevId: 363213973
2021-03-16Merge release-20210309.0-30-gf7e841c2c (automated)gVisor bot
2021-03-15Turn sys_thread constants into variables.Etienne Perot
PiperOrigin-RevId: 363092268
2021-03-16Merge release-20210309.0-29-gf4b742182 (automated)gVisor bot
2021-03-15Move `MaxIovs` back to a variable in `iovec.go`.Etienne Perot
PiperOrigin-RevId: 363091954
2021-03-16Merge release-20210309.0-28-g34d0d7206 (automated)gVisor bot
2021-03-15Deflake proc_test_nativeFabricio Voznika
Terminating tasks from other tests can mess up with the task list of the current test. Tests were changed to look for added/removed tasks, ignoring other tasks that may exist while the test is running. PiperOrigin-RevId: 363084261
2021-03-16Merge release-20210309.0-27-gb1d578772 (automated)gVisor bot
2021-03-15Make netstack (//pkg/tcpip) buildable for 32 bitKevin Krakauer
Doing so involved breaking dependencies between //pkg/tcpip and the rest of gVisor, which are discouraged anyways. Tested on the Go branch via: gvisor.dev/gvisor/pkg/tcpip/... Addresses #1446. PiperOrigin-RevId: 363081778
2021-03-15Merge release-20210309.0-26-gec45d9692 (automated)gVisor bot
2021-03-15[op] Make gofer client handle return partial write length when err is nil.Ayush Ranjan
If there was a partial write (when not using the host FD) which did not generate an error, we were incorrectly returning the number of bytes attempted to write instead of the number of bytes actually written. PiperOrigin-RevId: 363058989
2021-03-15Merge release-20210309.0-25-g48915d17d (automated)gVisor bot
2021-03-15Merge pull request #5618 from iangudger:unix-transport-racegVisor bot
PiperOrigin-RevId: 362999220
2021-03-15Merge release-20210309.0-23-g06b047a5a (automated)gVisor bot