Age | Commit message (Collapse) | Author |
|
Simplify some logic while I'm here.
PiperOrigin-RevId: 351491593
|
|
gvisor-containerd-shim is not compatible with containerd 1.1 or earlier.
Starting from containerd 1.2, shim v2 is the preferred interface.
PiperOrigin-RevId: 351485556
|
|
This can race and cause issues. Instead, a manual shutdown can be done
via 'bazel-shutdown' if required for specific cases. The ARM64 builds
are now done using cross-compilation, so this hack is not necessary.
PiperOrigin-RevId: 351477908
|
|
This change implements TLP details enumerated in
https://tools.ietf.org/html/draft-ietf-tcpm-rack-08#section-7.5.1.
Fixes #5083
PiperOrigin-RevId: 351467357
|
|
These are primarily simplification and lint mistakes. However, minor
fixes are also included and tests added where appropriate.
PiperOrigin-RevId: 351425971
|
|
This requires several changes:
* Templates must preserve relevant tags.
* Pagetables templates are split into two targets, each preserving tags.
* The binary VDSO is similarly split into two targets, with some juggling.
* The top level tools/go_branch.sh now does a crossbuild of ARM64 as well,
and checks and merges the results of the two branches together.
Fixes #5178
PiperOrigin-RevId: 351304330
|
|
This allows for use in restricted contexts.
Updates #5039
PiperOrigin-RevId: 351265378
|
|
PiperOrigin-RevId: 351263241
|
|
Closes #5226
PiperOrigin-RevId: 351259576
|
|
This allows for use in restricted contexts.
Updates #5039
PiperOrigin-RevId: 351220385
|
|
The release was changed by bazel ಠ_ಠ:
https://github.com/bazelbuild/rules_go/issues/2779
Updates #5188
PiperOrigin-RevId: 351185440
|
|
This change works around an issue in rules_pkg, described here:
https://github.com/bazelbuild/rules_pkg/pull/263
PiperOrigin-RevId: 350869030
|
|
PiperOrigin-RevId: 350862699
|
|
This creates a TTY pair and runs `/bin/sh` in interactive mode within it.
It provides useful helper functions to interact with the shell and read the
output of commands run within it.
This is meant to be used for testing upcoming changes allowing `runsc exec` to
work in `-detach=false -tty=true` mode.
PiperOrigin-RevId: 350841006
|
|
PiperOrigin-RevId: 350823213
|
|
It isn't used on aarch64.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
This is extremely convenient similar to being able to link to Go
package documentation via the canonical package names.
PiperOrigin-RevId: 350774913
|
|
This was not being tested as part of the unit test workflows, and thus was
not being hit normally. These tests are also added to the unit tests target.
PiperOrigin-RevId: 350766814
|
|
PiperOrigin-RevId: 350691246
|
|
make BAZEL_CONFIG=aarch64 arm-qemu-smoke-test
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
This further restricts the surface exposed only to artifacts
generated by the continuous integration system.
This change also installs appropriate root certificates, so
that objects can be fetched from https://storage.googleapis.com.
PiperOrigin-RevId: 350650197
|
|
PiperOrigin-RevId: 350646249
|
|
Read now takes a destination io.Writer, count, options. Keeping the method name
Read, in contrast to the Write method.
This enables:
* direct transfer of views under VV
* zero copy
It also eliminates the need for sentry to keep a slice of view because
userspace had requested a read that is smaller than the view returned, removing
the complexity there.
Read/Peek/ReadPacket are now consolidated together and some duplicate code is
removed.
PiperOrigin-RevId: 350636322
|
|
PiperOrigin-RevId: 350619346
|
|
PiperOrigin-RevId: 350614888
|
|
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
Closes #5192
PiperOrigin-RevId: 350578130
|
|
Add redirects from any module package path to its corressponding
pkg.go.dev documentation. e.g., gvisor.dev/gvisor/pkg/sentry/kernel ->
https://pkg.go.dev/gvisor.dev/gvisor/pkg/sentry/kernel.
This is a handy way to get to documentation, also used by other vanity
domains, like golang.org/x/tools.
|
|
PiperOrigin-RevId: 350509137
|
|
This allows us to link directly to profiling results from
the build results. The code uses the standard pprof http
server, exported from the Cloud Run instance.
PiperOrigin-RevId: 350440910
|
|
... Otherwise it will be mounted in via some other path, and will
not be available inside the container at all.
PiperOrigin-RevId: 350440843
|
|
PiperOrigin-RevId: 350438564
|
|
Ethernet frames are usually filtered at the hardware-level so there is
no need to filter the frames in software.
For test purposes, a new link endpoint was introduced to filter frames
based on their destination.
PiperOrigin-RevId: 350422941
|
|
IPv4 was always supported but UDP never supported joining/leaving IPv6
multicast groups via socket options.
Add: IPPROTO_IPV6, IPV6_JOIN_GROUP/IPV6_ADD_MEMBERSHIP
Remove: IPPROTO_IPV6, IPV6_LEAVE_GROUP/IPV6_DROP_MEMBERSHIP
Test: integration_test.TestUDPAddRemoveMembershipSocketOption
PiperOrigin-RevId: 350396072
|
|
PiperOrigin-RevId: 350375461
|
|
We log a warning if objdump fails, but this appears in the build log, not test
log, which can make it hard to notice.
Include it with the actual escape output as context on "(possible)" to make it
more clear when something is wrong.
PiperOrigin-RevId: 350355759
|
|
This returns all targets, and handles no targets.
PiperOrigin-RevId: 350263578
|
|
This adds significant costs to startup, since it is done for
every type in the system. Since the state package already saves
sanity checks for race builds, use this for type registration.
PiperOrigin-RevId: 350259336
|
|
PiperOrigin-RevId: 350246333
|
|
PiperOrigin-RevId: 350223482
|
|
This includes minor fix-ups:
* Handle SIGTERM in runsc debug, to exit gracefully.
* Fix cmd.debug.go opening all profiles as RDONLY.
* Fix the test name in fio_test.go, and encode the block size in the test.
PiperOrigin-RevId: 350205718
|
|
PiperOrigin-RevId: 350200437
|
|
PiperOrigin-RevId: 350197814
|
|
For validation, the "on" key in existing YAML files is changed to a literal
string. In the YAML spec, on is a keyword which encodes a boolean value, so
without relying on a specific implementation the YAML files are technically
not encoding an object that complies with the specification.
PiperOrigin-RevId: 350172147
|
|
PiperOrigin-RevId: 350159657
|
|
Reported-by: syzbot+814105309d2ae8651084@syzkaller.appspotmail.com
PiperOrigin-RevId: 350159452
|
|
Syzkaller discovered this bug in pipefs by doing something quite strange:
creat(&(0x7f0000002a00)='./file1\x00', 0x0)
mount(&(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='devtmpfs\x00', 0x20000d, 0x0)
creat(&(0x7f0000000000)='./file1/file0\x00', 0x0)
This can be reproduced with:
touch mymount
mkfifo /dev/mypipe
mount -o ro -t devtmpfs devtmpfs mymount
echo 123 > mymount/mypipe
PiperOrigin-RevId: 349687714
|
|
PiperOrigin-RevId: 349616845
|
|
PiperOrigin-RevId: 349607959
|
|
This change cleans up some minor Makefile issues, and adds support for
BuildKite annotations on failure and on profiles being generated. These
annotations will make failures very clear and link to the artifacts.
This change is a stepping stone for aggregating coverage data from all
individual test jobs, as this will also happen in .buildkite/annotate.sh.
PiperOrigin-RevId: 349606598
|