summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-09-14runsc: allow rootless mode for runsc runMichael Pratt
Rootless mode seems to work fine for simple containers with runsc run, so allow its use. Since runsc run is more widely used, require a workable --network option is passed rather than automatically switching like runsc do does. Fixes #3036
2021-09-13Accept packets destined to bound addressGhanan Gowripalan
...if bound to an address. We previously checked the source of a packet instead of the destination of a packet when bound to an address. PiperOrigin-RevId: 396497647
2021-09-13Typo fix.Etienne Perot
PiperOrigin-RevId: 396476303
2021-09-13tools/show_paths.bzl: check that provider_map isn't NoneAndrei Vagin
Otherwise it can fail: $ bazel cquery pkg/p9/... --output=starlark --starlark:file=tools/show_paths.bzl ... ERROR: Starlark evaluation error for //pkg/p9/p9test:mockgen: Traceback (most recent call last): File "tools/show_paths.bzl", line 8, column 32, in format Error: 'NoneType' value has no field or method 'get' PiperOrigin-RevId: 396457764
2021-09-13Set NICID before delivering packet to raw endpointGhanan Gowripalan
...as raw endpoints expect the packet's NICID to be set. PiperOrigin-RevId: 396446552
2021-09-13Separate IPv4 ToS & IPv6 TClass in dgram endpointGhanan Gowripalan
Setting the ToS for IPv4 packets (SOL_IP, IP_TOS) should not affect the Traffic Class of IPv6 packets (SOL_IPV6, IPV6_TCLASS). Also only return the ToS value XOR Traffic Class as a packet cannot be both an IPv4 and an IPv6 packet; It is invalid to return both the IPv4 ToS and IPv6 Traffic Class control messages when reading packets. Updates #6389. PiperOrigin-RevId: 396399096
2021-09-13Support anonymous structs in checklocks.Adin Scannell
Fixes #6558 PiperOrigin-RevId: 396393293
2021-09-11Internal change.gVisor bot
PiperOrigin-RevId: 396155387
2021-09-10Typo fix.Etienne Perot
PiperOrigin-RevId: 396042572
2021-09-09Use accessor for runsc ControlConfig proto.Rahat Mahmood
PiperOrigin-RevId: 395859347
2021-09-09Remove linux-compat loopback hacks from packet endpointGhanan Gowripalan
Previously, gVisor did not represent loopback devices as an ethernet device as Linux does. To maintain Linux API compatibility for packet sockets, a workaround was used to add an ethernet header if a link header was not already present in the packet buffer delivered to a packet endpoint. However, this workaround is a bug for non-ethernet based interfaces; not all links use an ethernet header (e.g. pure L3/TUN interfaces). As of 3b4bb947517d0d9010120aaa1c3989fd6abf278e, gVisor represents loopback devices as an ethernet-based device so this workaround can now be removed. BUG: https://fxbug.dev/81592 Updates #6530, #6531. PiperOrigin-RevId: 395819151
2021-09-09Internal change.Jamie Liu
PiperOrigin-RevId: 395809193
2021-09-09Remove link/packetsocketGhanan Gowripalan
This change removes NetworkDispatcher.DeliverOutboundPacket. Since all packet writes go through the NIC (the only NetworkDispatcher), we can deliver outgoing packets to interested packet endpoints before writing the packet to the link endpoint as the stack expects that all packets that get delivered to a link endpoint are transmitted on the wire. That is, link endpoints no longer need to let the stack know when it writes a packet as the stack already knows about the packet it writes through a link endpoint. PiperOrigin-RevId: 395761629
2021-09-09Add EthernetHeader only if underlying NIC has a mac address.Bhasker Hariharan
Fixes #6532 PiperOrigin-RevId: 395741741
2021-09-07Stub some memory control files.Rahat Mahmood
PiperOrigin-RevId: 395338926
2021-09-07Conditionally use GetAbsoluteTestTmpdir() rather than hard-code "/tmp"Kevin Lindkvist
NewTempAbsPathInDir("/tmp") prevents the generated socket address from exceeding sizeof(addr.sun_path). However, existing systems that are built with the ANDROID configuration have their temp directory in a different location. This change allows those systems to run tests that depend on UniqueUnixAddr. PiperOrigin-RevId: 395336483
2021-09-07Remove protocolMainLoop unused return valueArthur Sfez
PiperOrigin-RevId: 395325998
2021-09-03Add //pkg/sentry/seccheck.Jamie Liu
This defines common infrastructure for dynamically-configured security checks, including an example usage in the clone(2) path. PiperOrigin-RevId: 394797270
2021-09-02Internal change.Jamie Liu
PiperOrigin-RevId: 394560866
2021-09-02unix: avoid taking two endpoint locksAndrei Vagin
If we want to take two endpoint locks, we need to be sure that we always take them in the same order. Accept() locks the listening endpoint to work with acceptedChan and then it calls GetLocalAddress that locks an accepted endpoint. Actually, we can release the listening endpoint lock before calling GetLocalAddress. Reported-by: syzbot+f52bd603f51a4ae91054@syzkaller.appspotmail.com PiperOrigin-RevId: 394553823
2021-09-02Merge pull request #6516 from slowy07:minor-changesgVisor bot
PiperOrigin-RevId: 394481127
2021-09-01Support sending with packet socketsGhanan Gowripalan
...through the loopback interface, only. This change only supports sending on packet sockets through the loopback interface as the loopback interface is the only interface used in packet socket syscall tests - the other link endpoints are not excercised with the existing test infrastructure. Support for sending on packet sockets through the other interfaces will be added as needed. BUG: https://fxbug.dev/81592 PiperOrigin-RevId: 394368899
2021-09-01Out-of-order segment should not block in-sequence segments.Bhasker Hariharan
For a small receive buffer the first out-of-order segment will get accepted and fill up the receive buffer today. This change now includes the size of the out-of-order segment when checking whether to queue the out of order segment or not. PiperOrigin-RevId: 394351309
2021-09-01Extract network datagram endpoint common facilitiesGhanan Gowripalan
...from the UDP endpoint. Datagram-based transport endpoints (e.g. UDP, RAW IP) can share a lot of their write path due to the datagram-based nature of these endpoints. Extract the common facilities from UDP so they can be shared with other transport endpoints (in a later change). Test: UDP syscall tests. PiperOrigin-RevId: 394347774
2021-09-01Add ioctl stub constantsChong Cai
PiperOrigin-RevId: 394331928
2021-09-01Don't use reflection in fpu.alignedBytes.Jamie Liu
reflect.ValueOf takes an interface{}, so when passed a slice the compiler emits a call to runtime.convTslice to heap-allocate a copy of the slice header. PiperOrigin-RevId: 394310052
2021-09-01Cache vdso.so's __kernel_rt_sigreturn location.Jamie Liu
PiperOrigin-RevId: 394300607
2021-09-01Propagate vfs.MkdirOptions.ForSyntheticMountpoint to overlay copy-up.Jamie Liu
PiperOrigin-RevId: 394296687
2021-09-01unix: handle a case when a buffer is overflowedAndrei Vagin
Reported-by: syzbot+1aab6800bd14829609b8@syzkaller.appspotmail.com PiperOrigin-RevId: 394279838
2021-09-01gVisor rack blogNayana Bidari
A blog about RACK loss detection algorithm implemented in gVisor. (https://datatracker.ietf.org/doc/rfc8985/) PiperOrigin-RevId: 394265634
2021-09-01Cache cpuid.HostFeatureSet().Jamie Liu
PiperOrigin-RevId: 394261815
2021-08-31Remove splice-to/from-weird-files tests.Jamie Liu
These tests are permanently broken on Linux after 36e2c7421f02 "fs: don't allow splice read/write without explicit ops". PiperOrigin-RevId: 394161079
2021-08-31Automated rollback of changelist 390405182gVisor bot
PiperOrigin-RevId: 394004809
2021-08-30[syserr] Fix SIGBUS on syserr.FromErrorZach Koopmans
Fix syzcaller panic SIGBUS on error handling. Done by adding an interface, errors.GuestError, which errors can implement in order to be compared against each other. PiperOrigin-RevId: 393867554
2021-08-30Narrow COW-break on thread stacks.Jamie Liu
PiperOrigin-RevId: 393841270
2021-08-30Use specialFileFD handles in specialFileFD.Stat().Jamie Liu
PiperOrigin-RevId: 393831108
2021-08-30Avoid pseudo endpoint for TSVal generationZeling Feng
PiperOrigin-RevId: 393808461
2021-08-30Internal change.gVisor bot
PiperOrigin-RevId: 393783192
2021-08-27Fix lock order violations: mm.mappingMu > Task.mu.Nicolas Lacasse
Document this ordering in mm/mm.go. PiperOrigin-RevId: 393413203
2021-08-27Merge pull request #6415 from ZachEddy:containerd-runtime-options-v1.5gVisor bot
PiperOrigin-RevId: 393411409
2021-08-27Add LinkEndpoint.WriteRawPacket with stubsGhanan Gowripalan
...returning unsupported errors. PiperOrigin-RevId: 393388991
2021-08-27fix: revert go.modslowy07
2021-08-27fix: typo spelling grammarslowy07
2021-08-26Add Stack.Seed() backZeling Feng
... because it is still used by fuchsia. PiperOrigin-RevId: 393246904
2021-08-26Merge pull request #6509 from gystemd:fix_test_pty_5357gVisor bot
PiperOrigin-RevId: 393217676
2021-08-26Centralize TCP timestamp logicTamir Duberstein
Remove freestanding functions that convert time values to raw integers; centralize time->uint32 logic in methods on tcp.endpoint. Importantly, the knowledge that TSVal is in milliseconds now lives in adjacent functions rather than being spread around various files. Incidental cleanup: - Remove unused constant - Remove redundant conversion - Remove redundant parentheses - Add missing error check PiperOrigin-RevId: 393184768
2021-08-26fix tests in pty.ccgystemd
fixed and enabled SetForegroundProcessGroup and SetForegroundProcessGroupEmptyProcessGroup.
2021-08-26Avoid unhandled error warningsTamir Duberstein
PiperOrigin-RevId: 393104589
2021-08-26Remove unused argumentTamir Duberstein
PiperOrigin-RevId: 393100095
2021-08-26Pass must-not-be-nil by valueTamir Duberstein
PiperOrigin-RevId: 393095246