Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 196780209
Change-Id: I89f39eec914ce54a7c6c4f28e1b6d5ff5a7dd38d
|
|
This also removes the dependency on tmutex.
PiperOrigin-RevId: 196764317
Change-Id: I523fb67454318e1a2ca9da3a08e63bfa3c1eeed3
|
|
Previously, inet.Stack was referenced in 2 structs in sentry/socket that can be
saved/restored. If an app is saved and restored on another machine, it may try
to use the old stack, which will have been replaced by a new stack on the new
machine.
PiperOrigin-RevId: 196733985
Change-Id: I6a8cfe73b5d7a90749734677dada635ab3389cb9
|
|
When the amount of data read is more than the amount written, sendfile would not
adjust 'in file' position and would resume from the wrong location.
Closes #33
PiperOrigin-RevId: 196731287
Change-Id: Ia219895dd765016ed9e571fd5b366963c99afb27
|
|
This is a necessary prerequisite for supporting multiple containers in a single
sandbox.
All the commands (in cmd package) now call operations on Containers (container
package). When a Container first starts, it will create a Sandbox with the same
ID.
The Sandbox class is now simpler, as it only knows how to create boot/gofer
processes, and how to forward commands into the running boot process.
There are TODOs sprinkled around for additional support for multiple
containers. Most notably, we need to detect when a container is intended to run
in an existing sandbox (by reading the metadata), and then have some way to
signal to the sandbox to start a new container. Other urpc calls into the
sandbox need to pass the container ID, so the sandbox can run the operation on
the given container. These are only half-plummed through right now.
PiperOrigin-RevId: 196688269
Change-Id: I1ecf4abbb9dd8987a53ae509df19341aaf42b5b0
|
|
PiperOrigin-RevId: 196615029
Change-Id: Idfa383a9aee6a9397167a4231ce99d0b0e5b9912
|
|
PiperOrigin-RevId: 196613447
Change-Id: Ib76902896798f072c3031b0c5cf7b433718928b7
|
|
PiperOrigin-RevId: 196611084
Change-Id: I6afa6b01e1dcd2aa9776dfc0f910874cc6b8d72c
|
|
PiperOrigin-RevId: 196609789
Change-Id: Ie261eea3b7fa05b6c348ca93e229de26cbd4dc7d
|
|
PiperOrigin-RevId: 196331627
Change-Id: Ifef4485f8202c52481af317cedd52d2ef48cea6a
|
|
PiperOrigin-RevId: 196325647
Change-Id: I850eb4a29b9c679da4db10eb164bbdf967690663
|
|
PiperOrigin-RevId: 196324694
Change-Id: Ia3a48976433f21622eacb4a38fefe7143ca5e31b
|
|
PiperOrigin-RevId: 196291289
Change-Id: Ie3487be029850b0b410b82416750853a6c4a2b00
|
|
PiperOrigin-RevId: 196281052
Change-Id: Ie620a0f983a1bf2570d0003d4754611879335c1c
|
|
The "install from source" section is moved under "advanced" header, right
before the testing section.
PiperOrigin-RevId: 196271666
Change-Id: I653ac0a2fa4661c96a0cb3daf3528c2109fed8d7
|
|
os.Rename validates that the target doesn't exist, which is different from
syscall.Rename which replace the target if both are directories. fsgofer needs
the syscall behavior.
PiperOrigin-RevId: 196194630
Change-Id: I87d08cad88b5ef310b245cd91647c4f5194159d8
|
|
Change-Id: I9737cc680968033ba82c95bb04cc482fcaa12642
PiperOrigin-RevId: 196192683
|
|
When file is backed by host FD, atime and mtime for the host file and the
cached attributes in the Sentry must be close together. In this case,
the call to update atime and mtime can be skipped. This is important when
host filesystem is using overlay because updating atime and mtime explicitly
forces a copy up for every file that is touched.
PiperOrigin-RevId: 196176413
Change-Id: I3933ea91637a071ba2ea9db9d8ac7cdba5dc0482
|
|
PiperOrigin-RevId: 196157086
Change-Id: Ia7f7ffe1bf486b21ef8091e2e8ef9a9faf733dfc
|
|
The "nightly/latest" was duplicated.
PiperOrigin-RevId: 196156453
Change-Id: Iccac65d870f3eb44c4bd97bcbed5cc436cb1d3c9
|
|
This is to allow files mapped directly, like /etc/hosts, to be writable.
Closes #40
PiperOrigin-RevId: 196155920
Change-Id: Id2027e421cef5f94a0951c3e18b398a77c285bbd
|
|
We also upload to a path with the current date, so that previous builds are
archived. Since these builds only include the date (and not time) their links
are somewhat discoverable as well.
PiperOrigin-RevId: 196147475
Change-Id: I54792d7a4ba2a7af24a51cd9b9f153c7744b310b
|
|
PiperOrigin-RevId: 196131690
Change-Id: I3a4eec0dcca654380ea229e3ae388ca416200110
|
|
PiperOrigin-RevId: 196129010
Change-Id: I655eb3eecf24ffff475b3882ec55a8b55e6d2f36
|
|
The one from rules_go is being deprecated.
PiperOrigin-RevId: 196128132
Change-Id: I7a4ab32696a1bcd221b0585b7a4e8109462a3609
|
|
PiperOrigin-RevId: 196051326
Change-Id: I4195b110e9a7d38d1ce1ed9c613971dea1be3bf0
|
|
Change-Id: Ibbb94cfd901d72d879657aca38bf3db1580f0d62
PiperOrigin-RevId: 196043734
|
|
Closes #28
PiperOrigin-RevId: 196041391
Change-Id: I5d79f1735b9d72744e8bebc6897002b27df9aa7a
|
|
Two changes in this CL:
First, make the "boot" process sleep when it encounters an error to give the
controller time to send the error back to the "start" process. Otherwise the
"boot" process exits immediately and the control connection errors with EOF.
Secondly, open the log file with O_APPEND, not O_TRUNC. Docker uses the same
log file for all runtime commands, and setting O_TRUNC causes them to get
destroyed. Furthermore, containerd parses these log files in the event of an
error, and it does not like the file being truncated out from underneath it.
Now, when trying to run a binary that does not exist in the image, the error
message is more reasonable:
$ docker run alpine /not/found
docker: Error response from daemon: OCI runtime start failed: /usr/local/google/docker/runtimes/runscd did not terminate sucessfully: error starting sandbox: error starting application [/not/found]: failed to create init process: no such file or directory
Fixes #32
PiperOrigin-RevId: 196027084
Change-Id: Iabc24c0bdd8fc327237acc051a1655515f445e68
|
|
PiperOrigin-RevId: 195980843
Change-Id: I066f9696b69e92e144c2c8d2c2aa52c546df94fb
|
|
Protobuf strings have to be UTF-8 encoded or 7-bit ASCII.
PiperOrigin-RevId: 195902557
Change-Id: I9800afd47ecfa6615e28a2cce7f2532f04f10763
|
|
PiperOrigin-RevId: 195893391
Change-Id: I645b7042d7f4f9dd54723afde3e5df0986e43160
|
|
PiperOrigin-RevId: 195866234
Change-Id: I81404d44a45b41c6cb81f83bd7b7a8d8493f5c98
|
|
PiperOrigin-RevId: 195850822
Change-Id: I4d7bdd8fe129c5ed461b73e1d7458be2cf5680c2
|
|
PiperOrigin-RevId: 195849066
Change-Id: If2146c7ce649522f86e661c5e52a9983345d6967
|
|
FIXED=72380268
PiperOrigin-RevId: 195846596
Change-Id: Ic87fed1433482a514631e1e72f5ee208e11290d1
|
|
Closes #35
PiperOrigin-RevId: 195840128
Change-Id: I31c1ad9b51ec53abb6f0b485d35622d4e9764b29
|
|
PiperOrigin-RevId: 195835861
Change-Id: Ib696b1b571a6b061725a33c535cd7215fe518b97
|
|
PiperOrigin-RevId: 195834310
Change-Id: I8af748f75ab87ad1cd29c4c8904d07fd729ba6c9
|
|
This warning is produced by golint.
PiperOrigin-RevId: 195833381
Change-Id: Idd6a7e57e3cfdf00819f2374b19fc113585dc1e1
|
|
PiperOrigin-RevId: 195831778
Change-Id: I413dc909cedc18fbf5320a4f75d876f1be133c6c
|
|
PiperOrigin-RevId: 195742598
Change-Id: Ibd4a8e4394e268c87700b6d1e50b4b37dfce5182
|
|
PiperOrigin-RevId: 195742471
Change-Id: I114657f9238675da23461817ca542bdcb81312c2
|
|
This also fixes the go_vet warning:
error: Fprintln call ends with newline (vet)
PiperOrigin-RevId: 195738471
Change-Id: Ic7a9df40eec1457ef03e6ee70872c497a676b53c
|
|
PiperOrigin-RevId: 195735915
Change-Id: If4dcd836c3cf9da7c314b95101b23f95ff0eb234
|
|
PiperOrigin-RevId: 195706470
Change-Id: Ia146119f04d92d559f58a6bab133d9da97e054c9
|
|
When editing the bug, the rendered view of the tags don't show up. This format is easier to read.
PiperOrigin-RevId: 195697019
Change-Id: If9bb818b7ecd28bb87608a52b3343d488144ebfd
|
|
PiperOrigin-RevId: 195525267
Change-Id: I7a5ef31365cb0c55c462deb9bdbec092473ebc6b
|
|
PiperOrigin-RevId: 195522238
Change-Id: I0107f856bea72ea6af8b196c1c13bafbc293ce95
|
|
PiperOrigin-RevId: 195517702
Change-Id: Id90309a6365cac06e68e8774aa79dc76ce1b11c7
|