summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-08-03Merge release-20200622.1-315-gfe441dd25 (automated)gVisor bot
2020-08-03Internal change.gVisor bot
PiperOrigin-RevId: 324695672
2020-08-03Merge release-20200622.1-314-g5626ccf61 (automated)gVisor bot
2020-08-03Remove old TODO.Dean Deng
Fixes #2920. PiperOrigin-RevId: 324695118
2020-08-03Merge release-20200622.1-313-gb2ae7ea1b (automated)gVisor bot
2020-08-03Plumbing context.Context to DecRef() and Release().Nayana Bidari
context is passed to DecRef() and Release() which is needed for SO_LINGER implementation. PiperOrigin-RevId: 324672584
2020-08-03Merge release-20200622.1-312-gef11bb936 (automated)gVisor bot
2020-08-03Merge release-20200622.1-310-g1fbbc795e (automated)gVisor bot
2020-08-03Merge pull request #3460 from zhlhahaha:1927gVisor bot
PiperOrigin-RevId: 324658881
2020-08-03Add inotify events for fallocate and tests for fallocate/sendfile.Dean Deng
Updates #1479, #2923. PiperOrigin-RevId: 324658826
2020-08-03Merge release-20200622.1-309-g07267fc4c (automated)gVisor bot
2020-08-03Merge pull request #3469 from craig08:fuse-fix-test-mount-failedgVisor bot
PiperOrigin-RevId: 324657612
2020-08-03Merge release-20200622.1-307-g1a93a78d1 (automated)gVisor bot
2020-08-03Add support for a reverse HTTPD test.Bhasker Hariharan
This change adds a new reverse HTTP test where the HTTPD server runs in a native container but the client runs inside gVisor. It allows us to test download performance under varying levels of concurrency. Also tweaks the concurrent request numbers to test for high levels of concurrency. PiperOrigin-RevId: 324651203
2020-08-03Merge release-20200622.1-306-ge3c349d21 (automated)gVisor bot
2020-08-03Fix syntax error in issue_reviver.Adin Scannell
PiperOrigin-RevId: 324642975
2020-08-03Merge release-20200622.1-305-g10f6c41bb (automated)gVisor bot
2020-08-03Include shim binaries in the Go branch.Adin Scannell
PiperOrigin-RevId: 324615016
2020-08-03AARCH64:fix variable name collision with register nameHoward Zhang
The variable name is g which is collision with the reserved name for R28. This leads to bazel build failure on ARM with following information: (register+register) not supported on this architecture rename it from g to ptr (referenced from golang source code) Signed-off-by: Howard Zhang <howard.zhang@arm.com>
2020-07-31Merge release-20200622.1-304-gd5b31458a (automated)gVisor bot
2020-07-31Merge pull request #3300 from lubinszARM:pr_fpsimd_usrgVisor bot
PiperOrigin-RevId: 324309862
2020-07-31Merge release-20200622.1-302-gfcc88a8b2 (automated)gVisor bot
2020-07-31Fix PHONY target typosKevin Krakauer
PiperOrigin-RevId: 324305107
2020-07-31Fix MountFuseFilesystem tests failingCraig Chi
Before kernel version 4.16-rc6, fuse mount is protected by capable(CAP_SYS_ADMIN). After this version, it uses ns_capable(CAP_SYS_ADMIN) to protect. Before the 4.16 kernel, it was not allowed to mount fuse file systems without the global CAP_SYS_ADMIN. Fixes #3360
2020-07-31Merge release-20200622.1-301-gfd5f4ffed (automated)gVisor bot
2020-07-31test/socket_netlink_route: check that there is a route on local or main tablesAndrei Vagin
A new network namespace has only the local route table. PiperOrigin-RevId: 324303629
2020-07-31Merge release-20200622.1-300-ga7d9aa6d5 (automated)gVisor bot
2020-07-31Use proper set-output syntax.Adin Scannell
PiperOrigin-RevId: 324302828
2020-07-31[runtime tests] Enhance java runtime test.Ayush Ranjan
- Added a bunch of helpful options which help in speeding up the test and providing useful output. - Unexcluded passing tests and updated bugs. Excluded tests which were failing. - Increased the batch size for java tests so that we can take advantage of the shared JVMs. The running time of the tests decreased from 3+ hours (I don't know the exact running time because this test has always timed out after 3 hours) to 1 hour 15 minutes. We can reliably run this a CI kokoro job. PiperOrigin-RevId: 324301503
2020-07-31Support fragments from different sourcesGhanan Gowripalan
Prevent fragments with different source-destination pairs from conflicting with each other. Test: - ipv6_test.TestReceiveIPv6Fragments - ipv4_test.TestReceiveIPv6Fragments PiperOrigin-RevId: 324283246
2020-07-31Merge pull request #3348 from kevinGC:so-orig-dstgVisor bot
PiperOrigin-RevId: 324279280
2020-07-31Internal change.gVisor bot
PiperOrigin-RevId: 324259991
2020-07-31s/github.dev/gvisor.devKevin Krakauer
PiperOrigin-RevId: 324249991
2020-07-31iptables: support SO_ORIGINAL_DSTKevin Krakauer
Envoy (#170) uses this to get the original destination of redirected packets.
2020-07-31Merge pull request #3420 from ↵gVisor bot
google:dependabot/bundler/benchmarks/workloads/ruby/activesupport-6.0.3.2 PiperOrigin-RevId: 324238154
2020-07-31Clean up vfs2 fallocate.Dean Deng
Move to setstat.go and add a FileDescription wrapper method. PiperOrigin-RevId: 324165277
2020-07-30Fix TCP CurrentConnected counter updates.Mithun Iyer
CurrentConnected counter is incorrectly decremented on close of an endpoint which is still not connected. Fixes #3443 PiperOrigin-RevId: 324155171
2020-07-30Port nginx and move parsers to own package.Zach Koopmans
This change: - Ports the nginx benchmark. - Switches the Httpd benchmark to use 'hey' as a client. - Moves all parsers to their own package 'tools'. Parsers are moved to their own package because 1) parsing output of a command is often dependent on the format of the command (e.g. 'fio --json'), 2) to enable easier reuse, and 3) clean up and simplify actual running benchmarks (no TestParser functions and ugly sample output in benchmark files). PiperOrigin-RevId: 324144165
2020-07-30Merge pull request #3448 from lubinszARM:pr_tls_testsgVisor bot
PiperOrigin-RevId: 324127810
2020-07-30Merge pull request #3028 from lubinszARM:pr_kvm_hello1gVisor bot
PiperOrigin-RevId: 324125938
2020-07-30Merge pull request #3179 from jinmouil:fuse_initgVisor bot
PiperOrigin-RevId: 324100220
2020-07-30Call lseek(0, SEEK_CUR) unconditionally in runsc fsgofer's Readdir(offset=0).Jamie Liu
9P2000.L is silent as to how readdir RPCs interact with directory mutation. The most performant option is for Treaddir with offset=0 to restart iteration, avoiding needing to walk+open+clunk a new directory fid between invocations of getdents64(2), and the VFS2 gofer client assumes this is the case. Make this actually true for the runsc fsgofer. Fixes #3344, #3345, #3355 PiperOrigin-RevId: 324090384
2020-07-30Revert change to default buffer size.Bhasker Hariharan
In https://github.com/google/gvisor/commit/ca6bded95dbce07f9683904b4b768dfc2d4a09b2 we reduced the default buffer size to 32KB. This mostly works fine except at high throughput where we hit zero window very quickly and the TCP receive buffer moderation is not able to grow the window. This can be seen in the benchmarks where with a 32KB buffer and 100 connections downloading a 10MB file we get about 30 requests/s vs the 1MB buffer gives us about 53 requests/s. A proper fix requires a few changes to when we send a zero window as well as when we decide to send a zero window update. Today we consider available space below 1MSS as zero and send an update when it crosses 1MSS of available space. This is way too low and results in the window staying very small once we hit a zero window condition as we keep sending updates with size barely over 1MSS. Linux and BSD are smarter about this and use different thresholds. We should separately update our logic to match linux or BSD so that we don't send window updates that are really tiny or wait until we drop below 1MSS to advertise a zero window. PiperOrigin-RevId: 324087019
2020-07-30Enforce fragment block size and validate argsGhanan Gowripalan
Allow configuring fragmentation.Fragmentation with a fragment block size which will be enforced when processing fragments. Also validate arguments when processing fragments. Test: - fragmentation.TestErrors - ipv6_test.TestReceiveIPv6Fragments - ipv4_test.TestReceiveIPv6Fragments PiperOrigin-RevId: 324081521
2020-07-30Implement overlayfs_stale_read for vfs2.Jamie Liu
PiperOrigin-RevId: 324080111
2020-07-30Allocate a pseudo-tty for exec.Adin Scannell
Otherwise Ctrl-C will kill the 'docker exec' as opposed to killing the bazel command being run inside the container. PiperOrigin-RevId: 324079339
2020-07-30Add runsc build benchmark.Zach Koopmans
PiperOrigin-RevId: 324071377
2020-07-30Implement neighbor unreachability detection for ARP and NDP.Sam Balana
This change implements the Neighbor Unreachability Detection (NUD) state machine, as per RFC 4861 [1]. The state machine operates on a single neighbor in the local network. This requires the state machine to be implemented on each entry of the neighbor table. This change also adds, but does not expose, several APIs. The first API is for performing basic operations on the neighbor table: - Create a static entry - List all entries - Delete all entries - Remove an entry by address The second API is used for changing the NUD protocol constants on a per-NIC basis to allow Neighbor Discovery to operate over links with widely varying performance characteristics. See [RFC 4861 Section 10][2] for the list of constants. Finally, the last API is for allowing users to subscribe to NUD state changes. See [RFC 4861 Appendix C][3] for the list of edges. [1]: https://tools.ietf.org/html/rfc4861 [2]: https://tools.ietf.org/html/rfc4861#section-10 [3]: https://tools.ietf.org/html/rfc4861#appendix-C Tests: pkg/tcpip/stack:stack_test - TestNeighborCacheAddStaticEntryThenOverflow - TestNeighborCacheClear - TestNeighborCacheClearThenOverflow - TestNeighborCacheConcurrent - TestNeighborCacheDuplicateStaticEntryWithDifferentLinkAddress - TestNeighborCacheDuplicateStaticEntryWithSameLinkAddress - TestNeighborCacheEntry - TestNeighborCacheEntryNoLinkAddress - TestNeighborCacheGetConfig - TestNeighborCacheKeepFrequentlyUsed - TestNeighborCacheNotifiesWaker - TestNeighborCacheOverflow - TestNeighborCacheOverwriteWithStaticEntryThenOverflow - TestNeighborCacheRemoveEntry - TestNeighborCacheRemoveEntryThenOverflow - TestNeighborCacheRemoveStaticEntry - TestNeighborCacheRemoveStaticEntryThenOverflow - TestNeighborCacheRemoveWaker - TestNeighborCacheReplace - TestNeighborCacheResolutionFailed - TestNeighborCacheResolutionTimeout - TestNeighborCacheSetConfig - TestNeighborCacheStaticResolution - TestEntryAddsAndClearsWakers - TestEntryDelayToProbe - TestEntryDelayToReachableWhenSolicitedOverrideConfirmation - TestEntryDelayToReachableWhenUpperLevelConfirmation - TestEntryDelayToStaleWhenConfirmationWithDifferentAddress - TestEntryDelayToStaleWhenProbeWithDifferentAddress - TestEntryFailedGetsDeleted - TestEntryIncompleteToFailed - TestEntryIncompleteToIncompleteDoesNotChangeUpdatedAt - TestEntryIncompleteToReachable - TestEntryIncompleteToReachableWithRouterFlag - TestEntryIncompleteToStale - TestEntryInitiallyUnknown - TestEntryProbeToFailed - TestEntryProbeToReachableWhenSolicitedConfirmationWithSameAddress - TestEntryProbeToReachableWhenSolicitedOverrideConfirmation - TestEntryProbeToStaleWhenConfirmationWithDifferentAddress - TestEntryProbeToStaleWhenProbeWithDifferentAddress - TestEntryReachableToStaleWhenConfirmationWithDifferentAddress - TestEntryReachableToStaleWhenConfirmationWithDifferentAddressAndOverride - TestEntryReachableToStaleWhenProbeWithDifferentAddress - TestEntryReachableToStaleWhenTimeout - TestEntryStaleToDelay - TestEntryStaleToReachableWhenSolicitedOverrideConfirmation - TestEntryStaleToStaleWhenOverrideConfirmation - TestEntryStaleToStaleWhenProbeUpdateAddress - TestEntryStaysDelayWhenOverrideConfirmationWithSameAddress - TestEntryStaysProbeWhenOverrideConfirmationWithSameAddress - TestEntryStaysReachableWhenConfirmationWithRouterFlag - TestEntryStaysReachableWhenProbeWithSameAddress - TestEntryStaysStaleWhenProbeWithSameAddress - TestEntryUnknownToIncomplete - TestEntryUnknownToStale - TestEntryUnknownToUnknownWhenConfirmationWithUnknownAddress pkg/tcpip/stack:stack_x_test - TestDefaultNUDConfigurations - TestNUDConfigurationFailsForNotSupported - TestNUDConfigurationsBaseReachableTime - TestNUDConfigurationsDelayFirstProbeTime - TestNUDConfigurationsMaxMulticastProbes - TestNUDConfigurationsMaxRandomFactor - TestNUDConfigurationsMaxUnicastProbes - TestNUDConfigurationsMinRandomFactor - TestNUDConfigurationsRetransmitTimer - TestNUDConfigurationsUnreachableTime - TestNUDStateReachableTime - TestNUDStateRecomputeReachableTime - TestSetNUDConfigurationFailsForBadNICID - TestSetNUDConfigurationFailsForNotSupported [1]: https://tools.ietf.org/html/rfc4861 [2]: https://tools.ietf.org/html/rfc4861#section-10 [3]: https://tools.ietf.org/html/rfc4861#appendix-C Updates #1889 Updates #1894 Updates #1895 Updates #1947 Updates #1948 Updates #1949 Updates #1950 PiperOrigin-RevId: 324070795
2020-07-30Use brodcast MAC for broadcast IPv4 packetsGhanan Gowripalan
When sending packets to a known network's broadcast address, use the broadcast MAC address. Test: - stack_test.TestOutgoingSubnetBroadcast - udp_test.TestOutgoingSubnetBroadcast PiperOrigin-RevId: 324062407
2020-07-30Have dockerutil.Wait* respect the context deadlineKevin Krakauer
PiperOrigin-RevId: 324044634