summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2021-01-05Merge release-20201208.0-106-g33d59811f (automated)gVisor bot
2021-01-05Change the build badge to point to BuildKite.Adin Scannell
PiperOrigin-RevId: 350197814
2021-01-05Merge release-20201208.0-105-g2a5d3c248 (automated)gVisor bot
2021-01-05Add YAML validation for configuration files.Adin Scannell
For validation, the "on" key in existing YAML files is changed to a literal string. In the YAML spec, on is a keyword which encodes a boolean value, so without relying on a specific implementation the YAML files are technically not encoding an object that complies with the specification. PiperOrigin-RevId: 350172147
2021-01-05Merge release-20201208.0-104-g622db84e4 (automated)gVisor bot
2021-01-05Merge release-20201208.0-103-g2a200811d (automated)gVisor bot
2021-01-05Internal changes.Andrei Vagin
PiperOrigin-RevId: 350159657
2021-01-05fs/fuse: check that a task has a specified file descriptorAndrei Vagin
Reported-by: syzbot+814105309d2ae8651084@syzkaller.appspotmail.com PiperOrigin-RevId: 350159452
2020-12-31Merge release-20201208.0-102-g807a080d9 (automated)gVisor bot
2020-12-31Add missing error checks for FileDescription.Init.Dean Deng
Syzkaller discovered this bug in pipefs by doing something quite strange: creat(&(0x7f0000002a00)='./file1\x00', 0x0) mount(&(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='devtmpfs\x00', 0x20000d, 0x0) creat(&(0x7f0000000000)='./file1/file0\x00', 0x0) This can be reproduced with: touch mymount mkfifo /dev/mypipe mount -o ro -t devtmpfs devtmpfs mymount echo 123 > mymount/mypipe PiperOrigin-RevId: 349687714
2020-12-31Merge release-20201208.0-101-g3b1d37f6a (automated)gVisor bot
2020-12-30Remove remote execution support.Adin Scannell
PiperOrigin-RevId: 349616845
2020-12-30Merge release-20201208.0-100-g4691a8125 (automated)gVisor bot
2020-12-30Add test for open(2) with O_WRONLY|O_RDWR.Dean Deng
PiperOrigin-RevId: 349607959
2020-12-30Merge release-20201208.0-99-g899b9ba46 (automated)gVisor bot
2020-12-30Add BuildKite annotations for failures and profiles.Adin Scannell
This change cleans up some minor Makefile issues, and adds support for BuildKite annotations on failure and on profiles being generated. These annotations will make failures very clear and link to the artifacts. This change is a stepping stone for aggregating coverage data from all individual test jobs, as this will also happen in .buildkite/annotate.sh. PiperOrigin-RevId: 349606598
2020-12-30Merge release-20201208.0-98-g0fb5de115 (automated)gVisor bot
2020-12-30Use a stable ordering for generated types.Adin Scannell
Otherwise this pollutes the 'go' branch and doesn't conform to standards for generate bazel files. PiperOrigin-RevId: 349605037
2020-12-30Merge release-20201208.0-97-g1b66bad7c (automated)gVisor bot
2020-12-30Fix condition checking in `runsc debug`Fabricio Voznika
Closes #5052 PiperOrigin-RevId: 349579814
2020-12-30Merge release-20201208.0-96-ged5850e8e (automated)gVisor bot
2020-12-29Add continuous VFS1 tests.Adin Scannell
PiperOrigin-RevId: 349517093
2020-12-30Merge release-20201208.0-95-gfc153750e (automated)gVisor bot
2020-12-29Deflake TestBindOverlay in //test/e2e:integration_testTing-Yu Wang
Test failure happens when `echo` writes late: * Server nc shuts down write when it sees EOF from stdin. * Client nc closes the connection when it detects EOF from socket and no data in internal write buffer. Using `-q` flag to make server not shutting down write in the beginning, while letting connection to be closed by client. As `-q` flag's default value varies in different netcat versions, we always specify it to prevent future breakage. PiperOrigin-RevId: 349504016
2020-12-30Merge release-20201208.0-94-gffa9a715a (automated)gVisor bot
2020-12-29Simplify profiling and benchmarks.Adin Scannell
- Tweak the benchmarks to work with b.N where appropriate. In many cases, b.N was simply being ignored. This creates an implicit dependency in the user passing a reasonable benchtime (less than or equal to the actual runtime of the test, or using the X syntax) otherwise the test runs forever. - In cases where the above is impossible, explicitly set benchtime from the test wrapper, to prevent the above behavior (tensorflow). - Drop the *Reverse variants, which are simply hey benchmarks. We should just add a hey benchmark. The platforms benchmarks already include a native platform, and thus these benchmarks are incredibly confusing. (In other words, BenchmarkNginxReverse has nothing to do with an nginx benchmark for runsc.) - Remove the redunant Harness object, which contains no state, in order to slightly simplify the code. - Make Block and Heap profiling actually work, but setting appropriate runtime parameters (and plumbing them through the config). - Split the profiling into two phases: start and stop, since some will need to be started early, and others will need to happen at the end. PiperOrigin-RevId: 349495377
2020-12-30Merge release-20201208.0-93-g3c58405a5 (automated)gVisor bot
2020-12-30Merge release-20201208.0-92-gd302c0570 (automated)gVisor bot
2020-12-29Exclude changing generated file from go_branch.Adin Scannell
PiperOrigin-RevId: 349491589
2020-12-29Deflake semaphore_test_nativeJing Chen
PiperOrigin-RevId: 349490873
2020-12-30Merge release-20201208.0-91-g85c1c3ed4 (automated)gVisor bot
2020-12-29Make profiling commands synchronous.Adin Scannell
This allows for a model of profiling when you can start collection, and it will terminate when the sandbox terminates. Without this synchronous call, it is effectively impossible to collect length blocking and mutex profiles. PiperOrigin-RevId: 349483418
2020-12-29Merge release-20201208.0-90-g91c05c609 (automated)gVisor bot
2020-12-29Export socket_ipv6_udp_unbound_loopback.ccTamir Duberstein
PiperOrigin-RevId: 349458984
2020-12-28Merge release-20201208.0-89-g3ff7324df (automated)gVisor bot
2020-12-28Avoid duplicate `run` keyTamir Duberstein
This GitHub action has been failing since 4e963c9. PiperOrigin-RevId: 349327675
2020-12-28Merge pull request #5166 from kevinGC:bk-warningsgVisor bot
PiperOrigin-RevId: 349314945
2020-12-23Resolve compiler warningsKevin Krakauer
The buildkite syscall tests start with a lot of C++ warnings. This cleans that up a little.
2020-12-23vfs1: don't allow to open socket filesAndrei Vagin
open() has to return ENXIO in this case. O_PATH isn't supported by vfs1. PiperOrigin-RevId: 348820478
2020-12-22Internal change.gVisor bot
PiperOrigin-RevId: 348720223
2020-12-22Add missing link types to go branchKevin Krakauer
PiperOrigin-RevId: 348710397
2020-12-22Move SO_BINDTODEVICE to socketops.Nayana Bidari
PiperOrigin-RevId: 348696094
2020-12-22Correctly log sniffed ARP packetsTamir Duberstein
This condition was inverted in 360006d. PiperOrigin-RevId: 348679088
2020-12-22Invoke address resolution upon subsequent traffic to Failed neighborPeter Johnston
Removes the period of time in which subseqeuent traffic to a Failed neighbor immediately fails with ErrNoLinkAddress. A Failed neighbor is one in which address resolution fails; or in other words, the neighbor's IP address cannot be translated to a MAC address. This means removing the Failed state for linkAddrCache and allowing transitiong out of Failed into Incomplete for neighborCache. Previously, both caches would transition entries to Failed after address resolution fails. In this state, any subsequent traffic requested within an unreachable time would immediately fail with ErrNoLinkAddress. This does not follow RFC 4861 section 7.3.3: If address resolution fails, the entry SHOULD be deleted, so that subsequent traffic to that neighbor invokes the next-hop determination procedure again. Invoking next-hop determination at this point ensures that alternate default routers are tried. The API for getting a link address for a given address, whether through the link address cache or the neighbor table, is updated to optionally take a callback which will be called when address resolution completes. This allows `Route` to handle completing link resolution internally, so callers of (*Route).Resolve (e.g. endpoints) don’t have to keep track of when it completes and update the Route accordingly. This change also removes the wakers from LinkAddressCache, NeighborCache, and Route in favor of the callbacks, and callers that previously used a waker can now just pass a callback to (*Route).Resolve that will notify the waker on resolution completion. Fixes #4796 Startblock: has LGTM from sbalana and then add reviewer ghanan PiperOrigin-RevId: 348597478
2020-12-21Prefer matching labels and longest matching prefixGhanan Gowripalan
...when performing source address selection for IPv6. These are defined in RFC 6724 section 5 rule 6 (prefer matching label) and rule 8 (use longest matching prefix). This change also considers ULA of global scope instead of its own scope, as per RFC 6724 section 3.1: Also, note that ULAs are considered as global, not site-local, scope but are handled via the prefix policy table as discussed in Section 10.6. Test: stack_test.TestIPv6SourceAddressSelectionScope Startblock: has LGTM from peterjohnston and then add reviewer brunodalbo PiperOrigin-RevId: 348580996
2020-12-21Don't modify a packet header when it can be used by other endpointsAndrei Vagin
Reported-by: syzbot+48c43f82fe7738fceae9@syzkaller.appspotmail.com PiperOrigin-RevId: 348540796
2020-12-21RLock Endpoint in raw.Endpoint.HandlePacketKevin Krakauer
PiperOrigin-RevId: 348530530
2020-12-17Typo fix.Etienne Perot
PiperOrigin-RevId: 348106699
2020-12-17Set verityMu to be state nosaveChong Cai
PiperOrigin-RevId: 348092999
2020-12-17Internal change.gVisor bot
PiperOrigin-RevId: 348089449