| Age | Commit message (Collapse) | Author |
|---|
|
Unlike FlagSet, order doesn't matter here, so it can simply be a map.
PiperOrigin-RevId: 224377910
Change-Id: I15810c698a7f02d8614bf09b59583ab73cba0514
|
|
* Clarify tcpip.Endpoint.Write contract regarding short writes.
* Enforce tcpip.Endpoint.Write contract regarding short writes.
* Update relevant users of tcpip.Endpoint.Write.
PiperOrigin-RevId: 224377586
Change-Id: I24299ecce902eb11317ee13dae3b8d8a7c5b097d
|
|
Also ensure an event is emitted at startup.
PiperOrigin-RevId: 224372065
Change-Id: I5f642b6d6b13c6468ee8f794effe285fcbbf29cf
|
|
PiperOrigin-RevId: 224351139
Change-Id: I9453bd75e5a8d38db406bb47fdc01038ac60922e
|
|
PiperOrigin-RevId: 224227677
Change-Id: I08b0e0c0574170556269900653e5bcf9e9e5c9c9
|
|
By Walking before checking that the directory is writable and
executable, MayDelete may return the Walk error (e.g., ENOENT) which
would normally be masked by a permission error (EACCES).
PiperOrigin-RevId: 224222453
Change-Id: I108a7f730e6bdaa7f277eaddb776267c00805475
|
|
PiperOrigin-RevId: 224221509
Change-Id: I7aaea74629227d682786d3e435737364921249bf
|
|
PiperOrigin-RevId: 224214981
Change-Id: I4c1dd5b1c856f7a4f9866a5dda44a5297e92486a
|
|
This makes it more obvious why a mount failed.
PiperOrigin-RevId: 224203880
Change-Id: I7961774a7b6fdbb5493a791f8b3815c49b8f7631
|
|
If sys_prctl is called with PR_SET_MM without CAP_SYS_RESOURCE,
the syscall should return failure with errno set to EPERM.
See: http://man7.org/linux/man-pages/man2/prctl.2.html
PiperOrigin-RevId: 224182874
Change-Id: I630d1dd44af8b444dd16e8e58a0764a0cf1ad9a3
|
|
This removes code that should have never made it in in the first place, but did so due to incomplete testing. With the new tests the original code fails, the new code passes.
PiperOrigin-RevId: 224086966
Change-Id: I646fef76977f4528f3705f497b95fad6b3ec32bc
|
|
It is always the same as t.initRegs.
PiperOrigin-RevId: 224085550
Change-Id: I5cc4ddc3b481d4748c3c43f6f4bb50da1dbac694
|
|
FileOperations.Write should return ErrWouldBlock to allow the upper
layer to loop and sendmsg should continue writing where it left off
on a partial write.
PiperOrigin-RevId: 224081631
Change-Id: Ic61f6943ea6b7abbd82e4279decea215347eac48
|
|
The signature of time.now has remained unchanged:
https://github.com/golang/go/blob/c2412a7681d5beaeb5a4ceef3b2b7886361282ce/src/time/time.go#L1072
PiperOrigin-RevId: 224061160
Change-Id: Ic84bd6ee8fb9952cd9ab580bcb0892444ce7c2da
|
|
PiperOrigin-RevId: 224047765
Change-Id: I6f3c75b33c32bf8f8910ea3fab35406d7d672d87
|
|
The number of symbolic links that are allowed to be followed
are for a full path and not just a chain of symbolic links.
PiperOrigin-RevId: 224047321
Change-Id: I5e3c4caf66a93c17eeddcc7f046d1e8bb9434a40
|
|
PiperOrigin-RevId: 224047120
Change-Id: Ia6cb17fa978595cd73857b6178c4bdba401e185e
|
|
NAME_LENGTH must be enforced per component.
PiperOrigin-RevId: 224046749
Change-Id: Iba8105b00d951f2509dc768af58e4110dafbe1c9
|
|
Bazel runs multiple test cases on the same thread. Some of the test
cases rely on the test thread starting with the default memory policy,
while other tests modify the test thread's memory policy. This
obviously breaks when the test framework doesn't run each test case on
a new thread.
Also fixing an incompatibility where set_mempolicy(2) was prevented
from specifying an empty nodemask, which is allowed for some modes.
PiperOrigin-RevId: 224038957
Change-Id: Ibf780766f2706ebc9b129dbc8cf1b85c2a275074
|
|
PiperOrigin-RevId: 224033418
Change-Id: I780be973e8be68ac93e8c9e7a100002e912f40d2
|
|
PiperOrigin-RevId: 224033238
Change-Id: Ie5b1854b29340843b02c123766d290a8738d7631
|
|
PiperOrigin-RevId: 224025363
Change-Id: I98864403c779832e9e1436f7d3c3f6fb2fba9904
|
|
Signed-off-by: Bin Lu <bin.lu@arm.com>
Change-Id: I73cc4c406fadccb054e8e83c9464f6bef6280b0f
PiperOrigin-RevId: 224025309
|
|
PiperOrigin-RevId: 223893409
Change-Id: I58869c7fb0012f6c3f7612a96cb649348b56335f
|
|
Untyped integer constants default to type int and the binary package will panic
if one tries to encode an int.
PiperOrigin-RevId: 223890001
Change-Id: Iccc3afd6d74bad24c35d764508e450fd317b76ec
|
|
Fixes this error in bazel:
The native http_archive rule is deprecated.
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") for a
drop-in replacement.
PiperOrigin-RevId: 223595891
Change-Id: I4706dc5b92970e00b673d22edea82fa45d854f07
|
|
PiperOrigin-RevId: 223425575
Change-Id: Idd777e04c69e6ffcbfb0bdbea828a8b8b42d7672
|
|
Add a new 'docs' directory for that can be built on in the future. Docs are
divided into a 'user guide', 'contributor guide', and 'architecture guide'.
This is currently a work in progress.
PiperOrigin-RevId: 223326836
Change-Id: I78d08d6a89d686e92d3415d4269463e8e74bddee
|
|
PiperOrigin-RevId: 223231273
Change-Id: I8fb97ea91f7507b4918f7ce6562890611513fc30
|
|
gvisor-containerd-shim moved. It now has a stable URL that run_tests.sh always
uses.
PiperOrigin-RevId: 223188822
Change-Id: I5687c78289404da27becd8d5949371e580fdb360
|
|
Replaces the WaitGroup with a RWMutex. Calls to Async hold the mutex for
reading, while AsyncBarrier takes the lock for writing. This ensures that all
executing Async work finishes before AsyncBarrier returns.
Also pushes the Async() call from Inode.Release into
gofer/InodeOperations.Release(). This removes a recursive Async call which
should not have been allowed in the first place. The gofer Release call is the
slow one (since it may make RPCs to the gofer), so putting the Async call there
makes sense.
PiperOrigin-RevId: 223093067
Change-Id: I116da7b20fce5ebab8d99c2ab0f27db7c89d890e
|
|
With rpcinet if shutdown flags are not saved before making
the rpc a race is possible where blocked threads are woken
up before the flags have been persisted. This would mean
that threads can block indefinitely in a recvmsg after a
shutdown(SHUT_RD) has happened.
PiperOrigin-RevId: 223089783
Change-Id: If595e7add12aece54bcdf668ab64c570910d061a
|
|
Change-Id: I7c3db8dfdf95a125d7384c1d67c3300dbb99a47e
PiperOrigin-RevId: 223039923
|
|
gvisor-containerd-shim installation is currently broken.
PiperOrigin-RevId: 223002877
Change-Id: I2b890c5bf602a96c475c3805f24852ead8593a35
|
|
Implement RWF_HIPRI (4.6) silently passes the read call.
Implement -1 offset calls readv.
PiperOrigin-RevId: 222840324
Change-Id: If9ddc1e8d086e1a632bdf5e00bae08205f95b6b0
|
|
PiperOrigin-RevId: 222483471
Change-Id: I6720690b20167dd541fdfa5218eba7c9f7483347
|
|
RET_KILL_THREAD doesn't work well for Go because it will
kill only the offending thread and leave the process hanging.
RET_TRAP can be masked out and it's not guaranteed to kill
the process. RET_KILL_PROCESS is available since 4.14.
For older kernel, continue to use RET_TRAP as this is the
best option (likely to kill process, easy to debug).
PiperOrigin-RevId: 222357867
Change-Id: Icc1d7d731274b16c2125b7a1ba4f7883fbdb2cbd
|
|
PiperOrigin-RevId: 222332703
Change-Id: Id5c3cf79591c5d2949895b4e323e63c48c679820
|
|
We were relying on time.UnixNano, but that was causing collisions.
Now we generate 20 bytes of entropy from rand.Read, and base32-encode it to get
a valid container id.
PiperOrigin-RevId: 222313867
Change-Id: Iaeea9b9582d36de55f9f02f55de6a5de3f739371
|
|
SyncSyscallFiltersToThreadGroup and Task.TheadID() both acquired TaskSet RWLock
in R mode and could deadlock if a writer comes in between.
PiperOrigin-RevId: 222313551
Change-Id: I4221057d8d46fec544cbfa55765c9a284fe7ebfa
|
|
Include copyright notices and the referenced LICENSE file.
PiperOrigin-RevId: 222171321
Change-Id: I0cc0b167ca51b536d1087bf1c4742fdf1430bc2a
|
|
PiperOrigin-RevId: 222170431
Change-Id: I26a6d6ad5d6910a94bb8b0a05fc2d12e23098399
|
|
PiperOrigin-RevId: 222148953
Change-Id: I21500a9f08939c45314a6414e0824490a973e5aa
|
|
This can happen when destroy is called multiple times or when destroy
failed previously and is being called again.
PiperOrigin-RevId: 221882034
Change-Id: I8d069af19cf66c4e2419bdf0d4b789c5def8d19e
|
|
PiperOrigin-RevId: 221848471
Change-Id: I882fbe5ce7737048b2e1f668848e9c14ed355665
|
|
This gets rid of the problematic modeRegex.
PiperOrigin-RevId: 221835959
Change-Id: I566b8d8a43579a4c30c0a08a620a964bbcd826dd
|
|
This eliminates the indirection that existed in task_futex.
PiperOrigin-RevId: 221832498
Change-Id: Ifb4c926d493913aa6694e193deae91616a29f042
|
|
PiperOrigin-RevId: 221706184
Change-Id: Ia186c51e5981e984f25c340e98b94225f860e473
|
|
sandbox.Wait is racey, as the sandbox may have exited before it is called, or
even during.
We already had code to handle the case that the sandbox exits during the Wait
call, but we were not properly handling the case where the sandbox has exited
before the call.
The best we can do in such cases is return the sandbox exit code as the
application exit code.
PiperOrigin-RevId: 221702517
Change-Id: I290d0333cc094c7c1c3b4ce0f17f61a3e908d787
|
|
Also update test utilities for probing vsyscall support and add a
metric to see if vsyscalls are actually used in sandboxes.
PiperOrigin-RevId: 221698834
Change-Id: I57870ecc33ea8c864bd7437833f21aa1e8117477
|
