summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-07-10Merge release-20200622.1-89-g5df3a8fed (automated)gVisor bot
2020-07-09Discard multicast UDP source address.gVisor bot
RFC-1122 (and others) specify that UDP should not receive datagrams that have a source address that is a multicast address. Packets should never be received FROM a multicast address. See also, RFC 768: 'User Datagram Protocol' J. Postel, ISI, 28 August 1980 A UDP datagram received with an invalid IP source address (e.g., a broadcast or multicast address) must be discarded by UDP or by the IP layer (see rfc 1122 Section 3.2.1.3). This CL does not address TCP or broadcast which is more complicated. Also adds a test for both ipv6 and ipv4 UDP. Fixes #3154 PiperOrigin-RevId: 320547674
2020-07-09Merge release-20200622.1-88-g5946f1118 (automated)gVisor bot
2020-07-09Add support for IP_HDRINCL IP option for raw sockets.Bhasker Hariharan
Updates #2746 Fixes #3158 PiperOrigin-RevId: 320497190
2020-07-09Merge release-20200622.1-87-ge506fcd93 (automated)gVisor bot
2020-07-09Add args and netns flag to runsc specIan Lewis
Adds a netns flag to runsc spec that allows users to specify a network namespace path when creating a sample config.json file. Also, adds the ability to specify the command arguments used when running the container. This will make it easier for new users to create sample OCI bundles without having to edit the config.json by hand. PiperOrigin-RevId: 320486267
2020-07-09Merge release-20200622.1-86-g8d2910a04 (automated)gVisor bot
2020-07-09Explain how to bypass the Docker proxyMichael Pratt
Neither myself nor bhaskerh@ can consistently remember how to do this. PiperOrigin-RevId: 320407005
2020-07-09Merge release-20200622.1-85-gc4815af94 (automated)gVisor bot
2020-07-08Add shared mount hints to VFS2Fabricio Voznika
Container restart test is disabled for VFS2 for now. Updates #1487 PiperOrigin-RevId: 320296401
2020-07-08Merge release-20200622.1-84-g4f7af437e (automated)gVisor bot
2020-07-08Merge pull request #3171 from kevinGC:ipv6-kokorogVisor bot
PiperOrigin-RevId: 320290162
2020-07-08Merge release-20200622.1-82-ga75d9f7be (automated)gVisor bot
2020-07-08Drop empty lineMichael Pratt
PiperOrigin-RevId: 320281516
2020-07-08ip6tables: handle both IPv4 and v6 addressesKevin Krakauer
Enabling IPv6 in Docker caused IPv4 tests to fail because localAddrs didn't distinguish between address types. Example failure: https://source.cloud.google.com/results/invocations/203b2401-3333-4bec-9a56-72cc53d68ddd/log
2020-07-08Merge release-20200622.1-81-gf3fa43cf2 (automated)gVisor bot
2020-07-08Move all tests to new docker API.Zach Koopmans
Moves following to new dockerutil API: - //test/e2e:integration_test - //test/image:image_test - //test/iptables:iptables_test - //test/root:root_test - //test/packetimpact:packetimpact_test PiperOrigin-RevId: 320253118
2020-07-08Merge release-20200622.1-80-ge1f11dea2 (automated)gVisor bot
2020-07-08Avoid accidental zero-checksumTamir Duberstein
PiperOrigin-RevId: 320250773
2020-07-08Merge release-20200622.1-79-ge3db9bda6 (automated)gVisor bot
2020-07-08Enable shards in runtime test runner.Ayush Ranjan
Fixed an issue with the runtime test runner which enables us to run tests in shards. We had to touch the status file as indicated by an env var. PiperOrigin-RevId: 320236205
2020-07-08Merge release-20200622.1-78-gefa2615eb (automated)gVisor bot
2020-07-07[vfs2] Remove VFS1 usage in VDSO.Ayush Ranjan
Removed VDSO dependency on VFS1. Resolves #2921 PiperOrigin-RevId: 320122176
2020-07-08Merge release-20200622.1-77-g5e05950c1 (automated)gVisor bot
2020-07-07Deflake exec test.Jamie Liu
- Only use MAXSYMLINKS/2+1 symlinks for each of the interpreter and script paths in SymlinkLimitRefreshedForInterpreter to tolerate cases where the original paths (/tmp, /bin, or /bin/echo) themselves contain symlinks. - Ensure that UnshareFiles performs execve immediately after clone(CLONE_VFORK) (no heap allocation for ExecveArray/RunfilesPath). - Use lstat() rather than stat() for the existence check in fs_util's Exists; the latter will fail if the symlink target does not exist, even if the symlink does. PiperOrigin-RevId: 320110156
2020-07-07Merge release-20200622.1-76-g76c7bc51b (automated)gVisor bot
2020-07-07Set IPv4 ID on all non-atomic datagramsTony Gong
RFC 6864 imposes various restrictions on the uniqueness of the IPv4 Identification field for non-atomic datagrams, defined as an IP datagram that either can be fragmented (DF=0) or is already a fragment (MF=1 or positive fragment offset). In order to be compliant, the ID field is assigned for all non-atomic datagrams. Add a TCP unit test that induces retransmissions and checks that the IPv4 ID field is unique every time. Add basic handling of the IP_MTU_DISCOVER socket option so that the option can be used to disable PMTU discovery, effectively setting DF=0. Attempting to set the sockopt to anything other than disabled will fail because PMTU discovery is currently not implemented, and the default behavior matches that of disabled. PiperOrigin-RevId: 320081842
2020-07-07Merge release-20200622.1-75-g7e4d2d63e (automated)gVisor bot
2020-07-07icmp: When setting TransportHeader, remove from the Data portion.Ting-Yu Wang
The current convention is when a header is set to pkt.XxxHeader field, it gets removed from pkt.Data. ICMP does not currently follow this convention. PiperOrigin-RevId: 320078606
2020-07-07Merge release-20200622.1-74-g10930189c (automated)gVisor bot
2020-07-07Fix mknod and inotify syscall testAyush Ranjan
This change fixes a few things: - creating sockets using mknod(2) is supported via vfs2 - fsgofer can create regular files via mknod(2) - mode = 0 for mknod(2) will be interpreted as regular file in vfs2 as well Updates #2923 PiperOrigin-RevId: 320074267
2020-07-07Merge release-20200622.1-73-gc8aab5cbe (automated)gVisor bot
2020-07-07Merge pull request #3149 from wietsevenema:patch-1gVisor bot
PiperOrigin-RevId: 320062822
2020-07-07README.md: Commpatibility > CompatibilityWietse Venema
2020-07-07Merge release-20200622.1-71-ge227450dc (automated)gVisor bot
2020-07-06Call fdnotifier.UpdateFD() from fsimpl/gofer.specialFileFD.Jamie Liu
The fdnotifier package provides an API to a thread that continually epolls arbitrary host FDs. The set of events polled for each host FD is (intended to be) all events for which a waiter.Entry has expressed interest, as returned by waiter.Queue.Events() for the waiter.Queue registered to the given host FD. When the set of events changes (due to a change in the set of registered waiter.Entries), the mutator must call fdnotifier.UpdateFD() to recalculate the new event set and propagate it to the epoll FD. PiperOrigin-RevId: 319924719
2020-07-07Merge release-20200622.1-70-g937912a48 (automated)gVisor bot
2020-07-06Ensure sync is called for readonly fileFabricio Voznika
Calling sync on a readonly file flushes metadata that may have been modified, like last access time. Updates #1198 PiperOrigin-RevId: 319888290
2020-07-07Merge release-20200622.1-69-gb0f656184 (automated)gVisor bot
2020-07-06Add support for SO_RCVBUF/SO_SNDBUF for AF_PACKET sockets.Bhasker Hariharan
Updates #2746 PiperOrigin-RevId: 319887810
2020-07-06Merge release-20200622.1-68-g15c56d92d (automated)gVisor bot
2020-07-06Fix NonBlockingWrite3 not writing b3 if b2 is zero-length.Ting-Yu Wang
PiperOrigin-RevId: 319882171
2020-07-06Merge release-20200622.1-67-gbd43368f4 (automated)gVisor bot
2020-07-06Add inode number to synthetic dentriesFabricio Voznika
Reserve the MSB from ino for synthetic dentries to prevent conflict with regular dentries. Log warning in case MSB is set for regular dentries. Updates #1487 PiperOrigin-RevId: 319869858
2020-07-06Merge release-20200622.1-66-g1e5b0a973 (automated)gVisor bot
2020-07-06Merge release-20200622.1-65-g47bffa544 (automated)gVisor bot
2020-07-06Shard some slow tests.Ting-Yu Wang
stack_x_test: 2m -> 20s tcp_x_test: 80s -> 25s PiperOrigin-RevId: 319828101
2020-07-06Merge pull request #3110 from craig08:add-missing-ICRNLgVisor bot
PiperOrigin-RevId: 319827554
2020-07-06Merge release-20200622.1-63-g043e5dddd (automated)gVisor bot
2020-07-06Remove dependency on pkg/binaryTamir Duberstein
PiperOrigin-RevId: 319770124