summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-03-11Merge release-20200219.0-146-gd3fa741 (automated)gVisor bot
2020-03-11runsc: Set asyncpreemptoff for the kvm platformAndrei Vagin
The asynchronous goroutine preemption is a new feature of Go 1.14. When we switched to go 1.14 (cl/297915917) in the bazel config, the kokoro syscall-kvm job started permanently failing. Lets temporary set asyncpreemptoff for the kvm platform to unblock tests. PiperOrigin-RevId: 300372387
2020-03-11Merge release-20200219.0-145-g2c2622b (automated)gVisor bot
2020-03-11Merge pull request #1975 from nybidari:iptablesgVisor bot
PiperOrigin-RevId: 300362789
2020-03-11Merge release-20200219.0-138-g2aa9514 (automated)gVisor bot
2020-03-11runsc: don't redirect SIGURG which is used by Go's runtime schedulerAndrei Vagin
Go 1.14+ sends SIGURG to Ms to attempt asynchronous preemption of a G. Since it can't guarantee that a SIGURG is only related to preemption, it continues to forward them to signal.Notify (see runtime.sighandler). When runsc is running a container, there are three processes: a parent process and two children (sandbox and gopher). A parent process sets a signal handler for all signals and redirect them to the container init process. This logic should ignore SIGURG signals. We already ignore them in the Sentry, but it will be better to not notify about them when this is possible. PiperOrigin-RevId: 300345286
2020-03-11Merge release-20200219.0-137-g7bca091 (automated)gVisor bot
2020-03-11Automated rollback of changelist 300217972gVisor bot
PiperOrigin-RevId: 300308974
2020-03-11Merge release-20200219.0-136-g24e7005 (automated)gVisor bot
2020-03-11Merge pull request #1832 from xiaobo55x:tls_ptracegVisor bot
PiperOrigin-RevId: 300270894
2020-03-11Merge release-20200219.0-134-gf56fe66 (automated)gVisor bot
2020-03-10Honour the link's MaxHeaderLength when forwardingGhanan Gowripalan
This change also updates where the IP packet buffer is held in an outbound tcpip.PacketBuffer from Header to Data. This change removes unncessary copying of the IP packet buffer when forwarding. Test: stack_test.TestNICForwarding PiperOrigin-RevId: 300217972
2020-03-10Merge release-20200219.0-133-gd6440ec (automated)gVisor bot
2020-03-10The packet forwarding should resolve the link address if necessary.gVisor bot
Fixes #1510 Test: - stack_test.TestForwardingWithStaticResolver - stack_test.TestForwardingWithFakeResolver - stack_test.TestForwardingWithNoResolver - stack_test.TestForwardingWithFakeResolverPartialTimeout - stack_test.TestForwardingWithFakeResolverTwoPackets - stack_test.TestForwardingWithFakeResolverManyPackets - stack_test.TestForwardingWithFakeResolverManyResolutions PiperOrigin-RevId: 300182570
2020-03-10Merge release-20200219.0-132-g0990ef7 (automated)gVisor bot
2020-03-10Make checkpoint/restore e2e test less flakyIan Lewis
PiperOrigin-RevId: 300171916
2020-03-10Merge release-20200219.0-131-gb36de6e (automated)gVisor bot
2020-03-09Move /proc/net to /proc/PID/net, and make /proc/net -> /proc/self/net.Ting-Yu Wang
Issue #1833 PiperOrigin-RevId: 299998105
2020-03-09Merge release-20200219.0-130-g2446161 (automated)gVisor bot
2020-03-09perf/signal: rewrite code in assembly to avoid compiler optimizationsAndrei Vagin
Without this change, the assembly code of this test compiled without optimizations: mov -0x150(%rbp),%rax movl $0x77777777,(%rax) lea -0x128(%rbp),%rax with optimizations: movl $0x77777777,0x0 This code doesn't work properly, because the test changes rax in the segv handler. PiperOrigin-RevId: 299896117
2020-03-09Enable thread local storage support on arm64.Haibo Xu
Linux use the task.thread.uw.tp_value field to store the TLS pointer on arm64 platform, and we use a similar way in gvisor to store it in the arch/State struct. Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: Ie76b5c6d109bc27ccfd594008a96753806db7764
2020-03-06Merge pull request #2055 from ↵gVisor bot
google:dependabot/bundler/benchmarks/workloads/ruby/puma-3.12.4 PiperOrigin-RevId: 299485340
2020-03-07Merge release-20200219.0-127-gbfbfaf3 (automated)gVisor bot
2020-03-07Bump puma from 3.12.2 to 3.12.4 in /benchmarks/workloads/rubydependabot[bot]
Bumps [puma](https://github.com/puma/puma) from 3.12.2 to 3.12.4. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v3.12.2...v3.12.4) Signed-off-by: dependabot[bot] <support@github.com>
2020-03-06Merge pull request #2056 from ↵gVisor bot
google:dependabot/bundler/benchmarks/workloads/ruby_template/puma-3.12.4 PiperOrigin-RevId: 299480247
2020-03-07Merge release-20200219.0-125-gb23999f (automated)gVisor bot
2020-03-06Fix runsc permissions for "dev.sh --refresh"Fabricio Voznika
PiperOrigin-RevId: 299466906
2020-03-06Merge release-20200219.0-124-g228813f (automated)gVisor bot
2020-03-06Update comments and debug level for profiling options.Dean Deng
PiperOrigin-RevId: 299448307
2020-03-06Merge release-20200219.0-123-g960f6a9 (automated)gVisor bot
2020-03-06Add plumbing for importing fds in VFS2, along with non-socket, non-TTY impl.Dean Deng
In VFS2, imported file descriptors are stored in a kernfs-based filesystem. Upon calling ImportFD, the host fd can be accessed in two ways: 1. a FileDescription that can be added to the FDTable, and 2. a Dentry in the host.filesystem mount, which we will want to access through magic symlinks in /proc/[pid]/fd/. An implementation of the kernfs.Inode interface stores a unique host fd. This inode can be inserted into file descriptions as well as dentries. This change also plumbs in three FileDescriptionImpls corresponding to fds for sockets, TTYs, and other files (only the latter is implemented here). These implementations will mostly make corresponding syscalls to the host. Where possible, the logic is ported over from pkg/sentry/fs/host. Updates #1672 PiperOrigin-RevId: 299417263
2020-03-06Merge release-20200219.0-122-g6fa5cee (automated)gVisor bot
2020-03-06Prevent memory leaks in ilistTamir Duberstein
When list elements are removed from a list but not discarded, it becomes important to invalidate the references they hold to their former neighbors to prevent memory leaks. PiperOrigin-RevId: 299412421
2020-03-06Merge release-20200219.0-121-g18d41cf (automated)gVisor bot
2020-03-06Merge pull request #1963 from xiaobo55x:kvm_commongVisor bot
PiperOrigin-RevId: 299405855
2020-03-06Merge release-20200219.0-119-g56c4272 (automated)gVisor bot
2020-03-06Merge pull request #1946 from xiaobo55x:dieTrampgVisor bot
PiperOrigin-RevId: 299405663
2020-03-06Merge release-20200219.0-117-gd5dbe36 (automated)gVisor bot
2020-03-06shutdown(s, SHUT_WR) in TIME-WAIT returns ENOTCONNEyal Soha
From RFC 793 s3.9 p61 Event Processing: CLOSE Call during TIME-WAIT: return with "error: connection closing" Fixes #1603 PiperOrigin-RevId: 299401353
2020-03-06Merge release-20200219.0-116-gf50d9a3 (automated)gVisor bot
2020-03-06Specify the source of outgoing NDP RSGhanan Gowripalan
If the NIC has a valid IPv6 address assigned, use it as the source address for outgoing NDP Router Solicitation packets. Test: stack_test.TestRouterSolicitation PiperOrigin-RevId: 299398763
2020-03-06Merge release-20200219.0-115-g20170d4 (automated)gVisor bot
2020-03-06Move packetdrill tests to open-sourceEyal Soha
PiperOrigin-RevId: 299396286
2020-03-06Merge release-20200219.0-114-g006e222 (automated)gVisor bot
2020-03-06Merge pull request #2069 from andrew-d:andrew/rules_pythongVisor bot
PiperOrigin-RevId: 299383276
2020-03-06Add nat table support for iptables.Nayana Bidari
2020-03-06Merge release-20200219.0-112-gd6f5e71 (automated)gVisor bot
2020-03-06Get strings for stack.DHCPv6ConfigurationFromNDPRAGhanan Gowripalan
Useful for logs to print the string representation of the value instead of the integer value. PiperOrigin-RevId: 299356847
2020-03-06Merge release-20200219.0-111-gda48fc6 (automated)gVisor bot
2020-03-05Stub oom_score_adj and oom_score.Ian Lewis
Adds an oom_score_adj and oom_score proc file stub. oom_score_adj accepts writes of values -1000 to 1000 and persists the value with the task. New tasks inherit the parent's oom_score_adj. oom_score is a read-only stub that always returns the value '0'. Issue #202 PiperOrigin-RevId: 299245355