summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2019-10-22Merge release-20190806.1-298-g070a8c2 (automated)gVisor bot
2019-10-21Remove old TODO.Nicolas Lacasse
PiperOrigin-RevId: 275956240
2019-10-21Merge release-20190806.1-297-g0b569b7 (automated)gVisor bot
2019-10-21Add basic implementation of execveat syscall and associated tests.Dean Deng
Allow file descriptors of directories as well as AT_FDCWD. PiperOrigin-RevId: 275929668
2019-10-21Merge release-20190806.1-296-ga9358ce (automated)gVisor bot
2019-10-21Bump rules_go to v0.20.1 and go toolchain to v1.13.3.Nicolas Lacasse
PiperOrigin-RevId: 275909782
2019-10-21Merge release-20190806.1-295-g12235d5 (automated)gVisor bot
2019-10-21AF_PACKET support for netstack (aka epsocket).Kevin Krakauer
Like (AF_INET, SOCK_RAW) sockets, AF_PACKET sockets require CAP_NET_RAW. With runsc, you'll need to pass `--net-raw=true` to enable them. Binding isn't supported yet. PiperOrigin-RevId: 275909366
2019-10-19Merge release-20190806.1-294-g652f7b1 (automated)gVisor bot
2019-10-19Add support for pipes in VFS2.Kevin Krakauer
PiperOrigin-RevId: 275650307
2019-10-18Merge release-20190806.1-293-g74044f2 (automated)gVisor bot
2019-10-18Add more instructions to test/README.mdFabricio Voznika
PiperOrigin-RevId: 275565958
2019-10-18Merge release-20190806.1-292-g51538c9 (automated)gVisor bot
2019-10-18Store primary endpoints in a sliceTamir Duberstein
There's no need for a linked list here. PiperOrigin-RevId: 275565920
2019-10-18Merge release-20190806.1-291-g487d3b2 (automated)gVisor bot
2019-10-18Fix typo while initializing protocol for UDP endpoints.Mithun Iyer
Fixes #763 PiperOrigin-RevId: 275563222
2019-10-18Merge release-20190806.1-290-g49b596b (automated)gVisor bot
2019-10-18Cleanup host UDS supportMichael Pratt
This change fixes several issues with the fsgofer host UDS support. Notably, it adds support for SOCK_SEQPACKET and SOCK_DGRAM sockets [1]. It also fixes unsafe use of unet.Socket, which could cause a panic if Socket.FD is called when err != nil, and calls to Socket.FD with nothing to prevent the garbage collector from destroying and closing the socket. A set of tests is added to exercise host UDS access. This required extracting most of the syscall test runner into a library that can be used by custom tests. Updates #235 Updates #1003 [1] N.B. SOCK_DGRAM sockets are likely not particularly useful, as a server can only reply to a client that binds first. We don't allow bind, so these are unlikely to be used. PiperOrigin-RevId: 275558502
2019-10-18Merge release-20190806.1-289-g8ae70f8 (automated)gVisor bot
2019-10-18test/perf: optimize the getdents testAndrei Vagin
* Use mknod instead of open&close to create an empty file. * Limit a number of files to (1<<16) instead of 100K. In this case, a test set is (1, 8, 64, 512, 4K, 32K, 64K) instead of (1, 8, 64, 512, 4K, 32K, 98K). I think it is easier to compare results for 32K and 64K than 32K and 98K. And results for 98K doesn't give us more information than for 54K. PiperOrigin-RevId: 275552507
2019-10-18Merge release-20190806.1-288-g4e6f3a0 (automated)gVisor bot
2019-10-18Remove restrictions on the sending addressTamir Duberstein
It is quite legal to send from the ANY address (it is required for DHCP). I can't figure out why the broadcast address was included here, so removing that as well. PiperOrigin-RevId: 275541954
2019-10-18Merge release-20190806.1-287-g4c7f849 (automated)gVisor bot
2019-10-18test: use a bigger buffer to fill a socketAndrei Vagin
Otherwise we need to do a lot of system calls and cooperative_save tests work slow. PiperOrigin-RevId: 275536957
2019-10-17Merge release-20190806.1-286-gdfdbdf1 (automated)gVisor bot
2019-10-17Refactor pipe to support VFS2.Kevin Krakauer
* Pulls common functionality (IO and locking on open) into pipe_util.go. * Adds pipe/vfs.go, which implements a subset of vfs.FileDescriptionImpl. A subsequent change will add support for pipes in memfs. PiperOrigin-RevId: 275322385
2019-10-17Merge release-20190806.1-285-g962aa23 (automated)gVisor bot
2019-10-17NDP Neighbor Solicitations sent during DAD must have an IP hop limit of 255Ghanan Gowripalan
NDP Neighbor Solicitations sent during Duplicate Address Detection must have an IP hop limit of 255, as all NDP Neighbor Solicitations should have. Test: Test that DAD messages have the IPv6 hop limit field set to 255. PiperOrigin-RevId: 275321680
2019-10-17Merge release-20190806.1-284-g06ed9e3 (automated)gVisor bot
2019-10-16Do Duplicate Address Detection on permanent IPv6 addresses.Ghanan Gowripalan
This change adds support for Duplicate Address Detection on IPv6 addresses as defined by RFC 4862 section 5.4. Note, this change will not break existing uses of netstack as the default configuration for the stack options is set in such a way that DAD will not be performed. See `stack.Options` and `stack.NDPConfigurations` for more details. Tests: Tests to make sure that the DAD process properly resolves or fails. That is, tests make sure that DAD resolves only if: - No other node is performing DAD for the same address - No other node owns the same address PiperOrigin-RevId: 275189471
2019-10-16Merge release-20190806.1-283-g2a82d5a (automated)gVisor bot
2019-10-16Reorder BUILD license and load functions in gvisor.Kevin Krakauer
PiperOrigin-RevId: 275139066
2019-10-16Merge release-20190806.1-282-g8fe48dc (automated)gVisor bot
2019-10-16Add sublevel to kernel versionMichael Pratt
Standard Linux kernel versions are VERSION.PATCHLEVEL.SUBLEVEL. e.g., 4.4.0, even when the sublevel is 0. Match this standard. PiperOrigin-RevId: 275125715
2019-10-16Merge release-20190806.1-281-g9fb5622 (automated)gVisor bot
2019-10-16Merge release-20190806.1-280-gfd4e436 (automated)gVisor bot
2019-10-16Fix problem with open FD when copy up is triggered in overlayfsFabricio Voznika
Linux kernel before 4.19 doesn't implement a feature that updates open FD after a file is open for write (and is copied to the upper layer). Already open FD will continue to read the old file content until they are reopened. This is especially problematic for gVisor because it caches open files. Flag was added to force readonly files to be reopenned when the same file is open for write. This is only needed if using kernels prior to 4.19. Closes #1006 It's difficult to really test this because we never run on tests on older kernels. I'm adding a test in GKE which uses kernels with the overlayfs problem for 1.14 and lower. PiperOrigin-RevId: 275115289
2019-10-16Support O_SYNC and O_DSYNC flags.Nicolas Lacasse
When any of these flags are set, all writes will trigger a subsequent fsync call. This behavior already existed for "write-through" mounts. O_DIRECT is treated as an alias for O_SYNC. Better support coming soon. PiperOrigin-RevId: 275114392
2019-10-16Merge release-20190806.1-279-gbbdcf44 (automated)gVisor bot
2019-10-16Fix syscall changes lost in rebaseMichael Pratt
These syscalls were changed in the amd64 file around the time the arm64 PR was sent out, so their changes got lost. Updates #63 PiperOrigin-RevId: 275114194
2019-10-16Merge release-20190806.1-278-gd22f053 (automated)gVisor bot
2019-10-16Merge pull request #736 from tanjianfeng:fix-unixgVisor bot
PiperOrigin-RevId: 275114157
2019-10-16Merge release-20190806.1-275-gde9a8e0 (automated)gVisor bot
2019-10-16Remove death from exec test namesMichael Pratt
These aren't actually death tests in the GUnit sense. i.e., they don't call EXPECT_EXIT or EXPECT_DEATH. PiperOrigin-RevId: 275099957
2019-10-16Merge release-20190806.1-274-g0457a4c (automated)gVisor bot
2019-10-15Minor vfs.FileDescriptionImpl fixes.Jamie Liu
- Pass context.Context to OnClose(). - Pass memmap.MMapOpts to ConfigureMMap() by pointer so that implementations can actually mutate it as required. PiperOrigin-RevId: 274934967
2019-10-16Merge release-20190806.1-273-gf98c3ee (automated)gVisor bot
2019-10-15Remove panic when reassembly fails.Bhasker Hariharan
Reassembly can fail due to an invalid sequence of fragments being received. eg. Multiple fragments with same id which claim to be the last one by setting the more flag to 0 etc. It's safer to just drop the reassembler and increment a metric than to panic when reassembly fails. PiperOrigin-RevId: 274920901
2019-10-15Merge release-20190806.1-272-gdb1ca5c (automated)gVisor bot
2019-10-15Set NDP hop limit in accordance with RFC 4861Tamir Duberstein
...and do not populate link address cache at dispatch. This partially reverts 313c767b0001bf6271405f1b765b60a334d6e911, which caused malformed packets (e.g. NDP Neighbor Adverts with incorrect hop limit values) to populate the address cache. In particular, this masked a bug that was introduced to the Neighbor Advert generation code in 7c1587e3401a010d1865df61dbaf117c77dd062e. PiperOrigin-RevId: 274865182