summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-04-10Use O_CLOEXEC when dup'ing FDsFabricio Voznika
The sentry doesn't allow execve, but it's a good defense in-depth measure. PiperOrigin-RevId: 305958737
2020-04-10Automated rollback of changelist 305940483Nicolas Lacasse
PiperOrigin-RevId: 305944892
2020-04-10Upgrade Kokoro and RBE to bazel 3.0.0Nicolas Lacasse
PiperOrigin-RevId: 305940483
2020-04-10Automated rollback of changelist 305922105Nicolas Lacasse
PiperOrigin-RevId: 305927989
2020-04-10Install Bazel 3.0.0 on Kokoro image.Nicolas Lacasse
PiperOrigin-RevId: 305922105
2020-04-10Return EIO from p9 if sending/receiving fails.Dean Deng
Continues the modifications in cl/272963663. This prevents non-syscall errors from being propogated to kernel/task_syscall.go:ExtractErrno(), which causes a sentry panic. PiperOrigin-RevId: 305913127
2020-04-10Remove TODO from kernel.StracerFabricio Voznika
The dependency strace=>kernel grew over time. strace also depends on task's FD table and FSContext. It could be fixed with some interfaces the other way, but then we're trading an interface for another, and kernel.Stracer is likely cleaner. Closes #155 PiperOrigin-RevId: 305909678
2020-04-10Test that RST is sent after ABORT in ESTABLISHED TCP state.Eyal Soha
PiperOrigin-RevId: 305879441
2020-04-10test: remove 1s delay after non-blocking socket pair acceptAndrei Vagin
It was added in cl/201419897 to deflake socket_ip_tcp_loopback_non_blocking_test_gvisor. It seems we don't need this hack, because the origin issue isn't reproducible without this hack. PiperOrigin-RevId: 305871748
2020-04-09Merge pull request #2253 from amscanne:nogogVisor bot
PiperOrigin-RevId: 305807868
2020-04-09Drop invalid NDP NS messagesGhanan Gowripalan
Better validate NDP NS messages and their options before doing work in response to them. Also make sure that NA messages sent in response to an NS use the correct IPv6 and link-layer addresses so they are routed properly and received by the right node. Test: stack_test.TestNeighorSolicitationResponse PiperOrigin-RevId: 305799054
2020-04-09Replace type assertion with TaskFromContext.Ting-Yu Wang
This should fix panic at aio callback. PiperOrigin-RevId: 305798549
2020-04-09Downgrade VFS1-specific FIXME to a NOTE.Jamie Liu
PiperOrigin-RevId: 305794509
2020-04-09Don't unconditionally set --panic-signalFabricio Voznika
Closes #2393 PiperOrigin-RevId: 305793027
2020-04-09Remove TODOs from Async IOFabricio Voznika
Block and drain requests in io_destroy(2). Note the reason to create read-only mapping. PiperOrigin-RevId: 305786312
2020-04-09Make some functions in IfAddrHelper const.Ting-Yu Wang
PiperOrigin-RevId: 305782490
2020-04-09Remove "no-sandbox" tag.Nicolas Lacasse
It seems no longer necessary. PiperOrigin-RevId: 305758572
2020-04-09Bump rule_go, bazel toolchain, and go toolchain versions.Nicolas Lacasse
PiperOrigin-RevId: 305751225
2020-04-09Dedup netlink utility functions in tests.Ting-Yu Wang
PiperOrigin-RevId: 305749697
2020-04-09Handle os.LinkError in p9/handlers.go.Dean Deng
PiperOrigin-RevId: 305721329
2020-04-09Don't use REP string instructions in safecopy.memcpy.Jamie Liu
PiperOrigin-RevId: 305718392
2020-04-09Convert int and bool socket options to use GetSockOptInt and GetSockOptBoolAndrei Vagin
PiperOrigin-RevId: 305699233
2020-04-09kokoro: fix handling of apt-get errorsAndrei Vagin
When a command is called as if expression, its error code can be get only in this if block. For example, the next script prints 0: if ( false ); then true fi echo $? PiperOrigin-RevId: 305638629
2020-04-08Dereference pointers in Layer's Stringer implgVisor bot
Dereference any fields which are pointers before string formatting so that the value pointed to ends up in the string representation. Tested: Added TestLayerStringFormat to //third_party/gvisor/test/packetimpact/testbench:testbench_test PiperOrigin-RevId: 305627821
2020-04-08splice: cap splice calls to MAX_RW_COUNTAndrei Vagin
The Linux does the same. Reported-by: syzbot+e81716e8956e92e9d56b@syzkaller.appspotmail.com PiperOrigin-RevId: 305625439
2020-04-08Bump proc_test's kRSSTolerance to 10MB.Jamie Liu
PiperOrigin-RevId: 305604557
2020-04-08Don't call platform.AddressSpace.MapFile with no permissions.Jamie Liu
PiperOrigin-RevId: 305598136
2020-04-08Clean up TODOsFabricio Voznika
PiperOrigin-RevId: 305592245
2020-04-08Remove InodeOperations FIXMEs that will be obsoleted by VFS2.Dean Deng
PiperOrigin-RevId: 305588941
2020-04-08Handle utimes correctly for shared gofer filesystems.Dean Deng
Determine system time from within the sentry rather than relying on the remote filesystem to prevent inconsistencies. Resolve related TODOs; the time discrepancies in question don't exist anymore. PiperOrigin-RevId: 305557099
2020-04-08file test: Remove FIXME about FIFO. It is already tested in mknod test.Ting-Yu Wang
PiperOrigin-RevId: 305546584
2020-04-08Do not hold FileDescription references in VFS2 procfs inodes.Jamie Liu
FileDescription references are side-effectual; for example, holding a reference on the write end of a pipe prevents reads from the read end from returning EOF. This change is consistent with Linux, but not VFS1; while VFS1 also has this bug, it's less visible there since VFS1 procfs disables caching. Updates #1195 PiperOrigin-RevId: 305545099
2020-04-08Enable SubprocessExited and SubprocessZombie for gVisorFabricio Voznika
Updates #164 PiperOrigin-RevId: 305544029
2020-04-08Remove lostcancel warnings.Adin Scannell
Updates #2243
2020-04-08Fix unused result errors.Adin Scannell
This fixes a bug in the proc net directory. Updates #2243
2020-04-08Fix all printf formatting errors.Adin Scannell
Updates #2243
2020-04-08Fix all copy locks violations.Adin Scannell
This required minor restructuring of how system call tables were saved and restored, but it makes way more sense this way. Updates #2243
2020-04-08Return all packets when Expect fails.Eyal Soha
PiperOrigin-RevId: 305466309
2020-04-08tests: Specify NoRandomSave for PortReuse testsAndrei Vagin
SO_REUSEPORT is not properly restored: https://github.com/google/gvisor/issues/873 PiperOrigin-RevId: 305422775
2020-04-07Add friendlier messages for frequently encountered errors.Ian Lewis
Issue #2270 Issue #1765 PiperOrigin-RevId: 305385436
2020-04-07Update TODO to #238Ian Lewis
Move TODO to #238 so that proper synchronization of operations is handled when we create the urpc client. Issue #238 Fixes #512 PiperOrigin-RevId: 305383924
2020-04-07Make unlink tests pass with goferfsFabricio Voznika
Required directory checks were being skipped when there was no child cached. Now the code always loads the child file before unlinking it. Updates #1198 PiperOrigin-RevId: 305382323
2020-04-07Test TCP sender behavior against window shrinkinggVisor bot
RFC 1122 Section 3.7: A sending TCP MUST be robust against window shrinking, which may cause the "useable window" to become negative. PiperOrigin-RevId: 305377072
2020-04-07Don't map the 0 uid into a sandbox user namespaceAndrei Vagin
Starting with go1.13, we can specify ambient capabilities when we execute a new process with os/exe.Cmd. PiperOrigin-RevId: 305366706
2020-04-07Correctly distinguish between seekable and non-seekable host fds.Dean Deng
Check whether an fd is seekable by calling the seek syscall and examining the return value, instead of checking the file type, which is inaccurate. PiperOrigin-RevId: 305361593
2020-04-07Remove TODOs for local gofer extended attributes.Dean Deng
PiperOrigin-RevId: 305344989
2020-04-07Remove out-of-date TODOs.Ting-Yu Wang
We already have network namespace for netstack. PiperOrigin-RevId: 305341954
2020-04-07Internal change.gVisor bot
PiperOrigin-RevId: 305341059
2020-04-07Require that IPv6 headers be in the first fragmentGhanan Gowripalan
Test: - header_test.TestIPv6ExtHdrIter - ipv6_test.TestReceiveIPv6Fragments Updates #2197, #2333 PiperOrigin-RevId: 305330178
2020-04-07mkdir test: Address TODOs and re-enable a test.Ting-Yu Wang
PiperOrigin-RevId: 305328184