summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2018-07-03Handle NUL-only paths in execMichael Pratt
The path in execve(2), interpreter script, and ELF interpreter may all be no more than a NUL-byte. Handle each of those cases. PiperOrigin-RevId: 203155745 Change-Id: I1c8b1b387924b23b2cf942341dfc76c9003da959
2018-07-03runsc: Mount "mandatory" mounts right after mounting the root.Nicolas Lacasse
The /proc and /sys mounts are "mandatory" in the sense that they should be mounted in the sandbox even when they are not included in the spec. Runsc treats /tmp similarly, because it is faster to use the internal tmpfs implementation instead of proxying to the host. However, the spec may contain submounts of these mandatory mounts (particularly for /tmp). In those cases, we must mount our mandatory mounts before the submount, otherwise the submount will be masked. Since the mandatory mounts are all top-level directories, we can mount them right after the root. PiperOrigin-RevId: 203145635 Change-Id: Id69bae771d32c1a5b67e08c8131b73d9b42b2fbf
2018-07-02runsc/boot/filter: permit SYS_TIME for raceDmitry Vyukov
glibc's malloc also uses SYS_TIME. Permit it. #0 0x0000000000de6267 in time () #1 0x0000000000db19d8 in get_nprocs () #2 0x0000000000d8a31a in arena_get2.part () #3 0x0000000000d8ab4a in malloc () #4 0x0000000000d3c6b5 in __sanitizer::InternalAlloc(unsigned long, __sanitizer::SizeClassAllocatorLocalCache<__sanitizer::SizeClassAllocator32<0ul, 140737488355328ull, 0ul, __sanitizer::SizeClassMap<3ul, 4ul, 8ul, 17ul, 64ul, 14ul>, 20ul, __sanitizer::TwoLevelByteMap<32768ull, 4096ull, __sanitizer::NoOpMapUnmapCallback>, __sanitizer::NoOpMapUnmapCallback> >*, unsigned long) () #5 0x0000000000d4cd70 in __tsan_go_start () #6 0x00000000004617a3 in racecall () #7 0x00000000010f4ea0 in runtime.findfunctab () #8 0x000000000043f193 in runtime.racegostart () Signed-off-by: Dmitry Vyukov <dvyukov@google.com> [mpratt@google.com: updated comments and commit message] Signed-off-by: Michael Pratt <mpratt@google.com> Change-Id: Ibe2d0dc3035bf5052d5fb802cfaa37c5e0e7a09a PiperOrigin-RevId: 203042627
2018-07-02Hold d.parent.mu when reading d.nameMichael Pratt
PiperOrigin-RevId: 203041657 Change-Id: I120783d91712818e600505454c9276f8d9877f37
2018-07-02runsc: fix panic for `runsc wait` on stopped container.Lantao Liu
PiperOrigin-RevId: 203016694 Change-Id: Ic51ef754aa6d7d1b3b35491aff96a63d7992e122
2018-07-02Make default limits the same as with runcFabricio Voznika
Closes #2 PiperOrigin-RevId: 202997196 Change-Id: I0c9f6f5a8a1abe1ae427bca5f590bdf9f82a6675
2018-07-02Drop version option from mount commandMichael Pratt
Fun fact: in protocol version negotiation, our 9p version must be written "9P2000.L". In the 'version' mount option, it must be written "9p2000.L". Very consistent! The mount command as given complains about an unknown protocol version. Drop it entirely because Linux defaults to 9p2000.L anyways. PiperOrigin-RevId: 202971961 Change-Id: I5d46c83f03182476033db9c36870c68aeaf30f65
2018-06-29Fix typo.Brielle Broder
PiperOrigin-RevId: 202720658 Change-Id: Iff42fd23f831ee7f29ddd6eb867020b76ed1eb23
2018-06-29Sets the restore environment for restoring a container.Justine Olshan
Updated how restoring occurs through boot.go with a separate Restore function. This prevents a new process and new mounts from being created. Added tests to ensure the container is restored. Registered checkpoint and restore commands so they can be used. Docker support for these commands is still limited. Working on #80. PiperOrigin-RevId: 202710950 Change-Id: I2b893ceaef6b9442b1ce3743bd112383cb92af0c
2018-06-29Added leave-running flag for checkpoint.Brielle Broder
The leave-running flag allows the container to continue running after a checkpoint has occurred by doing an immediate restore into a new container with the same container ID after the old container is destroyed. Updates #80. PiperOrigin-RevId: 202695426 Change-Id: Iac50437f5afda018dc18b24bb8ddb935983cf336
2018-06-29Panic in netstack during cleanup where a FIN becomes a RST.Brian Geffon
There is a subtle bug where during cleanup with unread data a FIN can be converted to a RST, at that point the entire connection should be aborted as we're not expecting any ACKs to the RST. PiperOrigin-RevId: 202691271 Change-Id: Idae70800208ca26e07a379bc6b2b8090805d0a22
2018-06-29aio: Return EINVAL if the number of events is negative.Nicolas Lacasse
PiperOrigin-RevId: 202671065 Change-Id: I248b74544d47ddde9cd59d89aa6ccb7dad2b6f89
2018-06-28Hold t.mu while calling t.FSContext().Nicolas Lacasse
PiperOrigin-RevId: 202562686 Change-Id: I0f5be7cc9098e86fa31d016251c127cb91084b05
2018-06-28runsc: Add the "wait" subcommand.Kevin Krakauer
Users can now call "runsc wait <container id>" to wait on a particular process inside the container. -pid can also be used to wait on a specific PID. Manually tested the wait subcommand for a single waiter and multiple waiters (simultaneously 2 processes waiting on the container and 2 processes waiting on a PID within the container). PiperOrigin-RevId: 202548978 Change-Id: Idd507c2cdea613c3a14879b51cfb0f7ea3fb3d4c
2018-06-28Add more image testsFabricio Voznika
PiperOrigin-RevId: 202537696 Change-Id: I900fe8fd36cc7a4edb44fe2d03f8ba6768db53cb
2018-06-28Wait for sandbox process when waiting for root containerFabricio Voznika
Closes #71 PiperOrigin-RevId: 202532762 Change-Id: I80a446ff638672ff08e6fd853cd77e28dd05d540
2018-06-28Check for invalid offset when submitting an AIO read/write request.Nicolas Lacasse
PiperOrigin-RevId: 202528335 Change-Id: Ic32312cf4337bcb40a7155cb2174e5cd89a280f7
2018-06-28Error out if spec is invalidFabricio Voznika
Closes #66 PiperOrigin-RevId: 202496258 Change-Id: Ib9287c5bf1279ffba1db21ebd9e6b59305cddf34
2018-06-28Add option to configure watchdog actionFabricio Voznika
PiperOrigin-RevId: 202494747 Change-Id: I4d4a18e71468690b785060e580a5f83c616bd90f
2018-06-27Fix semaphore data racesFabricio Voznika
PiperOrigin-RevId: 202371908 Change-Id: I72603b1d321878cae6404987c49e64732b676331
2018-06-27Call mm.CheckIORange() when copying in IOVecs.Nicolas Lacasse
CheckIORange is analagous to Linux's access_ok() method, which is checked when copying in IOVecs in both lib/iov_iter.c:import_single_range() and lib/iov_iter.c:import_iovec() => fs/read_write.c:rw_copy_check_uvector(). gVisor copies in IOVecs via Task.SingleIOSequence() and Task.CopyInIovecs(). We were checking the address range bounds, but not whether the address is valid. To conform with linux, we should also check that the address is valid. For usual preadv/pwritev syscalls, the effect of this change is not noticeable, since we find out that the address is invalid before the syscall completes. For vectorized async-IO operations, however, this change is necessary because Linux returns EFAULT when the operation is submitted, but before it executes. Thus, we must validate the iovecs when copying them in. PiperOrigin-RevId: 202370092 Change-Id: I8759a63ccf7e6b90d90d30f78ab8935a0fcf4936
2018-06-27Ignore MADV_DONTDUMP and MADV_DODUMP.Jamie Liu
PiperOrigin-RevId: 202361912 Change-Id: I1d0ee529073954d467b870872f494cebbf8ea61a
2018-06-27Added MkdirAll capabilities for Checkpoint's image-path.Brielle Broder
Now able to save the state file (checkpoint.img) at an image-path that had previously not existed. This is important because there can only be one checkpoint.img file per directory so this will enable users to create as many directories as needed for proper organization. PiperOrigin-RevId: 202360414 Change-Id: If5dd2b72e08ab52834a2b605571186d107b64526
2018-06-26Add KVM, overlay and host network to image testsFabricio Voznika
PiperOrigin-RevId: 202236006 Change-Id: I4ea964a70fc49e8b51c9da27d77301c4eadaae71
2018-06-26Change SIGCHLD to SIGKILL in ptrace stubs.Adin Scannell
If the child stubs are killed by any unmaskable signal (e.g. SIGKILL), then the parent process will similarly be killed, resulting in the death of all other stubs. The effect of this is that if the OOM killer selects and kills a stub, the effect is the same as though the OOM killer selected and killed the sentry. PiperOrigin-RevId: 202219984 Change-Id: I0b638ce7e59e0a0f4d5cde12a7d05242673049d7
2018-06-26runsc: set gofer umask to 0.Lantao Liu
PiperOrigin-RevId: 202185642 Change-Id: I2eefcc0b2ffadc6ef21d177a8a4ab0cda91f3399
2018-06-26Use the correct Context for /proc/[pid]/maps.Jamie Liu
PiperOrigin-RevId: 202180487 Change-Id: I95cce41a4842ab731a4821b387b32008bfbdcb08
2018-06-26Fix data races in Unix socketsIan Gudger
PiperOrigin-RevId: 202175558 Change-Id: I0113cb9a90d7a0cd7964bf43eef67f70c92d9589
2018-06-26Add Context to seqfile.SeqSource.ReadSeqFileData.Jamie Liu
PiperOrigin-RevId: 202163895 Change-Id: Ib9942fcff80c0834216f4f10780662bef5b52270
2018-06-26Automated rollback of changelist 201596247Brian Geffon
PiperOrigin-RevId: 202151720 Change-Id: I0491172c436bbb32b977f557953ba0bc41cfe299
2018-06-26Internal change.Googler
PiperOrigin-RevId: 202106801 Change-Id: I2512b8982c3bcb027621e768759be2b628a5ad26
2018-06-25Fix panic messageMichael Pratt
The arguments are backwards from the message. PiperOrigin-RevId: 202054887 Change-Id: Id5750a84ca091f8b8fbe15be8c648d4fa3e31eb2
2018-06-25Check for empty applicationAddrRange in MM.DecUsers.Jamie Liu
PiperOrigin-RevId: 202043776 Change-Id: I4373abbcf735dc1cf4bebbbbb0c7124df36e9e78
2018-06-25Don't read cwd or root without holding muMichael Pratt
PiperOrigin-RevId: 202043090 Change-Id: I3c47fb3413ca8615d50d8a0503d72fcce9b09421
2018-06-25MountSource.Root() should return a refernce on the dirent.Nicolas Lacasse
PiperOrigin-RevId: 202038397 Change-Id: I074d525f2e2d9bcd43b247b62f86f9129c101b78
2018-06-25Don't read FSContext.root without holding FSContext.muMichael Pratt
IsChrooted still has the opportunity to race with another thread entering the FSContext into a chroot, but that is unchanged (and fine, AFAIK). PiperOrigin-RevId: 202029117 Change-Id: I38bce763b3a7715fa6ae98aa200a19d51a0235f1
2018-06-25runsc: add a `multi-container` flag to enable multi-container support.Lantao Liu
PiperOrigin-RevId: 201995800 Change-Id: I770190d135e14ec7da4b3155009fe10121b2a502
2018-06-25Fix lint errorsFabricio Voznika
PiperOrigin-RevId: 201978212 Change-Id: Ie3df1fd41d5293fff66b546a0c68c3bf98126067
2018-06-22Remove nginx failure note now that it worksMichael Pratt
Updates #1 PiperOrigin-RevId: 201760129 Change-Id: Ifd8ce9e0f93c6771083dc9bf8d35a2800c13481a
2018-06-22Add rpcinet support for SIOCGIFCONF.Brian Geffon
The interfaces and their addresses are already available via the stack Intefaces and InterfaceAddrs. Also add some tests as we had no tests around SIOCGIFCONF. I also added the socket_netgofer lifecycle for IOCTL tests. PiperOrigin-RevId: 201744863 Change-Id: Ie0a285a2a2f859fa0cafada13201d5941b95499a
2018-06-22runsc: Enable waiting on individual containers within a sandbox.Kevin Krakauer
PiperOrigin-RevId: 201742160 Change-Id: Ia9fa1442287c5f9e1196fb117c41536a80f6bb31
2018-06-22Simplify some handle logic.Nicolas Lacasse
PiperOrigin-RevId: 201738936 Change-Id: Ib75136415e28e8df0c742acd6b9512d4809fe3a8
2018-06-22Handle mremap(old_size=0).Jamie Liu
PiperOrigin-RevId: 201729703 Change-Id: I486900b0c6ec59533b88da225a5829c474e35a70
2018-06-22Netstack should return EOF on closed read.Brian Geffon
The shutdown behavior where we return EAGAIN for sockets which are non-blocking is only correct for packet based sockets. SOCK_STREAM sockets should return EOF. PiperOrigin-RevId: 201703055 Change-Id: I20b25ceca7286c37766936475855959706fc5397
2018-06-22Modified Checkpoint/Restore flags to improve compatibility with Docker.Brielle Broder
Added a number of unimplemented flags required for using runsc's Checkpoint and Restore with Docker. Modified the "image-path" flag to require a directory instead of a file. PiperOrigin-RevId: 201697486 Change-Id: I55883df2f1bbc3ec3c395e0ca160ce189e5e7eba
2018-06-21netstack: tcp socket connected state S/R support.Zhaozhong Ni
PiperOrigin-RevId: 201596247 Change-Id: Id22f47b2cdcbe14aa0d930f7807ba75f91a56724
2018-06-21Drop return from SendExternalSignalMichael Pratt
SendExternalSignal is no longer called before CreateProcess, so it can enforce this simplified precondition. StartForwarding, and after Kernel.Start. PiperOrigin-RevId: 201591170 Change-Id: Ib7022ef7895612d7d82a00942ab59fa433c4d6e9
2018-06-21Forward SIGUSR2 to the sandbox tooFabricio Voznika
SIGUSR2 was being masked out to be used as a way to dump sentry stacks. This could cause compatibility problems in cases anyone uses SIGUSR2 to communicate with the container init process. PiperOrigin-RevId: 201575374 Change-Id: I312246e828f38ad059139bb45b8addc2ed055d74
2018-06-21Implement ioctl(FIOASYNC)Ian Gudger
FIOASYNC and friends are used to send signals when a file is ready for IO. This may or may not be needed by Nginx. While Nginx does use it, it is unclear if the code that uses it has any effect. PiperOrigin-RevId: 201550828 Change-Id: I7ba05a7db4eb2dfffde11e9bd9a35b65b98d7f50
2018-06-21Added functionality to create a RestoreEnvironment.Justine Olshan
Before a container can be restored, the mounts must be configured. The root and submounts and their key information is compiled into a RestoreEnvironment. Future code will be added to set this created environment before restoring a container. Tests to ensure the correct environment were added. PiperOrigin-RevId: 201544637 Change-Id: Ia894a8b0f80f31104d1c732e113b1d65a4697087