Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-02-19 | Merge release-20200211.0-46-g660cfdf (automated) | gVisor bot | |
2020-02-18 | Merge release-20200211.0-35-g737a3d0 (automated) | gVisor bot | |
2020-02-18 | Merge release-20200211.0-31-g7fdb609 (automated) | gVisor bot | |
2020-02-18 | Merge pull request #1850 from kevinGC:jump2 | gVisor bot | |
PiperOrigin-RevId: 295785052 | |||
2020-02-15 | Merge release-20200211.0-27-g5cc0bbb (automated) | gVisor bot | |
2020-02-15 | Merge release-20200211.0-26-g3d32ad1 (automated) | gVisor bot | |
2020-02-15 | Merge release-20200211.0-25-ga5069f8 (automated) | gVisor bot | |
2020-02-14 | Remove linux.EpollEvent.Fd. | gVisor bot | |
glibc defines struct epoll_event in such a way that epoll_event.data.fd exists. However, the kernel's definition of struct epoll_event makes epoll_event.data an opaque uint64, so naming half of it "fd" just introduces confusion. Remove the Fd field, and make Data a [2]int32 to compensate. Also add required padding to linux.EpollEvent on ARM64. PiperOrigin-RevId: 295250424 | |||
2020-02-14 | Merge release-20200211.0-18-g3c26f5e (automated) | gVisor bot | |
2020-02-14 | Enable automated marshalling for struct stat. | gVisor bot | |
This requires fixing a few build issues for non-am64 platforms. PiperOrigin-RevId: 295196922 | |||
2020-02-14 | Merge release-20200211.0-16-gb2e8690 (automated) | gVisor bot | |
2020-02-14 | Fix various issues related to enabling go-marshal. | gVisor bot | |
- Add missing build tags to files in the abi package. - Add the marshal package as a sentry dependency, allowed by deps_test. - Fix an issue with our top-level go_library BUILD rule, which incorrectly shadows the variable containing the input set of source files. This caused the expansion for the go_marshal clause to silently omit input files. - Fix formatting when copying build tags to gomarshal-generated files. - Fix a bug with import statement collision detection in go-marshal. PiperOrigin-RevId: 295112284 | |||
2020-02-13 | We can now create and jump in iptables. For example: | Kevin Krakauer | |
$ iptables -N foochain $ iptables -A INPUT -j foochain | |||
2020-02-13 | Merge release-20200211.0-11-g69bf39e (automated) | gVisor bot | |
2020-02-13 | Internal change. | gVisor bot | |
PiperOrigin-RevId: 294952610 | |||
2020-02-11 | Merge release-20200127.0-130-g9be46e5 (automated) | gVisor bot | |
2020-02-11 | Merge release-20200127.0-127-g0dd9ee0 (automated) | gVisor bot | |
2020-02-10 | Merge pull request #1775 from kevinGC:tcp-matchers-submit | gVisor bot | |
PiperOrigin-RevId: 294340468 | |||
2020-02-07 | Address GH comments. | Kevin Krakauer | |
2020-02-06 | Merge release-20200127.0-85-g1b6a12a (automated) | gVisor bot | |
2020-02-05 | Merge release-20200127.0-79-gb29aeeb (automated) | gVisor bot | |
2020-02-04 | Merge pull request #1683 from kevinGC:ipt-udp-matchers | gVisor bot | |
PiperOrigin-RevId: 293243342 | |||
2020-02-04 | Merge release-20200127.0-65-g95ce8bb (automated) | gVisor bot | |
2020-01-31 | iptables: enable TCP matching with "-m tcp". | Kevin Krakauer | |
A couple other things that changed: - There's a proper extension registration system for matchers. Anyone adding another matcher can use tcp_matcher.go or udp_matcher.go as a template. - All logging and use of syserr.Error in the netfilter package happens at the highest possible level (public functions). Lower-level functions just return normal, descriptive golang errors. | |||
2020-01-29 | Merge branch 'master' into ipt-udp-matchers | Kevin Krakauer | |
2020-01-29 | Merge release-20200127.0-28-g8dcedc9 (automated) | gVisor bot | |
2020-01-29 | Add //pkg/sentry/devices/memdev. | Jamie Liu | |
PiperOrigin-RevId: 292165063 | |||
2020-01-28 | Merge release-20200115.0-121-g34fbd84 (automated) | gVisor bot | |
2020-01-28 | Add VFS2 support for epoll. | Jamie Liu | |
PiperOrigin-RevId: 291997879 | |||
2020-01-28 | Merge release-20200115.0-120-gd99329e (automated) | gVisor bot | |
2020-01-28 | netlink: add support for RTM_F_LOOKUP_TABLE | Jianfeng Tan | |
Test command: $ ip route get 1.1.1.1 Fixes: #1099 Signed-off-by: Jianfeng Tan <henry.tjf@antfin.com> COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/1121 from tanjianfeng:fix-1099 e6919f3d4ede5aa51a48b3d2be0d7a4b482dd53d PiperOrigin-RevId: 291990716 | |||
2020-01-27 | Cleanup for GH review. | Kevin Krakauer | |
2020-01-27 | Standardize on tools directory. | Adin Scannell | |
PiperOrigin-RevId: 291745021 | |||
2020-01-24 | Merge branch 'master' into ipt-udp-matchers | Kevin Krakauer | |
2020-01-22 | Error marshalling the matcher. | Kevin Krakauer | |
The iptables binary is looking for libxt_.so when it should be looking for libxt_udp.so, so it's having an issue reading the data in xt_match_entry. I think it may be an alignment issue. Trying to fix this is leading to me fighting with the metadata struct, so I'm gonna go kill that. | |||
2020-01-22 | Merge release-20200115.0-62-g0693fb0 (automated) | gVisor bot | |
2020-01-21 | Merge pull request #1505 from xiaobo55x:fcntl_flags | gVisor bot | |
PiperOrigin-RevId: 290840484 | |||
2020-01-21 | Merge release-20200115.0-55-gad1968e (automated) | gVisor bot | |
2020-01-21 | Implement sysfs. | Rahat Mahmood | |
PiperOrigin-RevId: 290822487 | |||
2020-01-21 | Merge release-20200115.0-54-gdc99897 (automated) | gVisor bot | |
2020-01-21 | Removed TCP work (saved in ipt-tcp-match). | Kevin Krakauer | |
2020-01-21 | Add missing verb | Michael Pratt | |
PiperOrigin-RevId: 290821997 | |||
2020-01-21 | Add UDP matchers. | Kevin Krakauer | |
2020-01-16 | Merge release-20200115.0-2-gd6fb1ec (automated) | gVisor bot | |
2020-01-15 | Add timestamps to VFS2 tmpfs, and implement some of SetStat. | Nicolas Lacasse | |
PiperOrigin-RevId: 289962040 | |||
2020-01-13 | Merge release-20191213.0-111-gb30cfb1 (automated) | gVisor bot | |
2020-01-08 | More GH comments. | Kevin Krakauer | |
2020-01-08 | Addressed GH comments | Kevin Krakauer | |
2020-01-08 | Comment cleanup. | Kevin Krakauer | |
2020-01-08 | Write simple ACCEPT rules to the filter table. | Kevin Krakauer | |
This gets us closer to passing the iptables tests and opens up iptables so it can be worked on by multiple people. A few restrictions are enforced for security (i.e. we don't want to let users write a bunch of iptables rules and then just not enforce them): - Only the filter table is writable. - Only ACCEPT rules with no matching criteria can be added. |