summaryrefslogtreecommitdiffhomepage
path: root/pkg/abi
AgeCommit message (Collapse)Author
2021-04-12Merge release-20210408.0-22-g982fc8b57 (automated)gVisor bot
2021-04-12[op] Use faster go_marshal methods in netfilter.Ayush Ranjan
Use MarshalUnsafe for packed types as it is faster than MarshalBytes. PiperOrigin-RevId: 368076368
2021-04-10Merge release-20210408.0-17-gd1edabdca (automated)gVisor bot
2021-04-09iptables: support postrouting hook and SNAT targetToshi Kikuchi
The current SNAT implementation has several limitations: - SNAT source port has to be specified. It is not optional. - SNAT source port range is not supported. - SNAT for UDP is a one-way translation. No response packets are handled (because conntrack doesn't support UDP currently). - SNAT and REDIRECT can't work on the same connection. Fixes #5489 PiperOrigin-RevId: 367750325
2021-04-03Merge release-20210322.0-38-g932c8abd0 (automated)gVisor bot
2021-04-02Implement cgroupfs.Rahat Mahmood
A skeleton implementation of cgroupfs. It supports trivial cpu and memory controllers with no support for hierarchies. PiperOrigin-RevId: 366561126
2021-04-01Merge release-20210322.0-33-gb2ea37401 (automated)gVisor bot
2021-04-01Internal changesBhasker Hariharan
PiperOrigin-RevId: 366344805
2021-03-29Merge release-20210322.0-29-g8a2f7e716 (automated)gVisor bot
2021-03-23Merge release-20210315.0-15-gacb4c6288 (automated)gVisor bot
2021-03-23Merge release-20210315.0-9-gc0bd71c5a (automated)gVisor bot
2021-03-22Merge release-20210315.0-6-g6bd2c6ce7 (automated)gVisor bot
2021-03-11Merge release-20210301.0-35-g1020ac83f (automated)gVisor bot
2021-03-11Move Arch specific code to arch specific files.Bhasker Hariharan
PiperOrigin-RevId: 362297474
2021-02-24Merge release-20210208.0-85-gacd516cfe (automated)gVisor bot
2021-02-24Add YAMA security module restrictions on ptrace(2).Dean Deng
Restrict ptrace(2) according to the default configurations of the YAMA security module (mode 1), which is a common default among various Linux distributions. The new access checks only permit the tracer to proceed if one of the following conditions is met: a) The tracer is already attached to the tracee. b) The target is a descendant of the tracer. c) The target has explicitly given permission to the tracer through the PR_SET_PTRACER prctl. d) The tracer has CAP_SYS_PTRACE. See security/yama/yama_lsm.c for more details. Note that these checks are added to CanTrace, which is checked for PTRACE_ATTACH as well as some other operations, e.g., checking a process' memory layout through /proc/[pid]/mem. Since this patch adds restrictions to ptrace, it may break compatibility for applications run by non-root users that, for instance, rely on being able to trace processes that are not descended from the tracer (e.g., `gdb -p`). YAMA restrictions can be turned off by setting /proc/sys/kernel/yama/ptrace_scope to 0, or exceptions can be made on a per-process basis with the PR_SET_PTRACER prctl. Reported-by: syzbot+622822d8bca08c99e8c8@syzkaller.appspotmail.com PiperOrigin-RevId: 359237723
2021-02-09Merge release-20210201.0-57-gcfa4633c3 (automated)gVisor bot
2021-02-08[go-marshal] Add dynamic tag in go_marshal.Ayush Ranjan
This makes it easier to implement dynamically sized types in go-marshal. You really only need to implement MarshalBytes, UnmarshalBytes and SizeBytes to implement the entire interface. By using the `dynamic` tag, the autogenerator will generate the rest of the methods for us. This change also simplifies how KernelIPTGetEntries implements Marshallable using the newly added utility. PiperOrigin-RevId: 356397114
2021-01-29Merge release-20210125.0-31-g0a52b6479 (automated)gVisor bot
2021-01-29- Add more comments for the TCP_INFO struct fields.Nayana Bidari
PiperOrigin-RevId: 354595623
2021-01-28Merge release-20210112.0-104-g99988e45e (automated)gVisor bot
2021-01-27Add support for more fields in netstack for TCP_INFONayana Bidari
This CL adds support for the following fields: - RTT, RTTVar, RTO - send congestion window (sndCwnd) and send slow start threshold (sndSsthresh) - congestion control state(CaState) - ReorderSeen PiperOrigin-RevId: 354195361
2021-01-22Merge release-20210112.0-75-gf52f0101b (automated)gVisor bot
2021-01-22Implement F_GETLK fcntl.Dean Deng
Fixes #5113. PiperOrigin-RevId: 353313374
2021-01-12Merge release-20201216.0-87-g4e03e8754 (automated)gVisor bot
2021-01-12Fix simple mistakes identified by goreportcard.Adin Scannell
These are primarily simplification and lint mistakes. However, minor fixes are also included and tests added where appropriate. PiperOrigin-RevId: 351425971
2021-01-06Merge release-20201208.0-117-gabe9d9f67 (automated)gVisor bot
2021-01-06Support add/remove IPv6 multicast group sock optGhanan Gowripalan
IPv4 was always supported but UDP never supported joining/leaving IPv6 multicast groups via socket options. Add: IPPROTO_IPV6, IPV6_JOIN_GROUP/IPV6_ADD_MEMBERSHIP Remove: IPPROTO_IPV6, IPV6_LEAVE_GROUP/IPV6_DROP_MEMBERSHIP Test: integration_test.TestUDPAddRemoveMembershipSocketOption PiperOrigin-RevId: 350396072
2020-12-30Merge release-20201208.0-98-g0fb5de115 (automated)gVisor bot
2020-12-30Merge release-20201208.0-97-g1b66bad7c (automated)gVisor bot
2020-12-30Merge release-20201208.0-96-ged5850e8e (automated)gVisor bot
2020-12-30Merge release-20201208.0-95-gfc153750e (automated)gVisor bot
2020-12-30Merge release-20201208.0-94-gffa9a715a (automated)gVisor bot
2020-12-30Merge release-20201208.0-93-g3c58405a5 (automated)gVisor bot
2020-12-30Merge release-20201208.0-92-gd302c0570 (automated)gVisor bot
2020-12-30Merge release-20201208.0-91-g85c1c3ed4 (automated)gVisor bot
2020-12-29Merge release-20201208.0-90-g91c05c609 (automated)gVisor bot
2020-12-28Merge release-20201208.0-89-g3ff7324df (automated)gVisor bot
2020-12-17[netstack] Implement MSG_ERRQUEUE flag for recvmsg(2).Ayush Ranjan
Introduces the per-socket error queue and the necessary cmsg mechanisms. PiperOrigin-RevId: 348028508
2020-12-15Implement command SEM_INFO and SEM_STAT for semctl.Jing Chen
PiperOrigin-RevId: 347711998
2020-12-15Merge release-20201208.0-45-gb2a697334 (automated)gVisor bot
2020-12-15Merge release-20201208.0-44-ga1c56bc22 (automated)gVisor bot
2020-12-14Merge release-20201208.0-43-g2e191cb3f (automated)gVisor bot
2020-12-14Merge release-20201208.0-42-g65e4ed8fb (automated)gVisor bot
2020-12-14Merge release-20201208.0-41-gab593661e (automated)gVisor bot
2020-12-12Merge release-20201208.0-40-g08d36b6c6 (automated)gVisor bot
2020-12-12Merge release-20201208.0-39-g4aef908c9 (automated)gVisor bot
2020-12-12Merge release-20201208.0-38-g4b697aae5 (automated)gVisor bot
2020-12-12Merge release-20201208.0-37-gbe5922fbd (automated)gVisor bot
2020-12-12Merge release-20201208.0-36-g1e92732eb (automated)gVisor bot