summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/fs
AgeCommit message (Collapse)Author
2020-12-28Merge release-20201208.0-89-g3ff7324df (automated)gVisor bot
2020-12-23vfs1: don't allow to open socket filesAndrei Vagin
open() has to return ENXIO in this case. O_PATH isn't supported by vfs1. PiperOrigin-RevId: 348820478
2020-12-11Merge release-20201208.0-31-g4cba3904f (automated)gVisor bot
2020-12-11Remove existing nogo exceptions.Adin Scannell
PiperOrigin-RevId: 347047550
2020-12-04Merge release-20201130.0-37-g6708c8c97 (automated)gVisor bot
2020-12-04Require sync.RWMutex to lock and unlock from the same goroutineMichael Pratt
This is the RWMutex equivalent to the preceding sync.Mutex CL. Updates #4804 PiperOrigin-RevId: 345681051
2020-12-02Merge release-20201117.0-90-gb26dd6d9b (automated)gVisor bot
2020-12-02Add /proc/sys/kernel/sem.Jing Chen
PiperOrigin-RevId: 345178956
2020-11-19Merge release-20201109.0-89-g3454d5721 (automated)gVisor bot
2020-11-19Require sync.Mutex to lock and unlock from the same goroutineMichael Pratt
We would like to track locks ordering to detect ordering violations. Detecting violations is much simpler if mutexes must be unlocked by the same goroutine that locked them. Thus, as a first step to tracking lock ordering, add this lock/unlock requirement to gVisor's sync.Mutex. This is more strict than the Go standard library's sync.Mutex, but initial testing indicates only a single lock that is used across goroutines. The new sync.CrossGoroutineMutex relaxes the requirement (but will not provide lock order checking). Due to the additional overhead, enforcement is only enabled with the "checklocks" build tag. Build with this tag using: bazel build --define=gotags=checklocks ... From my spot-checking, this has no changed inlining properties when disabled. Updates #4804 PiperOrigin-RevId: 343370200
2020-11-19Merge release-20201109.0-81-g3a16b829c (automated)gVisor bot
2020-11-18Port filesystem metrics to VFS2.Jamie Liu
PiperOrigin-RevId: 343196927
2020-11-16Merge release-20201109.0-51-gcc5cfce4c (automated)gVisor bot
2020-11-16Remove ARP address workaroundGhanan Gowripalan
- Make AddressableEndpoint optional for NetworkEndpoint. Not all NetworkEndpoints need to support addressing (e.g. ARP), so AddressableEndpoint should only be implemented for protocols that support addressing such as IPv4 and IPv6. With this change, tcpip.ErrNotSupported will be returned by the stack when attempting to modify addresses on a network endpoint that does not support addressing. Now that packets are fully handled at the network layer, and (with this change) addresses are optional for network endpoints, we no longer need the workaround for ARP where a fake ARP address was added to each NIC that performs ARP so that packets would be delivered to the ARP layer. PiperOrigin-RevId: 342722547
2020-11-13Merge release-20201030.0-79-g62db1fad2 (automated)gVisor bot
2020-11-12Fix misuses of kernel.Task as context.Context.Jamie Liu
kernel.Task can only be used as context.Context by that Task's task goroutine. This is violated in at least two places: - In any case where one thread accesses the /proc/[tid] of any other thread, passing the kernel.Task for [tid] as the context.Context is incorrect. - Task.rebuildTraceContext() may be called by Kernel.RebuildTraceContexts() outside the scope of any task goroutine. Fix these (as well as a data race on Task.traceContext discovered during the course of finding the latter). PiperOrigin-RevId: 342174404
2020-11-03Merge release-20201027.0-63-g1cfa8d58f (automated)gVisor bot
2020-11-03Fix more nogo testsTing-Yu Wang
PiperOrigin-RevId: 340536306
2020-11-03Merge release-20201027.0-61-g723464ec5 (automated)gVisor bot
2020-11-03Make pipe min/max sizes match linux.Nicolas Lacasse
The default pipe size already matched linux, and is unchanged. Furthermore `atomicIOBytes` is made a proper constant (as it is in Linux). We were plumbing usermem.PageSize everywhere, so this is no functional change. PiperOrigin-RevId: 340497006
2020-10-28Merge release-20201019.0-73-g1c2836da3 (automated)gVisor bot
2020-10-27Implement /proc/[pid]/memLennart
This PR implements /proc/[pid]/mem for `pkg/sentry/fs` (refer to #2716) and `pkg/sentry/fsimpl`. @majek COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/4060 from lnsp:proc-pid-mem 2caf9021254646f441be618a9bb5528610e44d43 PiperOrigin-RevId: 339369629
2020-10-24Merge release-20201019.0-51-g9f87400f0 (automated)gVisor bot
2020-10-23Support VFS2 save/restore.Jamie Liu
Inode number consistency checks are now skipped in save/restore tests for reasons described in greatest detail in StatTest.StateDoesntChangeAfterRename. They pass in VFS1 due to the bug described in new test case SimpleStatTest.DifferentFilesHaveDifferentDeviceInodeNumberPairs. Fixes #1663 PiperOrigin-RevId: 338776148
2020-10-13Merge release-20200928.0-104-g1a6948737 (automated)gVisor bot
2020-10-13Don't read beyond EOF when inserting into sentry page cache.Jamie Liu
The sentry page cache stores file contents at page granularity; this is necessary for memory mappings. Thus file offset ranges passed to fsutil.FileRangeSet.Fill() must be page-aligned. If the read callback passed to Fill() returns (partial read, nil error) when reading up to EOF (which is the case for p9.ClientFile.ReadAt() since 9P's Rread cannot convey both a partial read and EOF), Fill() will re-invoke the read callback to try to read from EOF to the end of the containing page, which is harmless but needlessly expensive. Fix this by handling file size explicitly in fsutil.FileRangeSet.Fill(). PiperOrigin-RevId: 336934075
2020-10-13Merge release-20200928.0-102-g432963dd2 (automated)gVisor bot
2020-10-13[vfs2] Don't take reference in Task.MountNamespaceVFS2 and MountNamespace.Root.Dean Deng
This fixes reference leaks related to accidentally forgetting to DecRef() after calling one or the other. PiperOrigin-RevId: 336918922
2020-10-09Merge release-20200928.0-78-g743327817 (automated)gVisor bot
2020-10-09Merge release-20200928.0-77-g257703c05 (automated)gVisor bot
2020-10-09Automated rollback of changelist 336304024Ghanan Gowripalan
PiperOrigin-RevId: 336339194
2020-10-09Merge release-20200928.0-74-g8566decab (automated)gVisor bot
2020-10-09Automated rollback of changelist 336185457Bhasker Hariharan
PiperOrigin-RevId: 336304024
2020-10-08Merge release-20200928.0-71-g6768e6c59 (automated)gVisor bot
2020-10-08Do not resolve routes immediatelyGhanan Gowripalan
When a response needs to be sent to an incoming packet, the stack should consult its neighbour table to determine the remote address's link address. When an entry does not exist in the stack's neighbor table, the stack should queue the packet while link resolution completes. See comments. PiperOrigin-RevId: 336185457
2020-10-08Merge release-20200928.0-66-ga55bd73d4 (automated)gVisor bot
2020-10-07Add staticcheck and staticstyle analyzers.Adin Scannell
This change also adds support to go_stateify for detecting an appropriate receiver name, avoiding a large number of false positives. PiperOrigin-RevId: 335994587
2020-09-29Merge release-20200921.0-71-g4a428b13b (automated)gVisor bot
2020-09-29Add /proc/[pid]/cwdFabricio Voznika
PiperOrigin-RevId: 334478850
2020-09-21Merge release-20200907.0-157-gca3087472 (automated)gVisor bot
2020-09-20Merge pull request #3651 from ianlewis:ip-forwardinggVisor bot
PiperOrigin-RevId: 332760843
2020-09-18Merge pull request #3989 from jinmouil:feature/fuse-fixgVisor bot
PiperOrigin-RevId: 332548335
2020-09-18fuse: update design doc with I/O implementationJinmou Li
2020-09-16Merge pull request #3934 from avagin:feature/fusegVisor bot
PiperOrigin-RevId: 332122081
2020-09-16Update fuse.md design doc with design detailsJinmou Li
2020-09-16Revert "fuse: add benchmarking support for FUSE"Andrei Vagin
test/fuse/benchmark/read_benchmark.cc:34: Failure Expected: (fuse_prefix) != (nullptr), actual: NULL vs (nullptr) external/com_google_benchmark/src/benchmark_runner.cc:120: RunInThread: Check `st.iterations() >= st.max_iterations' failed. Benchmark returned before State::KeepRunning() returned false! --- FAIL: Benchmarks_BM_Read/262144/real_time (0.29s) runner.go:502: test "Benchmarks.BM_Read/262144/real_time" failed with error exit status 134, want nil FAIL
2020-09-16fuse: add benchmarking support for FUSEBoyuan He & Ridwan Sharif
This change adds the following: - Add support for containerizing syscall tests for FUSE - Mount tmpfs in the container so we can run benchmarks against it - Run the server in a background process - benchmarks for fuse syscall Co-authored-by: Ridwan Sharif <ridwanmsharif@google.com>
2020-09-14Merge release-20200907.0-40-g2969b1740 (automated)gVisor bot
2020-09-14Correct FDSize in /proc/[pid]/status.Jamie Liu
In Linux, FDSize is fs/proc/array.c:task_state() => struct fdtable::max_fds, which is set to the underlying array's length in fs/file.c:alloc_fdtable(). Follow-up changes: - Remove FDTable.GetRefs() and FDTable.GetRefsVFS2(), which are unused. - Reset FDTable.used to 0 during restore, since the subsequent calls to FDTable.setAll() increment it again, causing its value to be doubled. (After this CL, FDTable.used is only used to avoid reallocation in FDTable.GetFDs(), so this fix is not very visible.) PiperOrigin-RevId: 331588190
2020-09-12Merge release-20200907.0-37-g3ca73841d (automated)gVisor bot