Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 263203441
|
|
fsimpl is the keeper of all filesystem implementations in VFS2.
PiperOrigin-RevId: 262617869
|
|
Added benchmark tests which emulate memfs benchmarks.
Stat benchmarks
BenchmarkVFS2Ext4fsStat/1-12 10000000 145 ns/op
BenchmarkVFS2Ext4fsStat/2-12 10000000 170 ns/op
BenchmarkVFS2Ext4fsStat/3-12 10000000 202 ns/op
BenchmarkVFS2Ext4fsStat/8-12 3000000 374 ns/op
BenchmarkVFS2Ext4fsStat/64-12 500000 2159 ns/op
BenchmarkVFS2Ext4fsStat/100-12 300000 3459 ns/op
BenchmarkVFS1TmpfsStat/1-12 5000000 348 ns/op
BenchmarkVFS1TmpfsStat/2-12 3000000 487 ns/op
BenchmarkVFS1TmpfsStat/3-12 2000000 655 ns/op
BenchmarkVFS1TmpfsStat/8-12 1000000 1365 ns/op
BenchmarkVFS1TmpfsStat/64-12 200000 9565 ns/op
BenchmarkVFS1TmpfsStat/100-12 100000 15158 ns/op
BenchmarkVFS2MemfsStat/1-12 10000000 133 ns/op
BenchmarkVFS2MemfsStat/2-12 10000000 155 ns/op
BenchmarkVFS2MemfsStat/3-12 10000000 182 ns/op
BenchmarkVFS2MemfsStat/8-12 5000000 310 ns/op
BenchmarkVFS2MemfsStat/64-12 1000000 1659 ns/op
BenchmarkVFS2MemfsStat/100-12 500000 2787 ns/op
Mount Stat benchmarks
BenchmarkVFS2ExtfsMountStat/1-12 5000000 245 ns/op
BenchmarkVFS2ExtfsMountStat/2-12 5000000 266 ns/op
BenchmarkVFS2ExtfsMountStat/3-12 5000000 304 ns/op
BenchmarkVFS2ExtfsMountStat/8-12 3000000 456 ns/op
BenchmarkVFS2ExtfsMountStat/64-12 500000 2308 ns/op
BenchmarkVFS2ExtfsMountStat/100-12 300000 3482 ns/op
BenchmarkVFS1TmpfsMountStat/1-12 3000000 488 ns/op
BenchmarkVFS1TmpfsMountStat/2-12 2000000 658 ns/op
BenchmarkVFS1TmpfsMountStat/3-12 2000000 806 ns/op
BenchmarkVFS1TmpfsMountStat/8-12 1000000 1514 ns/op
BenchmarkVFS1TmpfsMountStat/64-12 100000 10037 ns/op
BenchmarkVFS1TmpfsMountStat/100-12 100000 15280 ns/op
BenchmarkVFS2MemfsMountStat/1-12 10000000 212 ns/op
BenchmarkVFS2MemfsMountStat/2-12 5000000 232 ns/op
BenchmarkVFS2MemfsMountStat/3-12 5000000 264 ns/op
BenchmarkVFS2MemfsMountStat/8-12 3000000 390 ns/op
BenchmarkVFS2MemfsMountStat/64-12 1000000 1813 ns/op
BenchmarkVFS2MemfsMountStat/100-12 500000 2812 ns/op
PiperOrigin-RevId: 262477158
|
|
Previously we were representing socket addresses as an interface{},
which allowed any type which could be binary.Marshal()ed to be used as
a socket address. This is fine when the address is passed to userspace
via the linux ABI, but is problematic when used from within the sentry
such as by networking procfs files.
PiperOrigin-RevId: 262460640
|
|
PiperOrigin-RevId: 262264674
|
|
PiperOrigin-RevId: 262249166
|
|
PiperOrigin-RevId: 262242410
|
|
PiperOrigin-RevId: 262226761
|
|
- This also gets rid of pipes for now because pipe does not have vfs2 specific
support yet.
- Added file path resolution logic.
- Fixes testing infrastructure.
- Does not include unit tests yet.
PiperOrigin-RevId: 262213950
|
|
(Don't worry, this is mostly tests.)
Implemented the following ioctls:
- TIOCSCTTY - set controlling TTY
- TIOCNOTTY - remove controlling tty, maybe signal some other processes
- TIOCGPGRP - get foreground process group. Also enables tcgetpgrp().
- TIOCSPGRP - set foreground process group. Also enabled tcsetpgrp().
Next steps are to actually turn terminal-generated control characters (e.g. C^c)
into signals to the proper process groups, and to send SIGTTOU and SIGTTIN when
appropriate.
PiperOrigin-RevId: 261387276
|
|
We can get the mount namespace from the CreateProcessArgs in all cases where we
need it. This also gets rid of kernel.Destroy method, since the only thing it
was doing was DecRefing the mounts.
Removing the need to call kernel.SetRootMountNamespace also allowed for some
more simplifications in the container fs setup code.
PiperOrigin-RevId: 261357060
|
|
This is the source of many warnings like:
AtomicRefCount 0x7f5ff84e3500 owned by "fs.Inode" garbage collected with ref count of 1 (want 0)
PiperOrigin-RevId: 261197093
|
|
PiperOrigin-RevId: 260851452
|
|
It gets rid of holding state of the io.Reader offset (which is anyways held by
the vfs.FileDescriptor struct. It is also odd using a io.Reader becuase we
using io.ReaderAt to interact with the device. So making a io.ReaderAt wrapper
makes more sense.
Most importantly, it gets rid of the complexity of extracting the file reader
from a regular file implementation and then using it. Now we can just use the
regular file implementation as a reader which is more intuitive.
PiperOrigin-RevId: 260846927
|
|
Also adds stress tests for block map reader and intensifies extent reader tests.
PiperOrigin-RevId: 260838177
|
|
Adds feature to launch from an open host FD instead of a binary_path.
The FD should point to a valid executable and most likely be statically
compiled. If the executable is not statically compiled, the loader will
search along the interpreter paths, which must be able to be resolved in
the Sandbox's file system or start will fail.
PiperOrigin-RevId: 260756825
|
|
This provides the following benefits:
- We can now use pkg/fd package which does not take ownership
of the file descriptor. So it does not close the fd when garbage collected.
This reduces scope of errors from unexpected garbage collection of io.File.
- It enforces the offset parameter in every read call.
It does not affect the fd offset nor is it affected by it. Hence reducing
scope of error of using stale offsets when reading.
- We do not need to serialize the usage of any global file descriptor anymore.
So this drops the mutual exclusion req hence reducing complexity and
congestion.
PiperOrigin-RevId: 260635174
|
|
PiperOrigin-RevId: 260629559
|
|
PiperOrigin-RevId: 260624470
|
|
PiperOrigin-RevId: 260047477
|
|
PiperOrigin-RevId: 259865366
|
|
PiperOrigin-RevId: 259856442
|
|
PiperOrigin-RevId: 259835948
|
|
PiperOrigin-RevId: 259666476
|
|
PiperOrigin-RevId: 259657917
|
|
PiperOrigin-RevId: 259628657
|
|
copyMu is required to read child.overlay.upper.
PiperOrigin-RevId: 258662209
|
|
PiperOrigin-RevId: 258657913
|
|
PiperOrigin-RevId: 258657776
|
|
PiperOrigin-RevId: 258645957
|
|
PiperOrigin-RevId: 258607547
|
|
We were invalidating the wrong overlayEntry in rename and missing invalidation
in rename and remove if lower exists.
PiperOrigin-RevId: 258604685
|
|
PiperOrigin-RevId: 258479216
|
|
This proc file reports the stats of interfaces. We could use ifconfig
command to check the result.
Signed-off-by: Jianfeng Tan <henry.tjf@antfin.com>
Change-Id: Ia7c1e637f5c76c30791ffda68ee61e861b6ef827
COPYBARA_INTEGRATE_REVIEW=https://gvisor-review.googlesource.com/c/gvisor/+/18282/
PiperOrigin-RevId: 258303936
|
|
PiperOrigin-RevId: 257855479
|
|
|
|
Actual implementation to follow, but this will satisfy applications that
want it to just exist.
|
|
The image is of size 64Kb which supports 64 1k blocks
and 16 inodes. This is the smallest size mkfs.ext4 works with.
Added README.md documenting how this was created and included
all files on the device under assets.
PiperOrigin-RevId: 257712672
|
|
Renamed ext4 to ext since we are targeting ext(2/3/4).
Removed fs.go since we are targeting VFS2.
Added ext.go with filesystem struct.
PiperOrigin-RevId: 257689775
|
|
PiperOrigin-RevId: 257314911
|
|
PiperOrigin-RevId: 257037608
|
|
PiperOrigin-RevId: 257010414
|
|
This renames FDMap to FDTable and drops the kernel.FD type, which had an entire
package to itself and didn't serve much use (it was freely cast between types,
and served as more of an annoyance than providing any protection.)
Based on BenchmarkFDLookupAndDecRef-12, we can expect 5-10 ns per lookup
operation, and 10-15 ns per concurrent lookup operation of savings.
This also fixes two tangential usage issues with the FDMap. Namely, non-atomic
use of NewFDFrom and associated calls to Remove (that are both racy and fail to
drop the reference on the underlying file.)
PiperOrigin-RevId: 256285890
|
|
PiperOrigin-RevId: 256234390
|
|
PiperOrigin-RevId: 255711454
|
|
These are unfortunately unused and unmaintained. They can be brought back in
the future if need requires it.
PiperOrigin-RevId: 255697132
|
|
PiperOrigin-RevId: 255687771
|
|
PiperOrigin-RevId: 255679453
|
|
PiperOrigin-RevId: 255644277
|
|
Readdir of /proc/x/task/ will get direntry entries
from tasks of specified taskgroup. Now the tasks
slice is unsorted, use sort.SearchInts search entry
from the slice may cause infinity loops.
The fix is sort the slice before search.
This issue could be easily reproduced via following
steps, revise Readdir in pkg/sentry/fs/proc/task.go,
force set taskInts into test slice
[]int{1, 11, 7, 5, 10, 6, 8, 3, 9, 2, 4},
then run docker image and run ls /proc/1/task, the
command will cause infinity loops.
|