Age | Commit message (Collapse) | Author |
|
Reported-by: syzbot+beb099a67f670386a367@syzkaller.appspotmail.com
PiperOrigin-RevId: 386521361
|
|
PiperOrigin-RevId: 386323389
|
|
PiperOrigin-RevId: 386312456
|
|
PiperOrigin-RevId: 385894869
|
|
Add support for msgget, and msgctl(IPC_RMID), and enable msgqueue
syscall tests.
Updates #135
|
|
Remove implements the behaviour or msgctl(IPC_RMID).
Updates #135
|
|
FindOrCreate implements the behaviour of msgget(2).
Updates #135
|
|
Create package msgqueue, define primitives to be used for message
queues, and add a msgqueue.Registry to IPCNamespace.
Updates #135
|
|
Create ipc.Registry to hold fields, and define functionality common to
all SysV registries, and have registries use it.
|
|
Create ipc.Object to define fields and functionality used in SysV
mechanisms, and have them use it.
|
|
Kernfs provides an internal mechanism to defer calls to `DecRef()` because
on the last reference `Filesystem.mu` must be held and most places that
need to call `DecRef()` are inside the lock. The same can be true for
filesystems that extend kernfs. procfs needs to look up files and `DecRef()`
them inside the `kernfs.Filesystem.mu`. If the files happen to be procfs
files, it can deadlock trying to decrement if it's the last reference.
This change extends the mechanism to external callers to defer DecRefs
to `vfs.FileDescription` and `vfs.VirtualDentries`.
PiperOrigin-RevId: 384361647
|
|
Update the following from syserror to the linuxerr equivalent:
EEXIST
EFAULT
ENOTDIR
ENOTTY
EOPNOTSUPP
ERANGE
ESRCH
PiperOrigin-RevId: 384329869
|
|
PiperOrigin-RevId: 383940663
|
|
PiperOrigin-RevId: 383705129
|
|
This change makes the checklocks analyzer considerable more powerful, adding:
* The ability to traverse complex structures, e.g. to have multiple nested
fields as part of the annotation.
* The ability to resolve simple anonymous functions and closures, and perform
lock analysis across these invocations. This does not apply to closures that
are passed elsewhere, since it is not possible to know the context in which
they might be invoked.
* The ability to annotate return values in addition to receivers and other
parameters, with the same complex structures noted above.
* Ignoring locking semantics for "fresh" objects, i.e. objects that are
allocated in the local frame (typically a new-style function).
* Sanity checking of locking state across block transitions and returns, to
ensure that no unexpected locks are held.
Note that initially, most of these findings are excluded by a comprehensive
nogo.yaml. The findings that are included are fundamental lock violations.
The changes here should be relatively low risk, minor refactorings to either
include necessary annotations to simplify the code structure (in general
removing closures in favor of methods) so that the analyzer can be easily
track the lock state.
This change additional includes two changes to nogo itself:
* Sanity checking of all types to ensure that the binary and ast-derived
types have a consistent objectpath, to prevent the bug above from occurring
silently (and causing much confusion). This also requires a trick in
order to ensure that serialized facts are consumable downstream. This can
be removed with https://go-review.googlesource.com/c/tools/+/331789 merged.
* A minor refactoring to isolation the objdump settings in its own package.
This was originally used to implement the sanity check above, but this
information is now being passed another way. The minor refactor is preserved
however, since it cleans up the code slightly and is minimal risk.
PiperOrigin-RevId: 382613300
|
|
Update/remove most syserror errors to linuxerr equivalents. For list
of removed errors, see //pkg/syserror/syserror.go.
PiperOrigin-RevId: 382574582
|
|
Update all instances of the above errors to the faster linuxerr implementation.
With the temporary linuxerr.Equals(), no logical changes are made.
PiperOrigin-RevId: 382306655
|
|
Remove three syserror entries duplicated in linuxerr. Because of the
linuxerr.Equals method, this is a mere change of return values from
syserror to linuxerr definitions.
Done with only these three errnos as CLs removing all grow to a significantly
large size.
PiperOrigin-RevId: 382173835
|
|
A caller of CreateProcessGroup looks up a thread group without locks, so
the target process can exit before CreateProcessGroup will be called.
Reported-by: syzbot+6abb7c34663dacbd55a8@syzkaller.appspotmail.com
PiperOrigin-RevId: 381351069
|
|
Compare
if (!thread_group_leader(tracee))
tracee = rcu_dereference(tracee->group_leader);
in security/yama/yama_lsm.c:ptracer_exception_found().
PiperOrigin-RevId: 381074242
|
|
Add Equals method to compare syserror and unix.Errno errors to linuxerr errors.
This will facilitate removal of syserror definitions in a followup, and
finding needed conversions from unix.Errno to linuxerr.
PiperOrigin-RevId: 380909667
|
|
...and pass it explicitly.
This reverts commit b63e61828d0652ad1769db342c17a3529d2d24ed.
PiperOrigin-RevId: 380039167
|
|
Move Error struct to pkg/errors package for use in multiple places.
Move linuxerr static definitions under pkg/errors/linuxerr.
Add a lookup list for quick lookup of *errors.Error by errno. This is useful
when converting syserror errors and unix.Errno/syscall.Errrno values to
*errors.Error.
Update benchmarks routines to include conversions.
The below benchmarks show *errors.Error usage to be comparable to using
unix.Errno.
BenchmarkAssignUnix
BenchmarkAssignUnix-32 787875022 1.284 ns/op
BenchmarkAssignLinuxerr
BenchmarkAssignLinuxerr-32 1000000000 1.209 ns/op
BenchmarkAssignSyserror
BenchmarkAssignSyserror-32 759269229 1.429 ns/op
BenchmarkCompareUnix
BenchmarkCompareUnix-32 1000000000 1.310 ns/op
BenchmarkCompareLinuxerr
BenchmarkCompareLinuxerr-32 1000000000 1.241 ns/op
BenchmarkCompareSyserror
BenchmarkCompareSyserror-32 147196165 8.248 ns/op
BenchmarkSwitchUnix
BenchmarkSwitchUnix-32 373233556 3.664 ns/op
BenchmarkSwitchLinuxerr
BenchmarkSwitchLinuxerr-32 476323929 3.294 ns/op
BenchmarkSwitchSyserror
BenchmarkSwitchSyserror-32 39293408 29.62 ns/op
BenchmarkReturnUnix
BenchmarkReturnUnix-32 1000000000 0.5042 ns/op
BenchmarkReturnLinuxerr
BenchmarkReturnLinuxerr-32 1000000000 0.8152 ns/op
BenchmarkConvertUnixLinuxerr
BenchmarkConvertUnixLinuxerr-32 739948875 1.547 ns/op
BenchmarkConvertUnixLinuxerrZero
BenchmarkConvertUnixLinuxerrZero-32 977733974 1.489 ns/op
PiperOrigin-RevId: 379806801
|
|
There are many references to unimplemented iptables features that link to #170,
but that bug is about Istio support specifically. Istio is supported, so the
references should change.
Some TODOs are addressed, some removed because they are not features requested
by users, and some are left as implementation notes.
Fixes #170.
PiperOrigin-RevId: 379328488
|
|
Both marshal and usermem are depended on by many packages and a dependency on
marshal can often create circular dependencies. marshal should consider adding
internal dependencies carefully moving forward.
Fixes #6160
PiperOrigin-RevId: 379199882
|
|
Between when runExitNotify.execute() returns nil (indicating that the task
goroutine should exit) and when Task.run() advances Task.gosched.State to
TaskGoroutineNonexistent (indicating that the task goroutine is exiting), there
is a race window in which the Task is waitable (since TaskSet.mu is unlocked
and Task.exitParentNotified is true) but will be reported by /proc/[pid]/status
as running. Close the window by checking Task.exitState before task goroutine
exit.
PiperOrigin-RevId: 378711484
|
|
Fixes #214
PiperOrigin-RevId: 378680466
|
|
PiperOrigin-RevId: 378607458
|
|
Updates #214
PiperOrigin-RevId: 378594929
|
|
There were also other duplicate definitions of the same struct that I have now
removed.
Updates #214
PiperOrigin-RevId: 378579954
|
|
This lets us close a tracking bug that's too widely-scoped to be reasonably
finished.
PiperOrigin-RevId: 378563203
|
|
PiperOrigin-RevId: 377975013
|
|
PiperOrigin-RevId: 377370807
|
|
The presence of multiple packages in a single directory sometimes
confuses `go mod`, producing output like:
go: downloading gvisor.dev/gvisor v0.0.0-20210601174640-77dc0f5bc94d
$GOMODCACHE/gvisor.dev/gvisor@v0.0.0-20210601174640-77dc0f5bc94d/pkg/linewriter/linewriter.go:21:2: found packages sync (aliases.go) and seqatomic (generic_atomicptr_unsafe.go) in $GOMODCACHE/gvisor.dev/gvisor@v0.0.0-20210601174640-77dc0f5bc94d/pkg/sync
imports.go:67:2: found packages tcp (accept.go) and rcv (rcv_test.go) in $GOMODCACHE/gvisor.dev/gvisor@v0.0.0-20210601174640-77dc0f5bc94d/pkg/tcpip/transport/tcp
PiperOrigin-RevId: 376956213
|
|
PiperOrigin-RevId: 376747671
|
|
semget(2) man page specifies that ENOSPC should be used if "the system
limit for the maximum number of semaphore sets (SEMMNI), or the system
wide maximum number of semaphores (SEMMNS), would be exceeded."
|
|
nanosleep has to count time that a thread spent in the stopped state.
PiperOrigin-RevId: 376258641
|
|
PiperOrigin-RevId: 375843579
|
|
Remove useless conversions. Avoid unhandled errors.
PiperOrigin-RevId: 375834275
|
|
PiperOrigin-RevId: 375789776
|
|
Introduce tcpip.MonotonicTime; replace int64 in tcpip.Clock method
returns with time.Time and MonotonicTime to improve type safety and
ensure that monotonic clock readings are never compared to wall clock
readings.
PiperOrigin-RevId: 375775907
|
|
|
|
Fixes #5974
Updates #161
PiperOrigin-RevId: 375024740
|
|
PiperOrigin-RevId: 375007632
|
|
Previously, mount could discover a hierarchy being destroyed
concurrently, which resulted in mount attempting to take a ref on an
already destroyed cgroupfs.
Reported-by: syzbot+062c0a67798a200f23ee@syzkaller.appspotmail.com
PiperOrigin-RevId: 374959054
|
|
|
|
O_PATH is now implemented in vfs2.
Fixes #2782.
PiperOrigin-RevId: 373861410
|
|
Previously, registration was racy because we were publishing
hierarchies in the registry without fully initializing the underlying
filesystem. This led to concurrent mount(2)s discovering the partially
intialized filesystems and dropping the final refs on them which cause
them to be freed prematurely.
Reported-by: syzbot+13f54e77bdf59f0171f0@syzkaller.appspotmail.com
Reported-by: syzbot+2c7f0a9127ac6a84f17e@syzkaller.appspotmail.com
PiperOrigin-RevId: 373824552
|
|
The newly added Weirdness metric with fields should be used instead of them.
Simple query for weirdness metric: http://shortn/_DGNk0z2Up6
PiperOrigin-RevId: 370578132
|
|
Weirdness metric contains fields to track the number of clock fallback,
partial result and vsyscalls. This metric will avoid the overhead of
having three different metrics (fallbackMetric, partialResultMetric,
vsyscallCount).
PiperOrigin-RevId: 369970218
|