summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/loader
AgeCommit message (Collapse)Author
2020-06-10Merge release-20200522.0-113-g203dc121f (automated)gVisor bot
2020-06-10Redirect TODOs to more specific issuesFabricio Voznika
Closes #1623 PiperOrigin-RevId: 315681993
2020-05-27Merge release-20200518.0-45-g0bc022b7 (automated)gVisor bot
2020-04-21Merge release-20200323.0-206-geba0866 (automated)gVisor bot
2020-04-21Merge pull request #1818 from lubinszARM:pr_signal_1gVisor bot
PiperOrigin-RevId: 307680200
2020-04-17Arm64: VDSO support for signalBin Lu
The vdso is enabled, so we can use the sigreturn trampolines the vdso provides in arch module. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-02-14Merge release-20200211.0-17-g4075de1 (automated)gVisor bot
2020-02-14Plumb VFS2 inside the SentrygVisor bot
- Added fsbridge package with interface that can be used to open and read from VFS1 and VFS2 files. - Converted ELF loader to use fsbridge - Added VFS2 types to FSContext - Added vfs.MountNamespace to ThreadGroup Updates #1623 PiperOrigin-RevId: 295183950
2020-02-11Merge release-20200127.0-130-g9be46e5 (automated)gVisor bot
2020-01-27Merge release-20200115.0-110-g0e2f1b7 (automated)gVisor bot
2020-01-27Update package locations.Adin Scannell
Because the abi will depend on the core types for marshalling (usermem, context, safemem, safecopy), these need to be flattened from the sentry directory. These packages contain no sentry-specific details. PiperOrigin-RevId: 291811289
2020-01-27Standardize on tools directory.Adin Scannell
PiperOrigin-RevId: 291745021
2020-01-22Merge release-20200115.0-71-g1599923 (automated)gVisor bot
2019-12-06Merge release-20191129.0-9-gf8bb3f7 (automated)gVisor bot
2019-12-06Document ELF PT_LOAD difference from LinuxMichael Pratt
PiperOrigin-RevId: 284191345
2019-11-18Merge release-20191114.0-13-g235a96c (automated)gVisor bot
2019-11-13Fix some build errors on arm64.Haibo Xu
Initialize the VDSO "os" and "arch" fields explicitly, or the VDSO load process would failed on arm64 platform. Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: Ic6768df88e43cd7c7956eb630511672ae11ac52f
2019-10-29Merge release-20190806.1-341-g38330e9 (automated)gVisor bot
2019-10-29Update symlink traversal limit when resolving interpreter path.Dean Deng
When execveat is called on an interpreter script, the symlink count for resolving the script path should be separate from the count for resolving the the corresponding interpreter. An ELOOP error should not occur if we do not hit the symlink limit along any individual path, even if the total number of symlinks encountered exceeds the limit. Closes #574 PiperOrigin-RevId: 277358474
2019-10-29Merge release-20190806.1-339-g2e00771 (automated)gVisor bot
2019-10-29Refactor logic for loadExecutable.Dean Deng
Separate the handling of filenames and *fs.File objects in a more explicit way for the sake of clarity. PiperOrigin-RevId: 277344203
2019-10-29Merge release-20190806.1-333-g29273b0 (automated)gVisor bot
2019-10-29Disallow execveat on interpreter scripts with fd opened with O_CLOEXEC.Dean Deng
When an interpreter script is opened with O_CLOEXEC and the resulting fd is passed into execveat, an ENOENT error should occur (the script would otherwise be inaccessible to the interpreter). This matches the actual behavior of Linux's execveat. PiperOrigin-RevId: 277306680
2019-10-26Merge release-20190806.1-329-g1c480ab (automated)gVisor bot
2019-10-25Aggregate arguments for loading executables into a single struct.Dean Deng
This change simplifies the function signatures of functions related to loading executables, such as LoadTaskImage, Load, loadBinary. PiperOrigin-RevId: 276821187
2019-10-24Merge release-20190806.1-318-gd9fd536 (automated)gVisor bot
2019-10-24Handle AT_SYMLINK_NOFOLLOW flag for execveat.Dean Deng
PiperOrigin-RevId: 276441249
2019-10-16Reorder BUILD license and load functions in gvisor.Kevin Krakauer
PiperOrigin-RevId: 275139066
2019-10-01Merge release-20190806.1-225-g0d48398 (automated)gVisor bot
2019-10-01Include AT_SECURE in the aux vectorMichael Pratt
gVisor does not currently implement the functionality that would result in AT_SECURE = 1, but Linux includes AT_SECURE = 0 in the normal case, so we should do the same. PiperOrigin-RevId: 272311488
2019-10-01Merge release-20190806.1-217-g53cc72d (automated)gVisor bot
2019-10-01Honor X bit on extra anon pages in PT_LOAD segmentsMichael Pratt
Linux changed this behavior in 16e72e9b30986ee15f17fbb68189ca842c32af58 (v4.11). Previously, extra pages were always mapped RW. Now, those pages will be executable if the segment specified PF_X. They still must be writeable. PiperOrigin-RevId: 272256280
2019-09-12Merge release-20190806.1-133-g1e6bdd5 (automated)gVisor bot
2019-08-27Merge 9679f989 (automated)gVisor bot
2019-08-27Fix comment typoMichael Pratt
PiperOrigin-RevId: 265731735
2019-07-30Merge e511c0e0 (automated)gVisor bot
2019-07-30Add feature to launch Sentry from an open host FD.Zach Koopmans
Adds feature to launch from an open host FD instead of a binary_path. The FD should point to a valid executable and most likely be statically compiled. If the executable is not statically compiled, the loader will search along the interpreter paths, which must be able to be resolved in the Sandbox's file system or start will fail. PiperOrigin-RevId: 260756825
2019-07-22Merge d706922d (automated)gVisor bot
2019-07-21Add ARM64 support to pkg/sentry/loaderBin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2019-07-19Merge f544509c (automated)gVisor bot
2019-07-12Merge 69e0affa (automated)gVisor bot
2019-07-02Remove map from fd_map, change to fd_table.Adin Scannell
This renames FDMap to FDTable and drops the kernel.FD type, which had an entire package to itself and didn't serve much use (it was freely cast between types, and served as more of an annoyance than providing any protection.) Based on BenchmarkFDLookupAndDecRef-12, we can expect 5-10 ns per lookup operation, and 10-15 ns per concurrent lookup operation of savings. This also fixes two tangential usage issues with the FDMap. Namely, non-atomic use of NewFDFrom and associated calls to Remove (that are both racy and fail to drop the reference on the underlying file.) PiperOrigin-RevId: 256285890
2019-06-14Merge 3e9b8ecb (automated)gVisor bot
2019-06-13Plumb context through more layers of filesytem.Ian Gudger
All functions which allocate objects containing AtomicRefCounts will soon need a context. PiperOrigin-RevId: 253147709
2019-06-13Merge add40fd6 (automated)gVisor bot
2019-06-13Update canonical repository.Adin Scannell
This can be merged after: https://github.com/google/gvisor-website/pull/77 or https://github.com/google/gvisor-website/pull/78 PiperOrigin-RevId: 253132620
2019-06-02Merge 216da0b7 (automated)gVisor bot
2019-05-21Fix inconsistencies in ELF anonymous mappingsMichael Pratt
* A segment with filesz == 0, memsz > 0 should be an anonymous only mapping. We were failing to load such an ELF. * Anonymous pages are always mapped RW, regardless of the segment protections. PiperOrigin-RevId: 249355239 Change-Id: I251e5c0ce8848cf8420c3aadf337b0d77b1ad991
2019-05-21Add basic plumbing for splice and stub implementation.Adin Scannell
This does not actually implement an efficient splice or sendfile. Rather, it adds a generic plumbing to the file internals so that this can be added. All file implementations use the stub fileutil.NoSplice implementation, which causes sendfile and splice to fall back to an internal copy. A basic splice system call interface is added, along with a test. PiperOrigin-RevId: 249335960 Change-Id: Ic5568be2af0a505c19e7aec66d5af2480ab0939b
2019-04-29Change copyright notice to "The gVisor Authors"Michael Pratt
Based on the guidelines at https://opensource.google.com/docs/releasing/authors/. 1. $ rg -l "Google LLC" | xargs sed -i 's/Google LLC.*/The gVisor Authors./' 2. Manual fixup of "Google Inc" references. 3. Add AUTHORS file. Authors may request to be added to this file. 4. Point netstack AUTHORS to gVisor AUTHORS. Drop CONTRIBUTORS. Fixes #209 PiperOrigin-RevId: 245823212 Change-Id: I64530b24ad021a7d683137459cafc510f5ee1de9