summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/loader
AgeCommit message (Collapse)Author
2020-07-09Merge release-20200622.1-85-gc4815af94 (automated)gVisor bot
2020-07-08Add shared mount hints to VFS2Fabricio Voznika
Container restart test is disabled for VFS2 for now. Updates #1487 PiperOrigin-RevId: 320296401
2020-07-08Merge release-20200622.1-78-gefa2615eb (automated)gVisor bot
2020-07-07[vfs2] Remove VFS1 usage in VDSO.Ayush Ranjan
Removed VDSO dependency on VFS1. Resolves #2921 PiperOrigin-RevId: 320122176
2020-06-24Merge release-20200608.0-119-g364ac92ba (automated)gVisor bot
2020-06-10Merge release-20200522.0-113-g203dc121f (automated)gVisor bot
2020-06-10Redirect TODOs to more specific issuesFabricio Voznika
Closes #1623 PiperOrigin-RevId: 315681993
2020-05-27Merge release-20200518.0-45-g0bc022b7 (automated)gVisor bot
2020-04-21Merge release-20200323.0-206-geba0866 (automated)gVisor bot
2020-04-21Merge pull request #1818 from lubinszARM:pr_signal_1gVisor bot
PiperOrigin-RevId: 307680200
2020-04-17Arm64: VDSO support for signalBin Lu
The vdso is enabled, so we can use the sigreturn trampolines the vdso provides in arch module. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-02-14Merge release-20200211.0-17-g4075de1 (automated)gVisor bot
2020-02-14Plumb VFS2 inside the SentrygVisor bot
- Added fsbridge package with interface that can be used to open and read from VFS1 and VFS2 files. - Converted ELF loader to use fsbridge - Added VFS2 types to FSContext - Added vfs.MountNamespace to ThreadGroup Updates #1623 PiperOrigin-RevId: 295183950
2020-02-11Merge release-20200127.0-130-g9be46e5 (automated)gVisor bot
2020-01-27Merge release-20200115.0-110-g0e2f1b7 (automated)gVisor bot
2020-01-27Update package locations.Adin Scannell
Because the abi will depend on the core types for marshalling (usermem, context, safemem, safecopy), these need to be flattened from the sentry directory. These packages contain no sentry-specific details. PiperOrigin-RevId: 291811289
2020-01-27Standardize on tools directory.Adin Scannell
PiperOrigin-RevId: 291745021
2020-01-22Merge release-20200115.0-71-g1599923 (automated)gVisor bot
2019-12-06Merge release-20191129.0-9-gf8bb3f7 (automated)gVisor bot
2019-12-06Document ELF PT_LOAD difference from LinuxMichael Pratt
PiperOrigin-RevId: 284191345
2019-11-18Merge release-20191114.0-13-g235a96c (automated)gVisor bot
2019-11-13Fix some build errors on arm64.Haibo Xu
Initialize the VDSO "os" and "arch" fields explicitly, or the VDSO load process would failed on arm64 platform. Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: Ic6768df88e43cd7c7956eb630511672ae11ac52f
2019-10-29Merge release-20190806.1-341-g38330e9 (automated)gVisor bot
2019-10-29Update symlink traversal limit when resolving interpreter path.Dean Deng
When execveat is called on an interpreter script, the symlink count for resolving the script path should be separate from the count for resolving the the corresponding interpreter. An ELOOP error should not occur if we do not hit the symlink limit along any individual path, even if the total number of symlinks encountered exceeds the limit. Closes #574 PiperOrigin-RevId: 277358474
2019-10-29Merge release-20190806.1-339-g2e00771 (automated)gVisor bot
2019-10-29Refactor logic for loadExecutable.Dean Deng
Separate the handling of filenames and *fs.File objects in a more explicit way for the sake of clarity. PiperOrigin-RevId: 277344203
2019-10-29Merge release-20190806.1-333-g29273b0 (automated)gVisor bot
2019-10-29Disallow execveat on interpreter scripts with fd opened with O_CLOEXEC.Dean Deng
When an interpreter script is opened with O_CLOEXEC and the resulting fd is passed into execveat, an ENOENT error should occur (the script would otherwise be inaccessible to the interpreter). This matches the actual behavior of Linux's execveat. PiperOrigin-RevId: 277306680
2019-10-26Merge release-20190806.1-329-g1c480ab (automated)gVisor bot
2019-10-25Aggregate arguments for loading executables into a single struct.Dean Deng
This change simplifies the function signatures of functions related to loading executables, such as LoadTaskImage, Load, loadBinary. PiperOrigin-RevId: 276821187
2019-10-24Merge release-20190806.1-318-gd9fd536 (automated)gVisor bot
2019-10-24Handle AT_SYMLINK_NOFOLLOW flag for execveat.Dean Deng
PiperOrigin-RevId: 276441249
2019-10-16Reorder BUILD license and load functions in gvisor.Kevin Krakauer
PiperOrigin-RevId: 275139066
2019-10-01Merge release-20190806.1-225-g0d48398 (automated)gVisor bot
2019-10-01Include AT_SECURE in the aux vectorMichael Pratt
gVisor does not currently implement the functionality that would result in AT_SECURE = 1, but Linux includes AT_SECURE = 0 in the normal case, so we should do the same. PiperOrigin-RevId: 272311488
2019-10-01Merge release-20190806.1-217-g53cc72d (automated)gVisor bot
2019-10-01Honor X bit on extra anon pages in PT_LOAD segmentsMichael Pratt
Linux changed this behavior in 16e72e9b30986ee15f17fbb68189ca842c32af58 (v4.11). Previously, extra pages were always mapped RW. Now, those pages will be executable if the segment specified PF_X. They still must be writeable. PiperOrigin-RevId: 272256280
2019-09-12Merge release-20190806.1-133-g1e6bdd5 (automated)gVisor bot
2019-08-27Merge 9679f989 (automated)gVisor bot
2019-08-27Fix comment typoMichael Pratt
PiperOrigin-RevId: 265731735
2019-07-30Merge e511c0e0 (automated)gVisor bot
2019-07-30Add feature to launch Sentry from an open host FD.Zach Koopmans
Adds feature to launch from an open host FD instead of a binary_path. The FD should point to a valid executable and most likely be statically compiled. If the executable is not statically compiled, the loader will search along the interpreter paths, which must be able to be resolved in the Sandbox's file system or start will fail. PiperOrigin-RevId: 260756825
2019-07-22Merge d706922d (automated)gVisor bot
2019-07-21Add ARM64 support to pkg/sentry/loaderBin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2019-07-19Merge f544509c (automated)gVisor bot
2019-07-12Merge 69e0affa (automated)gVisor bot
2019-07-02Remove map from fd_map, change to fd_table.Adin Scannell
This renames FDMap to FDTable and drops the kernel.FD type, which had an entire package to itself and didn't serve much use (it was freely cast between types, and served as more of an annoyance than providing any protection.) Based on BenchmarkFDLookupAndDecRef-12, we can expect 5-10 ns per lookup operation, and 10-15 ns per concurrent lookup operation of savings. This also fixes two tangential usage issues with the FDMap. Namely, non-atomic use of NewFDFrom and associated calls to Remove (that are both racy and fail to drop the reference on the underlying file.) PiperOrigin-RevId: 256285890
2019-06-14Merge 3e9b8ecb (automated)gVisor bot
2019-06-13Plumb context through more layers of filesytem.Ian Gudger
All functions which allocate objects containing AtomicRefCounts will soon need a context. PiperOrigin-RevId: 253147709
2019-06-13Merge add40fd6 (automated)gVisor bot