| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-02-27 | Merge release-20200219.0-52-gabf7ebc (automated) | gVisor bot | |
| 2020-02-27 | Internal change. | Nayana Bidari | |
| PiperOrigin-RevId: 297638665 | |||
| 2020-02-20 | Merge release-20200211.0-47-g2daa21e (automated) | gVisor bot | |
| 2020-02-19 | Internal change. | gVisor bot | |
| PiperOrigin-RevId: 296088213 | |||
| 2020-02-18 | Merge release-20200211.0-38-g56fd950 (automated) | gVisor bot | |
| 2020-02-18 | Enable IPV6_RECVTCLASS socket option for datagram sockets | gVisor bot | |
| Added the ability to get/set the IP_RECVTCLASS socket option on UDP endpoints. If enabled, traffic class from the incoming Network Header passed as ancillary data in the ControlMessages. Adding Get/SetSockOptBool to decrease the overhead of getting/setting simple options. (This was absorbed in a CL that will be landing before this one). Test: * Added unit test to udp_test.go that tests getting/setting as well as verifying that we receive expected TOS from incoming packet. * Added a syscall test for verifying getting/setting * Removed test skip for existing syscall test to enable end to end test. PiperOrigin-RevId: 295840218 | |||
| 2020-02-13 | Merge release-20200211.0-11-g69bf39e (automated) | gVisor bot | |
| 2020-02-13 | Internal change. | gVisor bot | |
| PiperOrigin-RevId: 294952610 | |||
| 2020-02-11 | Merge release-20200127.0-130-g9be46e5 (automated) | gVisor bot | |
| 2020-02-06 | Merge release-20200127.0-84-gf3d9560 (automated) | gVisor bot | |
| 2020-02-05 | recv() on a closed TCP socket returns ENOTCONN | Eyal Soha | |
| From RFC 793 s3.9 p58 Event Processing: If RECEIVE Call arrives in CLOSED state and the user has access to such a connection, the return should be "error: connection does not exist" Fixes #1598 PiperOrigin-RevId: 293494287 | |||
| 2020-02-05 | Merge release-20200127.0-80-g665b614 (automated) | gVisor bot | |
| 2020-02-04 | Support RTM_NEWADDR and RTM_GETLINK in (rt)netlink. | Ting-Yu Wang | |
| PiperOrigin-RevId: 293271055 | |||
| 2020-01-30 | Merge release-20200127.0-31-g51b7835 (automated) | gVisor bot | |
| 2020-01-29 | Add support for TCP_DEFER_ACCEPT. | Bhasker Hariharan | |
| PiperOrigin-RevId: 292233574 | |||
| 2020-01-27 | Merge release-20200115.0-110-g0e2f1b7 (automated) | gVisor bot | |
| 2020-01-27 | Update package locations. | Adin Scannell | |
| Because the abi will depend on the core types for marshalling (usermem, context, safemem, safecopy), these need to be flattened from the sentry directory. These packages contain no sentry-specific details. PiperOrigin-RevId: 291811289 | |||
| 2020-01-27 | Standardize on tools directory. | Adin Scannell | |
| PiperOrigin-RevId: 291745021 | |||
| 2020-01-21 | Merge release-20200115.0-56-g7e6fbc6 (automated) | gVisor bot | |
| 2020-01-21 | Add a new TCP stat for current open connections. | Mithun Iyer | |
| Such a stat accounts for all connections that are currently established and not yet transitioned to close state. Also fix bug in double increment of CurrentEstablished stat. Fixes #1579 PiperOrigin-RevId: 290827365 | |||
| 2020-01-21 | Merge release-20200115.0-48-g5f82f09 (automated) | gVisor bot | |
| 2020-01-21 | Merge pull request #1558 from kevinGC:iptables-write-input-drop | gVisor bot | |
| PiperOrigin-RevId: 290793754 | |||
| 2020-01-18 | Merge release-20200115.0-33-g47d8525 (automated) | gVisor bot | |
| 2020-01-17 | Filter out received packets with a local source IP address. | Eyal Soha | |
| CERT Advisory CA-96.21 III. Solution advises that devices drop packets which could not have correctly arrived on the wire, such as receiving a packet where the source IP address is owned by the device that sent it. Fixes #1507 PiperOrigin-RevId: 290378240 | |||
| 2020-01-14 | Merge release-20191213.0-115-g50625ce (automated) | gVisor bot | |
| 2020-01-14 | Implement {g,s}etsockopt(IP_RECVTOS) for UDP sockets | Tamir Duberstein | |
| PiperOrigin-RevId: 289718534 | |||
| 2020-01-13 | Merge release-20191213.0-113-gdebd213 (automated) | gVisor bot | |
| 2020-01-13 | Allow dual stack sockets to operate on AF_INET | Tamir Duberstein | |
| Fixes #1490 Fixes #1495 PiperOrigin-RevId: 289523250 | |||
| 2020-01-13 | Merge branch 'master' into iptables-write-input-drop | Kevin Krakauer | |
| 2020-01-13 | Merge release-20191213.0-111-gb30cfb1 (automated) | gVisor bot | |
| 2020-01-13 | Merge pull request #1528 from kevinGC:iptables-write | gVisor bot | |
| PiperOrigin-RevId: 289479774 | |||
| 2020-01-10 | Merge release-20191213.0-96-g27500d5 (automated) | gVisor bot | |
| 2020-01-09 | New sync package. | Ian Gudger | |
| * Rename syncutil to sync. * Add aliases to sync types. * Replace existing usage of standard library sync package. This will make it easier to swap out synchronization primitives. For example, this will allow us to use primitives from github.com/sasha-s/go-deadlock to check for lock ordering violations. Updates #1472 PiperOrigin-RevId: 289033387 | |||
| 2020-01-09 | Merge release-20191213.0-86-g8643933 (automated) | gVisor bot | |
| 2020-01-09 | Change BindToDeviceOption to store NICID | Eyal Soha | |
| This makes it possible to call the sockopt from go even when the NIC has no name. PiperOrigin-RevId: 288955236 | |||
| 2020-01-08 | Merge branch 'iptables-write' into iptables-write-input-drop | Kevin Krakauer | |
| 2020-01-08 | Addressed GH comments | Kevin Krakauer | |
| 2020-01-08 | Getting a panic when running tests. For some reason the filter table is | Kevin Krakauer | |
| ending up with the wrong chains and is indexing -1 into rules. | |||
| 2020-01-08 | Merge release-20191213.0-78-gd530df2 (automated) | gVisor bot | |
| 2020-01-08 | Introduce tcpip.SockOptBool | Tamir Duberstein | |
| ...and port V6OnlyOption to it. PiperOrigin-RevId: 288789451 | |||
| 2020-01-08 | Merge release-20191213.0-76-ga271bcc (automated) | gVisor bot | |
| 2020-01-08 | Rename tcpip.SockOpt{,Int} | Tamir Duberstein | |
| PiperOrigin-RevId: 288772878 | |||
| 2020-01-08 | Minor fixes to comments and logging | Kevin Krakauer | |
| 2020-01-08 | Write simple ACCEPT rules to the filter table. | Kevin Krakauer | |
| This gets us closer to passing the iptables tests and opens up iptables so it can be worked on by multiple people. A few restrictions are enforced for security (i.e. we don't want to let users write a bunch of iptables rules and then just not enforce them): - Only the filter table is writable. - Only ACCEPT rules with no matching criteria can be added. | |||
| 2019-12-26 | Merge release-20191213.0-49-g87e4d03 (automated) | gVisor bot | |
| 2019-12-26 | Automated rollback of changelist 287029703 | gVisor bot | |
| PiperOrigin-RevId: 287217899 | |||
| 2019-12-24 | Merge release-20191213.0-48-ge013c48 (automated) | gVisor bot | |
| 2019-12-24 | Enable IP_RECVTOS socket option for datagram sockets | Ryan Heacock | |
| Added the ability to get/set the IP_RECVTOS socket option on UDP endpoints. If enabled, TOS from the incoming Network Header passed as ancillary data in the ControlMessages. Test: * Added unit test to udp_test.go that tests getting/setting as well as verifying that we receive expected TOS from incoming packet. * Added a syscall test PiperOrigin-RevId: 287029703 | |||
| 2019-12-12 | Merge release-20191210.0-25-g378d6c1 (automated) | gVisor bot | |
| 2019-12-12 | unix: allow to bind unix sockets only to AF_UNIX addresses | Andrei Vagin | |
| Reported-by: syzbot+2c0bcfd87fb4e8b7b009@syzkaller.appspotmail.com PiperOrigin-RevId: 285228312 | |||
 |
index : gvisor | |
| Container Runtime Sandbox |
| summaryrefslogtreecommitdiffhomepage |