summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/syscalls
AgeCommit message (Collapse)Author
2019-11-20Merge release-20191114.0-16-g012102e (automated)gVisor bot
2019-11-20Pass OpenTruncate to gofer in Open call when opening file with O_TRUNC.Nicolas Lacasse
Note that the Sentry still calls Truncate() on the file before calling Open. A new p9 version check was added to ensure that the p9 server can handle the the OpenTruncate flag. If not, then the flag is stripped before sending. PiperOrigin-RevId: 281609112
2019-11-15Merge release-20191104.0-44-gaf323eb (automated)gVisor bot
2019-11-14Fix return codes for {get,set}sockopt for some nullptr cases.Ting-Yu Wang
Updates #1092 PiperOrigin-RevId: 280547239
2019-11-15Merge release-20191104.0-43-g339536d (automated)gVisor bot
2019-11-14Check that a file is a regular file with open(O_TRUNC).Kevin Krakauer
It was possible to panic the sentry by opening a cache revalidating folder with O_TRUNC|O_CREAT. Avoids breaking php tests. PiperOrigin-RevId: 280533213
2019-11-08Merge release-20190806.1-383-gaf58a4e (automated)gVisor bot
2019-11-08Automated rollback of changelist 278417533Kevin Krakauer
PiperOrigin-RevId: 279365629
2019-11-04Merge release-20190806.1-368-g4fdd69d (automated)gVisor bot
2019-11-04Check that a file is a regular file with open(O_TRUNC).Kevin Krakauer
It was possible to panic the sentry by opening a cache revalidating folder with O_TRUNC|O_CREAT. PiperOrigin-RevId: 278417533
2019-11-04Merge release-20190806.1-366-g3b4f544 (automated)gVisor bot
2019-11-04Update membarrier bugMichael Pratt
Updates #267 PiperOrigin-RevId: 278402684
2019-10-29Merge release-20190806.1-333-g29273b0 (automated)gVisor bot
2019-10-29Disallow execveat on interpreter scripts with fd opened with O_CLOEXEC.Dean Deng
When an interpreter script is opened with O_CLOEXEC and the resulting fd is passed into execveat, an ENOENT error should occur (the script would otherwise be inaccessible to the interpreter). This matches the actual behavior of Linux's execveat. PiperOrigin-RevId: 277306680
2019-10-26Merge release-20190806.1-329-g1c480ab (automated)gVisor bot
2019-10-25Aggregate arguments for loading executables into a single struct.Dean Deng
This change simplifies the function signatures of functions related to loading executables, such as LoadTaskImage, Load, loadBinary. PiperOrigin-RevId: 276821187
2019-10-24Merge release-20190806.1-318-gd9fd536 (automated)gVisor bot
2019-10-24Handle AT_SYMLINK_NOFOLLOW flag for execveat.Dean Deng
PiperOrigin-RevId: 276441249
2019-10-23Handle AT_EMPTY_PATH flag in execveat.Dean Deng
PiperOrigin-RevId: 276419967
2019-10-22Merge release-20190806.1-304-gebe8001 (automated)gVisor bot
2019-10-22Update const names to be Go style.Ian Lewis
PiperOrigin-RevId: 276165962
2019-10-22Merge release-20190806.1-298-g070a8c2 (automated)gVisor bot
2019-10-21Remove old TODO.Nicolas Lacasse
PiperOrigin-RevId: 275956240
2019-10-21Merge release-20190806.1-297-g0b569b7 (automated)gVisor bot
2019-10-21Add basic implementation of execveat syscall and associated tests.Dean Deng
Allow file descriptors of directories as well as AT_FDCWD. PiperOrigin-RevId: 275929668
2019-10-16Reorder BUILD license and load functions in gvisor.Kevin Krakauer
PiperOrigin-RevId: 275139066
2019-10-16Merge release-20190806.1-282-g8fe48dc (automated)gVisor bot
2019-10-16Add sublevel to kernel versionMichael Pratt
Standard Linux kernel versions are VERSION.PATCHLEVEL.SUBLEVEL. e.g., 4.4.0, even when the sublevel is 0. Match this standard. PiperOrigin-RevId: 275125715
2019-10-16Merge release-20190806.1-279-gbbdcf44 (automated)gVisor bot
2019-10-16Fix syscall changes lost in rebaseMichael Pratt
These syscalls were changed in the amd64 file around the time the arm64 PR was sent out, so their changes got lost. Updates #63 PiperOrigin-RevId: 275114194
2019-10-07Merge release-20190806.1-243-g8fce24d (automated)gVisor bot
2019-10-07Merge pull request #753 from lubinszARM:pr_syscall_linuxgVisor bot
PiperOrigin-RevId: 273364848
2019-10-03Merge release-20190806.1-233-gdb218fd (automated)gVisor bot
2019-10-03Don't report partialResult errors from sendfileAndrei Vagin
The input file descriptor is always a regular file, so sendfile can't lose any data if it will not be able to write them to the output file descriptor. Reported-by: syzbot+22d22330a35fa1c02155@syzkaller.appspotmail.com PiperOrigin-RevId: 272730357
2019-10-02Merge branch 'master' into pr_syscall_linuxAndrei Vagin
2019-10-01Merge release-20190806.1-215-g29a1ba5 (automated)gVisor bot
2019-09-30splice: compare inode numbers only if both ends are pipesAndrei Vagin
It isn't allowed to splice data from and into the same pipe. But right now this check is broken, because we don't check that both ends are pipes. PiperOrigin-RevId: 272107022
2019-09-30Merge release-20190806.1-210-g3ad17ff (automated)gVisor bot
2019-09-30Only copy out remaining time on nanosleep successMichael Pratt
It looks like the old code attempted to do this, but didn't realize that err != nil even in the happy case. PiperOrigin-RevId: 272005887
2019-09-27Merge release-20190806.1-203-g8539abc (automated)gVisor bot
2019-09-27Merge pull request #864 from tanjianfeng:fix-861gVisor bot
PiperOrigin-RevId: 271649711
2019-09-27Merge release-20190806.1-201-gabbee56 (automated)gVisor bot
2019-09-27Implement SO_BINDTODEVICE sockoptgVisor bot
PiperOrigin-RevId: 271644926
2019-09-24Merge release-20190806.1-178-g502f8f2 (automated)gVisor bot
2019-09-24Stub out readahead implementation.Adin Scannell
Closes #261 PiperOrigin-RevId: 270973347
2019-09-20fix set hostnameJianfeng Tan
Previously, when we set hostname: $ strace hostname abc ... sethostname("abc", 3) = -1 ENAMETOOLONG (File name too long) ... According to man 2 sethostname: "The len argument specifies the number of bytes in name. (Thus, name does not require a terminating null byte.)" We wrongly use the CopyStringIn() to check terminating zero byte in the implementation of sethostname syscall. To fix this, we use CopyInBytes() instead. Fixes: #861 Reported-by: chenglang.hy <chenglang.hy@antfin.com> Signed-off-by: Jianfeng Tan <henry.tjf@antfin.com>
2019-09-18Merge release-20190806.1-156-gc98e7f0 (automated)gVisor bot
2019-09-18Signalfd supportAdin Scannell
Note that the exact semantics for these signalfds are slightly different from Linux. These signalfds are bound to the process at creation time. Reads, polls, etc. are all associated with signals directed at that task. In Linux, all signalfd operations are associated with current, regardless of where the signalfd originated. In practice, this should not be an issue given how signalfds are used. In order to fix this however, we will need to plumb the context through all the event APIs. This gets complicated really quickly, because the waiter APIs are all netstack-specific, and not generally exposed to the context. Probably not worthwhile fixing immediately. PiperOrigin-RevId: 269901749
2019-09-18enable syscalls/linux to support arm64Bin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com> Change-Id: I45af8a54304f8bb0e248ab15f4e20b173ea9e430
2019-09-14Merge release-20190806.1-145-g239a07a (automated)gVisor bot