summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry
AgeCommit message (Collapse)Author
2020-09-14Merge release-20200907.0-39-g833ceb0f1 (automated)gVisor bot
2020-09-13Merge release-20200907.0-38-gb6ca96b9b (automated)gVisor bot
2020-09-12Merge release-20200907.0-37-g3ca73841d (automated)gVisor bot
2020-09-11Move the 'marshal' and 'primitive' packages to the 'pkg' directory.Rahat Mahmood
PiperOrigin-RevId: 331256608
2020-09-11Merge release-20200810.0-237-g8d0f76dda (automated)gVisor bot
2020-09-11Merge release-20200907.0-36-g1f4fb817c (automated)gVisor bot
2020-09-11Merge release-20200810.0-236-gb8bee78d0 (automated)gVisor bot
2020-09-11Unexport fusefs.inode.nodeIDCraig Chi
2020-09-11Implement FUSE_UNLINKboyuan-he
Fixes #3696
2020-09-11Fix comments of TODO issues.Craig Chi
2020-09-11Add FUSE umount supportjinmouil
This change implements Release for the FUSE filesystem and expected behaviors of the FUSE devices. It includes several checks for aborted connection in the path for making a request and a function to abort all the ongoing FUSE requests in order.
2020-09-11Fix FUSE_RELEASE protocol reply processingJinmou Li
This commit fixes the potential unexpected errors of original handling of FUSE_RELEASE responses while keep the same behavior (ignoring any reply).
2020-09-11Improve FUSE async/noreply call logicJinmou Li
This change adds bookkeeping variables for the FUSE request. With them, old insecure confusing code we used to process async requests is replaced by new clear compiling ones. Future code can take advantage of them to have better control of each requests.
2020-09-11Refactor FUSE connection for readability and structureJinmou Li
This change decouples the code that is weakly tied to the connection struct from connection.go, rename variables and files with more meaningful choices, adds detailed comments, explains lock orders, and adds other minor improvement to make the existing FUSE code more readable and more organized. Purpose is to avoid too much code in one file and provide better structure for the future commits.
2020-09-11Implement FUSE_SETATTRCraig Chi
This commit implements FUSE_SETATTR command. When a system call modifies the metadata of a regular file or a folder by chown(2), chmod(2), truncate(2), utime(2), or utimes(2), they should be translated to corresponding FUSE_SETATTR command and sent to the FUSE server. Fixes #3332
2020-09-11Add fh support for revise attr and fstat(2) testCraig Chi
According to Linux 4.4's FUSE behavior, the flags and fh attributes in FUSE_GETATTR are only used in read, write, and lseek. fstat(2) doesn't use them either. Add tests to ensure the requests sent from FUSE module are consistent with Linux's. Updates #3655
2020-09-11Implement FUSE_WRITEJinmou Li
This commit adds basic write(2) support for FUSE.
2020-09-11Implement FUSE_CREATECraig Chi
FUSE_CREATE is called when issuing creat(2) or open(2) with O_CREAT. It creates a new file on the FUSE filesystem. Fixes #3825
2020-09-11FUSE device: clean up readLockedjinmouil
This change removes the unnecessary loop and avoids the recursive call. It also fixes minor bugs in this function.
2020-09-11Downgrade FUSE minor version support and clarify commentsjinmouil
2020-09-11fuse: remove unused marshalling functionsCraig Chi
This commit removes unused marshalling functions in linux abi package and moves self-defined FUSEInitRes wrapper to fuse package. Updates #3707
2020-09-11fuse: add benchmarking support for FUSEBoyuan He & Ridwan Sharif
This change adds the following: - Add support for containerizing syscall tests for FUSE - Mount tmpfs in the container so we can run benchmarks against it - Run the server in a background process - benchmarks for fuse syscall Co-authored-by: Ridwan Sharif <ridwanmsharif@google.com>
2020-09-11Support multiple FUSE kernel versions of FUSE_INIT response structCraig Chi
The fuse_init_out struct changes in different FUSE kernel versions. A FUSE server may implement older versions of fuse_init_out, but they share common attributes from the beginning. Implement variable-length marshallable interface to support older versions of ABI. Fixes #3707
2020-09-11Implementing inode.GetlinkCraig Chi
kernfs uses inode.Getlink to resolve symlink when look up paths. Updates #3452
2020-09-11Fix FUSE_READDIR offset issueCraig Chi
According to readdir(3), the offset attribute in struct dirent is the offset to the next dirent instead of the offset of itself. Send the successive FUSE_READDIR requests with the offset retrieved from the last entry. Updates #3255
2020-09-11fuse: use safe go_marshal API for FUSERidwan Sharif
Until #3698 is resolved, this change is needed to ensure we're not corrupting memory anywhere.
2020-09-11fuse: Implement IterDirents for directory file descriptionRidwan Sharif
Fixes #3255. This change adds support for IterDirents. You can now use `ls` in the FUSE sandbox. Co-authored-by: Craig Chi <craigchi@google.com>
2020-09-11Implement FUSE_RMDIRRidwan Sharif
Fixes #3587 Co-authored-by: Craig Chi <craigchi@google.com>
2020-09-11Implement FUSE_READJinmou Li
Fixes #3206
2020-09-11Implement FUSE_MKDIRBoyuan He
Fixes #3392
2020-09-11Implement FUSE_READLINKBoyuan He
Fixes #3316
2020-09-11Implement FUSE_SYMLINKBoyuan He
Fixes #3452
2020-09-11Implement FUSE_MKNODBoyuan He
Fixes #3492
2020-09-11Implement FUSE_RELEASE/RELEASEDIRBoyuan He
Fixes #3314
2020-09-11Implement FUSE_OPEN/OPENDIRBoyuan He
Fixes #3174
2020-09-11Implement FUSE_LOOKUPAndrei Vagin
Fixes #3231 Co-authored-by: Boyuan He <heboyuan@google.com>
2020-09-11Extend integration test to test sequence of FUSE operationCraig Chi
Original FUSE integration test has limited capabilities. To test more situations, the new integration test framework introduces a protocol to communicate between testing thread and the FUSE server. In summary, this change includes: 1. Remove CompareResult() and break SetExpected() into SetServerResponse() and GetServerActualRequest(). We no longer set up an expected request because we want to retrieve the actual FUSE request made to the FUSE server and check in the testing thread. 2. Declare a serial buffer data structure to save the received requests and expected responses sequentially. The data structure contains a cursor to indicate the progress of accessing. This change makes sequential SetServerResponse() and GetServerActualRequest() possible. 3. Replace 2 single directional pipes with 1 bi-directional socketpair. A protocol which starts with FuseTestCmd is used between the testing thread and the FUSE server to provide various functionality. Fixes #3405
2020-09-11Merge release-20200907.0-35-g325f7036b (automated)gVisor bot
2020-09-11Merge release-20200907.0-34-g490e5c83b (automated)gVisor bot
2020-09-11Merge release-20200907.0-33-g9a5635eb1 (automated)gVisor bot
2020-09-11Implement copy-up-coherent mmap for VFS2 overlayfs.Jamie Liu
This is very similar to copy-up-coherent mmap in the VFS1 overlay, with the minor wrinkle that there is no fs.InodeOperations.Mappable(). Updates #1199 PiperOrigin-RevId: 331206314
2020-09-11Merge release-20200907.0-32-g831ab2dd9 (automated)gVisor bot
2020-09-11Fix host unix socket to not swallow EOF incorrectly.Bhasker Hariharan
Fixes an error where in case of a receive buffer larger than the host send buffer size for a host backed unix dgram socket we would end up swallowing EOF from recvmsg syscall causing the read() to block forever. PiperOrigin-RevId: 331192810
2020-09-11Merge release-20200907.0-31-g964447c8c (automated)gVisor bot
2020-09-10Merge release-20200818.0-154-g365545855 (automated)gVisor bot
2020-09-10Merge release-20200818.0-153-g14e0eb6e0 (automated)gVisor bot
2020-09-10Merge release-20200818.0-152-g7275f293d (automated)gVisor bot
2020-09-10Merge release-20200818.0-150-g50c99a86d (automated)gVisor bot
2020-09-10Merge release-20200818.0-149-g9a003835f (automated)gVisor bot
2020-09-10arm64:place an SB sequence following an ERET instructionBin Lu
Some CPUs(eg: ampere-emag) can speculate past an ERET instruction and potentially perform speculative accesses to memory before processing the exception return. Since the register state is often controlled by a lower privilege level at the point of an ERET, this could potentially be used as part of a side-channel attack. Signed-off-by: Bin Lu <bin.lu@arm.com>