| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-05-12 | Merge release-20200422.0-71-g06ded1c (automated) | gVisor bot | |
| 2020-05-12 | Merge pull request #2664 from lubinszARM:pr_sigfp | gVisor bot | |
| PiperOrigin-RevId: 311153824 | |||
| 2020-05-12 | Merge release-20200422.0-69-g94251ae (automated) | gVisor bot | |
| 2020-05-11 | Internal change. | Jamie Liu | |
| PiperOrigin-RevId: 311046755 | |||
| 2020-05-11 | Add fpsimd support in sigreturn on Arm64 | Bin Lu | |
| Signed-off-by: Bin Lu <bin.lu@arm.com> | |||
| 2020-05-11 | Merge release-20200422.0-68-g15de8cc (automated) | gVisor bot | |
| 2020-05-11 | Add fsimpl/gofer.InternalFilesystemOptions.OpenSocketsByConnecting. | Jamie Liu | |
| PiperOrigin-RevId: 311014995 | |||
| 2020-05-11 | Merge release-20200422.0-62-gc52195d (automated) | gVisor bot | |
| 2020-05-10 | Stop avoiding preadv2 and pwritev2, and add them to the filters. | Nicolas Lacasse | |
| Some code paths needed these syscalls anyways, so they should be included in the filters. Given that we depend on these syscalls in some cases, there's no real reason to avoid them any more. PiperOrigin-RevId: 310829126 | |||
| 2020-05-08 | Merge release-20200422.0-61-gcfd3066 (automated) | gVisor bot | |
| 2020-05-08 | iptables - filter packets using outgoing interface. | gVisor bot | |
| Enables commands with -o (--out-interface) for iptables rules. $ iptables -A OUTPUT -o eth0 -j ACCEPT PiperOrigin-RevId: 310642286 | |||
| 2020-05-08 | Merge release-20200422.0-59-g21b7139 (automated) | gVisor bot | |
| 2020-05-08 | Pass flags to fsimpl/host.inode.open(). | Jamie Liu | |
| This has two effects: It makes flags passed to open("/proc/[pid]/fd/[hostfd]") effective, and it prevents imported pipes/sockets/character devices from being opened with O_NONBLOCK unconditionally (because the underlying host FD was set to non-blocking in ImportFD()). PiperOrigin-RevId: 310596062 | |||
| 2020-05-07 | Merge release-20200422.0-55-g5536073 (automated) | gVisor bot | |
| 2020-05-07 | Fix ARM64 build. | Adin Scannell | |
| The common syscall definitions mean that ARM64-exclusive files need stubs in the ARM64 build. PiperOrigin-RevId: 310446698 | |||
| 2020-05-07 | Merge release-20200422.0-52-g9115f26 (automated) | gVisor bot | |
| 2020-05-07 | Allocate device numbers for VFS2 filesystems. | Jamie Liu | |
| Updates #1197, #1198, #1672 PiperOrigin-RevId: 310432006 | |||
| 2020-05-07 | Merge release-20200422.0-51-g1f4087e (automated) | gVisor bot | |
| 2020-05-07 | Merge release-20200422.0-49-gd0b1d02 (automated) | gVisor bot | |
| 2020-05-07 | Move pkg/sentry/vfs/{eventfd,timerfd} to new packages in pkg/sentry/fsimpl. | Nicolas Lacasse | |
| They don't depend on anything in VFS2, so they should be their own packages. PiperOrigin-RevId: 310416807 | |||
| 2020-05-07 | Merge release-20200422.0-47-g26c60d7 (automated) | gVisor bot | |
| 2020-05-07 | Port signalfd to vfs2. | Nicolas Lacasse | |
| PiperOrigin-RevId: 310404113 | |||
| 2020-05-07 | Merge release-20200422.0-45-g16da7e7 (automated) | gVisor bot | |
| 2020-05-07 | Update privateunixsocket TODOs. | Dean Deng | |
| Synthetic sockets do not have the race condition issue in VFS2, and we will get rid of privateunixsocket as well. Fixes #1200. PiperOrigin-RevId: 310386474 | |||
| 2020-05-07 | Merge release-20200422.0-42-ge0089a2 (automated) | gVisor bot | |
| 2020-05-07 | Remove outdated TODO for VFS2 AccessAt. | Dean Deng | |
| Fixes #1965. PiperOrigin-RevId: 310380433 | |||
| 2020-05-07 | Merge release-20200422.0-41-gfeece24 (automated) | gVisor bot | |
| 2020-05-06 | Merge pull request #2570 from lubinszARM:pr_clean | gVisor bot | |
| PiperOrigin-RevId: 310259686 | |||
| 2020-05-06 | Merge release-20200422.0-39-g7cd54c1 (automated) | gVisor bot | |
| 2020-05-06 | Remove vfs.FileDescriptionOptions.InvalidWrite. | Jamie Liu | |
| Compare: https://elixir.bootlin.com/linux/v5.6/source/fs/timerfd.c#L431 PiperOrigin-RevId: 310246908 | |||
| 2020-05-06 | Merge release-20200422.0-37-g279f1eb (automated) | gVisor bot | |
| 2020-05-06 | Fix runsc syscall documentation generation. | Adin Scannell | |
| We can register any number of tables with any number of architectures, and need not limit the definitions to the architecture in question. This allows runsc to generate documentation for all architectures simultaneously. Similarly, this simplifies the VFSv2 patching process. PiperOrigin-RevId: 310224827 | |||
| 2020-05-06 | Merge release-20200422.0-34-g591ff0e (automated) | gVisor bot | |
| 2020-05-06 | Add maximum memory limit. | Nicolas Lacasse | |
| PiperOrigin-RevId: 310179277 | |||
| 2020-05-06 | Merge release-20200422.0-33-g8416da3 (automated) | gVisor bot | |
| 2020-05-05 | Internal change. | gVisor bot | |
| PiperOrigin-RevId: 310057834 | |||
| 2020-05-05 | Merge release-20200422.0-29-gfaf89dd (automated) | gVisor bot | |
| 2020-05-05 | Update vfs2 socket TODOs. | Dean Deng | |
| Three updates: - Mark all vfs2 socket syscalls as supported. - Use the same dev number and ino number generator for all types of sockets, unlike in VFS1. - Do not use host fd for hostinet metadata. Fixes #1476, #1478, #1484, 1485, #2017. PiperOrigin-RevId: 309994579 | |||
| 2020-05-05 | Merge release-20200422.0-28-ga6dbf95 (automated) | gVisor bot | |
| 2020-05-05 | Update comments for synthetic gofer files in vfs2. | Dean Deng | |
| PiperOrigin-RevId: 309966538 | |||
| 2020-05-05 | Merge release-20200422.0-27-gb3bd414 (automated) | gVisor bot | |
| 2020-05-05 | Merge release-20200422.0-26-g35951c3 (automated) | gVisor bot | |
| 2020-05-05 | Return correct name for imported host files | Fabricio Voznika | |
| Implement PrependPath() in host.filesystem to correctly format name for host files. Updates #1672 PiperOrigin-RevId: 309959135 | |||
| 2020-05-05 | Translate p9.NoUID/GID to OverflowUID/GID. | Jamie Liu | |
| p9.NoUID/GID (== uint32(-1) == auth.NoID) is not a valid auth.KUID/KGID; in particular, using it for file ownership causes capabilities to be ineffective since file capabilities require that the file's KUID and KGID are mapped into the capability holder's user namespace [1], and auth.NoID is not mapped into any user namespace. Map p9.NoUID/GID to a different, valid KUID/KGID; in the unlikely case that an application actually using the overflow KUID/KGID attempts an operation that is consequently permitted by client permission checks, the remote operation will still fail with EPERM. Since this changes the VFS2 gofer client to no longer ignore the invalid IDs entirely, this CL both permits and requires that we change synthetic mount point creation to use root credentials. [1] See fs.Inode.CheckCapability or vfs.GenericCheckPermissions. PiperOrigin-RevId: 309856455 | |||
| 2020-05-04 | Merge release-20200422.0-25-gda71dc7 (automated) | gVisor bot | |
| 2020-05-04 | Port eventfd to VFS2. | Nicolas Lacasse | |
| And move sys_timerfd.go to just timerfd.go for consistency. Updates #1475. PiperOrigin-RevId: 309835029 | |||
| 2020-05-04 | Merge release-20200422.0-23-g57dbd7f (automated) | gVisor bot | |
| 2020-05-04 | Remove kernfs.Filesystem cast from GenericDirectoryFD | Fabricio Voznika | |
| This allows for kerfs.Filesystem to be overridden by different implementations. Updates #1672 PiperOrigin-RevId: 309809321 | |||
| 2020-05-04 | Merge release-20200422.0-18-g711439b (automated) | gVisor bot | |
| 2020-05-04 | Merge pull request #2275 from nybidari:iptables | gVisor bot | |
| PiperOrigin-RevId: 309783486 | |||
 |
index : gvisor | |
| Container Runtime Sandbox |
| summaryrefslogtreecommitdiffhomepage |