summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry
AgeCommit message (Collapse)Author
2019-01-30Add muldiv/rd_tsc support for arm64 platform.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: If35459be78e023346a140184401172f8e023c7f9 PiperOrigin-RevId: 231638020
2019-01-28Convert TODO into FIXME.Zhaozhong Ni
PiperOrigin-RevId: 231301228 Change-Id: I3e18f3a12a35fb89a22a8c981188268d5887dc61
2019-01-28Fix data race in InodeSimpleAttributes.Unstable.Nicolas Lacasse
We were modifying InodeSimpleAttributes.Unstable.AccessTime without holding the necessary lock. Luckily for us, InodeSimpleAttributes already has a NotifyAccess method that will do the update while holding the lock. In addition, we were holding dfo.dir.mu.Lock while setting AccessTime, which is unnecessary, so that lock has been removed. PiperOrigin-RevId: 231278447 Change-Id: I81ed6d3dbc0b18e3f90c1df5e5a9c06132761769
2019-01-28Drop the one-page limit for /proc/[pid]/{cmdline,environ}.Jamie Liu
It never actually should have applied to environ (the relevant change in Linux 4.2 is c2c0bb44620d "proc: fix PAGE_SIZE limit of /proc/$PID/cmdline"), and we claim to be Linux 4.4 now anyway. PiperOrigin-RevId: 231250661 Change-Id: I37f9c4280a533d1bcb3eebb7803373ac3c7b9f15
2019-01-25Make cacheRemoteRevalidating detect changes to file sizeFabricio Voznika
When file size changes outside the sandbox, page cache was not refreshing file size which is required for cacheRemoteRevalidating. In fact, cacheRemoteRevalidating should be skipping the cache completely since it's not really benefiting from it. The cache is cache is already bypassed for unstable attributes (see cachePolicy.cacheUAttrs). And althought the cache is called to map pages, they will always miss the cache and map directly from the host. Created a HostMappable struct that maps directly to the host and use it for files with cacheRemoteRevalidating. Closes #124 PiperOrigin-RevId: 230998440 Change-Id: Ic5f632eabe33b47241e05e98c95e9b2090ae08fc
2019-01-24cleanup: extract the kernel from contextAdin Scannell
Change-Id: I94704a90beebb53164325e0cce1fcb9a0b97d65c PiperOrigin-RevId: 230817308
2019-01-18Display /proc/net entries for all network configurations.Rahat Mahmood
Most of the entries are stubbed out at the moment, but even those were only displayed if IPv6 support was enabled. The entries should be displayed with IPv4-support only, and with only loopback devices. PiperOrigin-RevId: 229946441 Change-Id: I18afaa3af386322787f91bf9d168ab66c01d5a4c
2019-01-17Allow fsync on a directory.Nicolas Lacasse
PiperOrigin-RevId: 229781337 Change-Id: I1f946cff2771714fb1abd83a83ed454e9febda0a
2019-01-14Remove fs.Handle, ramfs.Entry, and all the DeprecatedFileOperations.Nicolas Lacasse
More helper structs have been added to the fsutil package to make it easier to implement fs.InodeOperations and fs.FileOperations. PiperOrigin-RevId: 229305982 Change-Id: Ib6f8d3862f4216745116857913dbfa351530223b
2019-01-10Fixing select call to not enforce RLIMIT_NOFILE.Zach Koopmans
Removing check to RLIMIT_NOFILE in select call. Adding unit test to select suite to document behavior. Moving setrlimit class from mlock to a util file for reuse. Fixing flaky test based on comments from Jamie. PiperOrigin-RevId: 228726131 Change-Id: Ie9dbe970bbf835ba2cca6e17eec7c2ee6fadf459
2019-01-09Minor memevent fixes.Jamie Liu
- Call MemoryEvents.done.Add(1) outside of MemoryEvents.run() so that if MemoryEvents.Stop() => MemoryEvents.done.Wait() is called before the goroutine starts running, it still waits for the goroutine to stop. - Use defer to call MemoryEvents.done.Done() in MemoryEvents.run() so that it's called even if the goroutine panics. PiperOrigin-RevId: 228623307 Change-Id: I1b0459e7999606c1a1a271b16092b1ca87005015
2019-01-09Fix lock order violation.Nicolas Lacasse
overlayFileOperations.Readdir was holding overlay.copyMu while calling DirentReaddir, which then attempts to take take the corresponding Dirent.mu, causing a lock order violation. (See lock order documentation in fs/copy_up.go.) We only actually need to hold copyMu during readdirEntries(), so holding the lock is moved in there, thus avoiding the lock order violation. A new lock was added to protect overlayFileOperations.dirCache. We were inadvertently relying on copyMu to protect this. There is no reason it should not have its own lock. PiperOrigin-RevId: 228542473 Change-Id: I03c3a368c8cbc0b5a79d50cc486fc94adaddc1c2
2019-01-08Allow MSG_OOB and MSG_DONTROUTE to be no-ops on recvmsg(2).Brian Geffon
PiperOrigin-RevId: 228428223 Change-Id: I433ba5ffc15ea4c2706ec944901b8269b1f364f8
2019-01-08Improve loader related error messages returned to users.Brian Geffon
PiperOrigin-RevId: 228382827 Change-Id: Ica1d30e0df826bdd77f180a5092b2b735ea5c804
2019-01-08Grant no initial capabilities to non-root UIDs.Jamie Liu
See modified comment in auth.NewUserCredentials(); compare to the behavior of setresuid(2) as implemented by //pkg/sentry/kernel/task_identity.go:kernel.Task.setKUIDsUncheckedLocked(). PiperOrigin-RevId: 228381765 Change-Id: I45238777c8f63fcf41b99fce3969caaf682fe408
2019-01-07Add usermem support for arm64 platform.Jamie Liu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> PiperOrigin-RevId: 228249611 Change-Id: I1046e70bec4274f18b9948eefd6b0d546e4c48bb
2019-01-07Implement /proc/[pid]/smaps.Jamie Liu
PiperOrigin-RevId: 228245523 Change-Id: I5a4d0a6570b93958e51437e917e5331d83e23a7e
2019-01-02Add /proc/net/psched contentFabricio Voznika
FIO reads this file and expects it to be well formed. PiperOrigin-RevId: 227554483 Change-Id: Ia48ae2377626dd6a2daf17b5b4f5119f90ece55b
2018-12-28Implement SO_REUSEPORT for TCP and UDP socketsAndrei Vagin
This option allows multiple sockets to be bound to the same port. Incoming packets are distributed to sockets using a hash based on source and destination addresses. This means that all packets from one sender will be received by the same server socket. PiperOrigin-RevId: 227153413 Change-Id: I59b6edda9c2209d5b8968671e9129adb675920cf
2018-12-27Fix deadlock between epoll_wait and getdentsFabricio Voznika
epoll_wait acquires EventPoll.listsMu (in EventPoll.ReadEvents) and then calls Inotify.Readiness which tries to acquire Inotify.evMu. getdents acquires Inotify.evMu (in Inotify.queueEvent) and then calls readyCallback.Callback which tries to acquire EventPoll.listsMu. The fix is to release Inotify.evMu before calling Queue.Notify. Queue is thread-safe and doesn't require Inotify.evMu to be held. Closes #121 PiperOrigin-RevId: 227066695 Change-Id: Id29364bb940d1727f33a5dff9a3c52f390c15761
2018-12-26Plumb IP_MULTICAST_TTL to netstack.Ian Gudger
PiperOrigin-RevId: 226993086 Change-Id: I71757f231436538081d494da32ca69f709bc71c7
2018-12-26Add EventChannel messages for uncaught signals.Brian Geffon
PiperOrigin-RevId: 226936778 Change-Id: I2a6dda157c55d39d81e1b543ab11a58a0bfe5c05
2018-12-21Stub out SO_OOBINLINE.Ian Gudger
We don't explicitly support out-of-band data and treat it like normal in-band data. This is equilivent to SO_OOBINLINE being enabled, so always report that it is enabled. PiperOrigin-RevId: 226572742 Change-Id: I4c30ccb83265e76c30dea631cbf86822e6ee1c1b
2018-12-21Implement SO_KEEPALIVE, TCP_KEEPIDLE, and TCP_KEEPINTVL.Ian Gudger
Within gVisor, plumb new socket options to netstack. Within netstack, fix GetSockOpt and SetSockOpt return value logic. PiperOrigin-RevId: 226532229 Change-Id: If40734e119eed633335f40b4c26facbebc791c74
2018-12-21inotify notifies watchers when control events bit are setFabricio Voznika
The code that matches the event being published with events watchers was wronly matching all watchers in case any of the control event bits were set. Issue #121 PiperOrigin-RevId: 226521230 Change-Id: Ie2c42bc4366faaf59fbf80a74e9297499bd93f9e
2018-12-21Automated rollback of changelist 226224230Jamie Liu
PiperOrigin-RevId: 226493053 Change-Id: Ia98d1cb6dd0682049e4d907ef69619831de5c34a
2018-12-20Deflake gofer_test.Nicolas Lacasse
We must wait for all lazy resources to be released before closing the rootFile. PiperOrigin-RevId: 226419499 Change-Id: I1d4d961a92b3816e02690cf3eaf0a88944d730cc
2018-12-20Make read and write respect SO_RCVTIMEO and SO_SNDTIMEOIan Gudger
PiperOrigin-RevId: 226387521 Change-Id: I0579ab262320fde6c72d2994dd38437f01a99ea5
2018-12-20Rename limits.MemoryPagesLocked to limits.MemoryLocked.Jamie Liu
"RLIMIT_MEMLOCK: This is the maximum number of bytes of memory that may be locked into RAM." - getrlimit(2) PiperOrigin-RevId: 226384346 Change-Id: Iefac4a1bb69f7714dc813b5b871226a8344dc800
2018-12-19Automated rollback of changelist 225861605Googler
PiperOrigin-RevId: 226224230 Change-Id: Id24c7d3733722fd41d5fe74ef64e0ce8c68f0b12
2018-12-19Implement pwritev2.Zach Koopmans
Implement pwritev2 and associated unit tests. Clean up preadv2 unit tests. Tag RWF_ flags in both preadv2 and pwritev2 with associated bug tickets. PiperOrigin-RevId: 226222119 Change-Id: Ieb22672418812894ba114bbc88e67f1dd50de620
2018-12-18Fix mremap expansion with mm.checkInvariants = true.Jamie Liu
Also remove useless RSS changes in mm.movePMAsLocked(). PiperOrigin-RevId: 226052996 Change-Id: If59fd259b93238fb2f15c1c8ebfeda14cb590a87
2018-12-18Truncate ar before calling mm.breakCopyOnWriteLocked().Jamie Liu
... as required by the latter's precondition. PiperOrigin-RevId: 226033824 Change-Id: I6bc46d0e100c61cc58cb5fc69e70c4ca905cd92d
2018-12-18Add BPFAction type with StringerFabricio Voznika
PiperOrigin-RevId: 226018694 Change-Id: I98965e26fe565f37e98e5df5f997363ab273c91b
2018-12-17Fix recv blocking for connectionless Unix sockets.Ian Gudger
Connectionless Unix sockets (DGRAM Unix sockets created with the socket system call) inherently only have a read queue. They do not establish bidirectional connections, instead, the connect system call only sets a default send location. Writes give the data to the other endpoint which has its own read queue. To simplify the code, connectionless Unix sockets still get read and write queues, but the write queue is a dummy and never waited on. The read queue is the connectionless endpoint's queue. This change fixes a bug where the dummy queue was incorrectly set as the read queue and the endpoint's queue was incorrectly set as the write queue. This meant that read notifications went to the dummy queue and were black holed. PiperOrigin-RevId: 225921042 Change-Id: I8d9059def787a2c3c305185b92d05093fbd2be2a
2018-12-17overlayBoundEndpoint must be recursive if there is an overlay in the lower.Nicolas Lacasse
The old overlayBoundEndpoint assumed that the lower is not an overlay. It should check if the lower is an overlay and handle that case. PiperOrigin-RevId: 225882303 Change-Id: I60660c587d91db2826e0719da0983ec8ad024cb8
2018-12-17Implement mlock(), kind of.Jamie Liu
Currently mlock() and friends do nothing whatsoever. However, mlocking is directly application-visible in a number of ways; for example, madvise(MADV_DONTNEED) and msync(MS_INVALIDATE) both fail on mlocked regions. We handle this inconsistently: MADV_DONTNEED is too important to not work, but MS_INVALIDATE is rejected. Change MM to track mlocked regions in a manner consistent with Linux. It still will not actually pin pages into host physical memory, but: - mlock() will now cause sentry memory management to precommit mlocked pages. - MADV_DONTNEED and MS_INVALIDATE will interact with mlocked pages as described above. PiperOrigin-RevId: 225861605 Change-Id: Iee187204979ac9a4d15d0e037c152c0902c8d0ee
2018-12-14Move fdnotifier package to reduce internal confusion.Adin Scannell
PiperOrigin-RevId: 225632398 Change-Id: I909e7e2925aa369adc28e844c284d9a6108e85ce
2018-12-14Mark sync.Mutex in TTYFileOperations as nosaveAndrei Vagin
PiperOrigin-RevId: 225621767 Change-Id: Ie3a42cdf0b0de22a020ff43e307bf86409cff329
2018-12-14Implement SO_SNDTIMEOIan Gudger
PiperOrigin-RevId: 225620490 Change-Id: Ia726107b3f58093a5f881634f90b071b32d2c269
2018-12-13Fix WAITALL and RCVTIMEO interactionIan Gudger
PiperOrigin-RevId: 225424296 Change-Id: I60fcc2b859339dca9963cb32227a287e719ab765
2018-12-12Filesystems shouldn't be saving references to Platform.Rahat Mahmood
Platform objects are not savable, storing references to them in filesystem datastructures would cause save to fail if someone actually passed in a Platform. Current implementations work because everywhere a Platform is expected, we currently pass in a Kernel object which embeds Platform and thus satisfies the interface. Eliminate this indirection and save pointers to Kernel directly. PiperOrigin-RevId: 225288336 Change-Id: Ica399ff43f425e15bc150a0d7102196c3d54a2ab
2018-12-12Fix a data race on Shm.key.Rahat Mahmood
PiperOrigin-RevId: 225240907 Change-Id: Ie568ce3cd643f3e4a0eaa0444f4ed589dcf6031f
2018-12-12Pass information about map writableness to filesystems.Rahat Mahmood
This is necessary to implement file seals for memfds. PiperOrigin-RevId: 225239394 Change-Id: Ib3f1ab31385afc4b24e96cd81a05ef1bebbcbb70
2018-12-11Format unshare flagsMichael Pratt
unshare actually takes a subset of clone flags, but has no unique flags, so formatting as clone flags is close enough. PiperOrigin-RevId: 225082774 Change-Id: I5b580f18607c7785f323e37809094115520a17c0
2018-12-11Remove unused envv variable from two funcs.Christopher Koch
PiperOrigin-RevId: 225041520 Change-Id: Ib1afc693e592d308d60db82022c5b7743fd3c646
2018-12-10Add safecopy support for arm64 platform.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I565214581eeb44045169da7f44d45a489082ac3a PiperOrigin-RevId: 224938170
2018-12-10Implement MSG_WAITALLIan Gudger
MSG_WAITALL requests that recv family calls do not perform short reads. It only has an effect for SOCK_STREAM sockets, other types ignore it. PiperOrigin-RevId: 224918540 Change-Id: Id97fbf972f1f7cbd4e08eec0138f8cbdf1c94fe7
2018-12-10Add type safety to shm ids and keys.Rahat Mahmood
PiperOrigin-RevId: 224864380 Change-Id: I49542279ad56bf15ba462d3de1ef2b157b31830a
2018-12-10Validate FS_BASE in Task.CloneMichael Pratt
arch_prctl already verified that the new FS_BASE was canonical, but Task.Clone did not. Centralize these checks in the arch packages. Failure to validate could cause an error in PTRACE_SET_REGS when we try to switch to the app. PiperOrigin-RevId: 224862398 Change-Id: Iefe63b3f9aa6c4810326b8936e501be3ec407f14