summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry
AgeCommit message (Collapse)Author
2020-11-13Have fuse.DeviceFD hold reference on fuse.filesystem.Jamie Liu
This is actually just b/168751672 again; cl/332394146 was incorrectly reverted by cl/341411151. Document the reference holder to reduce the likelihood that this happens again. Also document a few other bugs observed in the process. PiperOrigin-RevId: 342339144
2020-11-13fs/tmpfs: change regularFile.size atomicallyAndrei Vagin
PiperOrigin-RevId: 342221309
2020-11-13fs/tmpfs: use atomic operations to access inode.modeAndrei Vagin
PiperOrigin-RevId: 342214859
2020-11-12Refactor SOL_SOCKET optionsNayana Bidari
Store all the socket level options in a struct and call {Get/Set}SockOpt on this struct. This will avoid implementing socket level options on all endpoints. This CL contains implementing one socket level option for tcp and udp endpoints. PiperOrigin-RevId: 342203981
2020-11-12Fix misuses of kernel.Task as context.Context.Jamie Liu
kernel.Task can only be used as context.Context by that Task's task goroutine. This is violated in at least two places: - In any case where one thread accesses the /proc/[tid] of any other thread, passing the kernel.Task for [tid] as the context.Context is incorrect. - Task.rebuildTraceContext() may be called by Kernel.RebuildTraceContexts() outside the scope of any task goroutine. Fix these (as well as a data race on Task.traceContext discovered during the course of finding the latter). PiperOrigin-RevId: 342174404
2020-11-12Add children names into verity hashChong Cai
children names map can be used to verify whether a child is expected during walking, so that we can detect unexpected modifications that deleted/renamed both the target file and the corresponding merkle tree file. PiperOrigin-RevId: 342170715
2020-11-12Rename kernel.TaskContext to kernel.TaskImage.Jamie Liu
This reduces confusion with context.Context (which is also relevant to kernel.Tasks) and is consistent with existing function kernel.LoadTaskImage(). PiperOrigin-RevId: 342167298
2020-11-12Filter dentries with non-zero refs in VFS2 gofer/overlay checks.Jamie Liu
PiperOrigin-RevId: 342161204
2020-11-11Read fsimpl/tmpfs timestamps atomically.Jamie Liu
PiperOrigin-RevId: 341982672
2020-11-09Print a debug message if /sys/kernel/debug/kcov is availableAndrei Vagin
This will help to debug: https://syzkaller.appspot.com/bug?id=0d717bd7028dceeb4b38f09aab2841c398b41d81 PiperOrigin-RevId: 341458715
2020-11-09Merge pull request #4683 from lemin9538:lemin_fpsmid_fixgVisor bot
PiperOrigin-RevId: 341445910
2020-11-09Initialize references with a value of 1.Dean Deng
This lets us avoid treating a value of 0 as one reference. All references using the refsvfs2 template must call InitRefs() before the reference is incremented/decremented, or else a panic will occur. Therefore, it should be pretty easy to identify missing InitRef calls during testing. Updates #1486. PiperOrigin-RevId: 341411151
2020-11-06Allow VFS2 gofer.dentries to have separate read and write FDs.Jamie Liu
This is necessary to allow writes to files opened with O_WRONLY to go through host FDs. PiperOrigin-RevId: 341174509
2020-11-06[vfs] Return EEXIST when file already exists and rp.MustBeDir() is true.Ayush Ranjan
This is consistent with what Linux does. This was causing a PHP runtime test failure. Fixed it for VFS2. PiperOrigin-RevId: 341155209
2020-11-06Implement command GETNCNT for semctl.Jing Chen
PiperOrigin-RevId: 341154192
2020-11-06[vfs] overlayfs: Do not unlink non-existing whiteout during file creation.Ayush Ranjan
We can reuse information about whether a whiteout exists on a given file path from stepLocked when creating a file at that path. This helps save an Unlink call to the upper filesystem if the whiteout does NOT exist (common case). Plumbs this information from lookupLocked() -> getChildLocked() -> stepLocked(). This also helped save a Lookup in RenameAt(). Fixes #1199 PiperOrigin-RevId: 341105351
2020-11-06Avoid extra DecRef on kernfs root for "kept" dentries.Dean Deng
The root dentry was not created through Inode.Lookup, so we should not release a reference even if inode.Keep() is true. PiperOrigin-RevId: 341103220
2020-11-06Fix infinite loop when splicing to pipes/eventfds.Nicolas Lacasse
Writes to pipes of size < PIPE_BUF are guaranteed to be atomic, so writes larger than that will return EAGAIN if the pipe has capacity < PIPE_BUF. Writes to eventfds will return EAGAIN if the write would cause the eventfd value to go over the max. In both such cases, calling Ready() on the FD will return true (because it is possible to write), but specific kinds of writes will in fact return EAGAIN. This CL fixes an infinite loop in splice and sendfile (VFS1 and VFS2) by forcing skipping the readiness check for the outfile in send, splice, and tee. PiperOrigin-RevId: 341102260
2020-11-06Cap iovec array length in //pkg/sentry/hostfd.Jamie Liu
PiperOrigin-RevId: 341001328
2020-11-03Fix more nogo testsTing-Yu Wang
PiperOrigin-RevId: 340536306
2020-11-03[vfs2] Do not drop inotify waiters across S/R.Dean Deng
The waits-for relationship between an epoll instance and an inotify fd should be restored. This fixes flaky inotify vfs2 tests. PiperOrigin-RevId: 340531367
2020-11-03Make pipe min/max sizes match linux.Nicolas Lacasse
The default pipe size already matched linux, and is unchanged. Furthermore `atomicIOBytes` is made a proper constant (as it is in Linux). We were plumbing usermem.PageSize everywhere, so this is no functional change. PiperOrigin-RevId: 340497006
2020-11-03Merge pull request #3617 from laijs:upperhalfgVisor bot
PiperOrigin-RevId: 340484823
2020-11-03arm64 kvm: inject sError to trigger sigbuslubinszARM
Use an sErr injection to trigger sigbus when we receive EFAULT from the run ioctl. After applying this patch, mmap_test_runsc_kvm will be passed on Arm64. Signed-off-by: Bin Lu <bin.lu@arm.com> COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/4542 from lubinszARM:pr_kvm_mmap_1 f81bd42466d1d60a581e5fb34de18b78878c68c1 PiperOrigin-RevId: 340461239
2020-11-02Implement command GETZCNT for semctl.Jing Chen
PiperOrigin-RevId: 340389884
2020-11-02[vfs2] Refactor kernfs checkCreateLocked.Dean Deng
Don't return the filename, since it can already be determined by the caller. This was causing a panic in RenameAt, which relied on the name to be nonempty even if the error was EEXIST. Reported-by: syzbot+e9f117d000301e42361f@syzkaller.appspotmail.com PiperOrigin-RevId: 340381946
2020-11-02Pass hashing algorithms in verity fs optsChong Cai
PiperOrigin-RevId: 340275942
2020-11-03kvm: share upper halves among all pagtablesLai Jiangshan
Fixes: #509 Signed-off-by: Lai Jiangshan <jiangshan.ljs@antfin.com> Signed-off-by: Lai Jiangshan <laijs@linux.alibaba.com>
2020-11-01Fix returned error when deleting non-existant addressIan Lewis
PiperOrigin-RevId: 340149214
2020-10-30Adjust error handling in kernfs rename.Dean Deng
Read-only directories (e.g. under /sys, /proc) should return EPERM for rename. PiperOrigin-RevId: 339979022
2020-10-30Fix rename error handling for VFS2 kernfs.Dean Deng
The non-errno error was causing panics before. PiperOrigin-RevId: 339969348
2020-10-30Separate kernel.Task.AsCopyContext() into CopyContext() and OwnCopyContext().Jamie Liu
kernel.copyContext{t} cannot be used outside of t's task goroutine, for three reasons: - t.CopyScratchBuffer() is task-goroutine-local. - Calling t.MemoryManager() without running on t's task goroutine or locking t.mu violates t.MemoryManager()'s preconditions. - kernel.copyContext passes t as context.Context to MM IO methods, which is illegal outside of t's task goroutine (cf. kernel.Task.Value()). Fix this by splitting AsCopyContext() into CopyContext() (which takes an explicit context.Context and is usable outside of the task goroutine) and OwnCopyContext() (which uses t as context.Context, but is only usable by t's task goroutine). PiperOrigin-RevId: 339933809
2020-10-30Merge pull request #4564 from zhlhahaha:1981gVisor bot
PiperOrigin-RevId: 339921446
2020-10-29Make RedirectTarget thread safeKevin Krakauer
Fixes #4613. PiperOrigin-RevId: 339746784
2020-10-29Keep magic constants out of netstackKevin Krakauer
PiperOrigin-RevId: 339721152
2020-10-29arm64: fix the fpsmid context save/restore issueMin Le
current when save fpsmid register is using following instruction: # FMOVD Fx, 16*1(R0) this instruction will compiled to: # str Dx, [x0, #16] Dx is 64bit fp register not 128bit, then upper 64bit data will be lossed, this will cause application meet many random crash issue. need use 128bit register Vx or Q0 to save and restore the fpsmid context. Signed-off-by: Min Le <lemin.lm@antgroup.com>
2020-10-28Add leak checking for kernfs.Dentry.Dean Deng
Updates #1486. PiperOrigin-RevId: 339581879
2020-10-28Add logging option to leak checker.Dean Deng
Also refactor the template and CheckedObject interface to make this cleaner. Updates #1486. PiperOrigin-RevId: 339577120
2020-10-28Merge pull request #4630 from lemin9538:lemin_arm64_devgVisor bot
PiperOrigin-RevId: 339540747
2020-10-28Invalidate overlay.dentry.dirents during open() file creation.Jamie Liu
Updates #1199 PiperOrigin-RevId: 339528827
2020-10-28[vfs] Refactor hostfs mmap into kernfs util.Ayush Ranjan
PiperOrigin-RevId: 339505487
2020-10-27Merge pull request #4598 from lubinszARM:pr_kvm_precise_syncgVisor bot
PiperOrigin-RevId: 339404936
2020-10-28arm64: need to restore the sentry's TLS when in EL1Min Le
Signed-off-by: Min Le <lemin.lm@antgroup.com>
2020-10-27Add SHA512 to merkle tree libraryChong Cai
PiperOrigin-RevId: 339377254
2020-10-27Implement /proc/[pid]/memLennart
This PR implements /proc/[pid]/mem for `pkg/sentry/fs` (refer to #2716) and `pkg/sentry/fsimpl`. @majek COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/4060 from lnsp:proc-pid-mem 2caf9021254646f441be618a9bb5528610e44d43 PiperOrigin-RevId: 339369629
2020-10-27Assign VFS2 overlay device numbers based on layer device numbers.Jamie Liu
In VFS1's overlayfs, files use the device and inode number of the lower layer inode if one exists, and the upper layer inode otherwise. The former behavior is inefficient (requiring lower layer lookups even if the file exists and is otherwise wholly determined by the upper layer), and somewhat dangerous if the lower layer is also observable (since both the overlay and lower layer file will have the same device and inode numbers and thus appear to be the same file, despite being behaviorally different). VFS2 overlayfs imitates Linux overlayfs (in its default configuration) instead; it always uses the inode number from the originating layer, but synthesizes a unique device number for directories and another device number for non-directory files that have not been copied-up. As it turns out, the latter is insufficient (in VFS2, and possibly Linux as well), because a given layer may include files with different device numbers. If two distinct files on such a layer have device number X and Y respectively, but share inode number Z, then the overlay will map both files to some private device number X' and inode number Z, potentially confusing applications. Fix this by assigning synthetic device numbers based on the lower layer's device number, rather than the lower layer's vfs.Filesystem. PiperOrigin-RevId: 339300341
2020-10-27Add basic address deletion to netlinkIan Lewis
Updates #3921 PiperOrigin-RevId: 339195417
2020-10-26Implement command IPC_STAT for semctl.Jing Chen
PiperOrigin-RevId: 339166854
2020-10-26Add verity tests for deleted/renamed casesChong Cai
Also change verity test to use a context with an active task. This is required to delete/rename the file in the underlying file system. PiperOrigin-RevId: 339146445
2020-10-26[vfs] kernfs: Implement LRU cache for kernfs dentries.Ayush Ranjan
Much like the VFS2 gofer client, kernfs too now caches dentries. The size of the LRU cache is configurable via mount options. Have adopted the same reference semantics from gofer client dentry. Only sysfs and procfs use this LRU cache. The rest of the kernfs users (devpts, fusefs, host, pipefs, sockfs) still use the no cache approach. PiperOrigin-RevId: 339139835