| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-05-12 | Merge release-20200422.0-293-g725afc6 (automated) | gVisor bot | |
| 2020-05-12 | Merge pull request #2678 from nybidari:iptables | gVisor bot | |
| PiperOrigin-RevId: 311203776 | |||
| 2020-05-12 | Merge release-20200422.0-291-g7b691ab (automated) | gVisor bot | |
| 2020-05-12 | Don't allow rename across different gofer or tmpfs mounts. | Nicolas Lacasse | |
| Fixes #2651. PiperOrigin-RevId: 311193661 | |||
| 2020-05-12 | Merge release-20200422.0-74-g6a4466a (automated) | gVisor bot | |
| 2020-05-12 | Merge pull request #2671 from kevinGC:skip-output | gVisor bot | |
| PiperOrigin-RevId: 311181084 | |||
| 2020-05-12 | Merge release-20200422.0-72-g8dd1d5b (automated) | gVisor bot | |
| 2020-05-12 | Don't call kernel.Task.Block() from netstack.SocketOperations.Write(). | Jamie Liu | |
| kernel.Task.Block() requires that the caller is running on the task goroutine. netstack.SocketOperations.Write() uses kernel.TaskFromContext() to call kernel.Task.Block() even if it's not running on the task goroutine. Stop doing that. PiperOrigin-RevId: 311178335 | |||
| 2020-05-12 | iptables: support gid match for owner matching. | Nayana Bidari | |
| - Added support for matching gid owner and invert flag for uid and gid. $ iptables -A OUTPUT -p tcp -m owner --gid-owner root -j ACCEPT $ iptables -A OUTPUT -p tcp -m owner ! --uid-owner root -j ACCEPT $ iptables -A OUTPUT -p tcp -m owner ! --gid-owner root -j DROP - Added tests for uid, gid and invert flags. | |||
| 2020-05-12 | Merge release-20200422.0-71-g06ded1c (automated) | gVisor bot | |
| 2020-05-12 | Merge pull request #2664 from lubinszARM:pr_sigfp | gVisor bot | |
| PiperOrigin-RevId: 311153824 | |||
| 2020-05-12 | Merge release-20200422.0-69-g94251ae (automated) | gVisor bot | |
| 2020-05-11 | Internal change. | Jamie Liu | |
| PiperOrigin-RevId: 311046755 | |||
| 2020-05-11 | iptables: check for truly unconditional rules | Kevin Krakauer | |
| We weren't properly checking whether the inserted default rule was unconditional. | |||
| 2020-05-11 | Add fpsimd support in sigreturn on Arm64 | Bin Lu | |
| Signed-off-by: Bin Lu <bin.lu@arm.com> | |||
| 2020-05-11 | Merge release-20200422.0-68-g15de8cc (automated) | gVisor bot | |
| 2020-05-11 | Add fsimpl/gofer.InternalFilesystemOptions.OpenSocketsByConnecting. | Jamie Liu | |
| PiperOrigin-RevId: 311014995 | |||
| 2020-05-11 | Merge release-20200422.0-62-gc52195d (automated) | gVisor bot | |
| 2020-05-10 | Stop avoiding preadv2 and pwritev2, and add them to the filters. | Nicolas Lacasse | |
| Some code paths needed these syscalls anyways, so they should be included in the filters. Given that we depend on these syscalls in some cases, there's no real reason to avoid them any more. PiperOrigin-RevId: 310829126 | |||
| 2020-05-08 | Merge release-20200422.0-61-gcfd3066 (automated) | gVisor bot | |
| 2020-05-08 | iptables - filter packets using outgoing interface. | gVisor bot | |
| Enables commands with -o (--out-interface) for iptables rules. $ iptables -A OUTPUT -o eth0 -j ACCEPT PiperOrigin-RevId: 310642286 | |||
| 2020-05-08 | Merge release-20200422.0-59-g21b7139 (automated) | gVisor bot | |
| 2020-05-08 | Pass flags to fsimpl/host.inode.open(). | Jamie Liu | |
| This has two effects: It makes flags passed to open("/proc/[pid]/fd/[hostfd]") effective, and it prevents imported pipes/sockets/character devices from being opened with O_NONBLOCK unconditionally (because the underlying host FD was set to non-blocking in ImportFD()). PiperOrigin-RevId: 310596062 | |||
| 2020-05-07 | Merge release-20200422.0-55-g5536073 (automated) | gVisor bot | |
| 2020-05-07 | Fix ARM64 build. | Adin Scannell | |
| The common syscall definitions mean that ARM64-exclusive files need stubs in the ARM64 build. PiperOrigin-RevId: 310446698 | |||
| 2020-05-07 | Merge release-20200422.0-52-g9115f26 (automated) | gVisor bot | |
| 2020-05-07 | Allocate device numbers for VFS2 filesystems. | Jamie Liu | |
| Updates #1197, #1198, #1672 PiperOrigin-RevId: 310432006 | |||
| 2020-05-07 | Merge release-20200422.0-51-g1f4087e (automated) | gVisor bot | |
| 2020-05-07 | Merge release-20200422.0-49-gd0b1d02 (automated) | gVisor bot | |
| 2020-05-07 | Move pkg/sentry/vfs/{eventfd,timerfd} to new packages in pkg/sentry/fsimpl. | Nicolas Lacasse | |
| They don't depend on anything in VFS2, so they should be their own packages. PiperOrigin-RevId: 310416807 | |||
| 2020-05-07 | Merge release-20200422.0-47-g26c60d7 (automated) | gVisor bot | |
| 2020-05-07 | Port signalfd to vfs2. | Nicolas Lacasse | |
| PiperOrigin-RevId: 310404113 | |||
| 2020-05-07 | Merge release-20200422.0-45-g16da7e7 (automated) | gVisor bot | |
| 2020-05-07 | Update privateunixsocket TODOs. | Dean Deng | |
| Synthetic sockets do not have the race condition issue in VFS2, and we will get rid of privateunixsocket as well. Fixes #1200. PiperOrigin-RevId: 310386474 | |||
| 2020-05-07 | Merge release-20200422.0-42-ge0089a2 (automated) | gVisor bot | |
| 2020-05-07 | Remove outdated TODO for VFS2 AccessAt. | Dean Deng | |
| Fixes #1965. PiperOrigin-RevId: 310380433 | |||
| 2020-05-07 | Merge release-20200422.0-41-gfeece24 (automated) | gVisor bot | |
| 2020-05-06 | Merge pull request #2570 from lubinszARM:pr_clean | gVisor bot | |
| PiperOrigin-RevId: 310259686 | |||
| 2020-05-06 | Merge release-20200422.0-39-g7cd54c1 (automated) | gVisor bot | |
| 2020-05-06 | Remove vfs.FileDescriptionOptions.InvalidWrite. | Jamie Liu | |
| Compare: https://elixir.bootlin.com/linux/v5.6/source/fs/timerfd.c#L431 PiperOrigin-RevId: 310246908 | |||
| 2020-05-06 | Merge release-20200422.0-37-g279f1eb (automated) | gVisor bot | |
| 2020-05-06 | Fix runsc syscall documentation generation. | Adin Scannell | |
| We can register any number of tables with any number of architectures, and need not limit the definitions to the architecture in question. This allows runsc to generate documentation for all architectures simultaneously. Similarly, this simplifies the VFSv2 patching process. PiperOrigin-RevId: 310224827 | |||
| 2020-05-06 | Merge release-20200422.0-34-g591ff0e (automated) | gVisor bot | |
| 2020-05-06 | Add maximum memory limit. | Nicolas Lacasse | |
| PiperOrigin-RevId: 310179277 | |||
| 2020-05-06 | Merge release-20200422.0-33-g8416da3 (automated) | gVisor bot | |
| 2020-05-05 | Internal change. | gVisor bot | |
| PiperOrigin-RevId: 310057834 | |||
| 2020-05-05 | Merge release-20200422.0-29-gfaf89dd (automated) | gVisor bot | |
| 2020-05-05 | Update vfs2 socket TODOs. | Dean Deng | |
| Three updates: - Mark all vfs2 socket syscalls as supported. - Use the same dev number and ino number generator for all types of sockets, unlike in VFS1. - Do not use host fd for hostinet metadata. Fixes #1476, #1478, #1484, 1485, #2017. PiperOrigin-RevId: 309994579 | |||
| 2020-05-05 | Merge release-20200422.0-28-ga6dbf95 (automated) | gVisor bot | |
| 2020-05-05 | Update comments for synthetic gofer files in vfs2. | Dean Deng | |
| PiperOrigin-RevId: 309966538 | |||
 |
index : gvisor | |
| Container Runtime Sandbox |
| summaryrefslogtreecommitdiffhomepage |