summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry
AgeCommit message (Collapse)Author
2019-12-23Replace syscall.PTRACE_SYSEMU with unix.PTRACE_SYSEMUHaibo Xu
Linux PTRACE_SYSEMU support on arm64 was merged to mainline from V5.3, and the corresponding support in go also enabled recently. Since the "syscall" package is locked down from go 1.4, so the ptrace PTRACE_SYSEMU definition can't be added to package "syscall" on arm64. According to the golang community, updates required by new systems or versions should use the corresponding package in the golang.org/x/sys repository instead(https://golang.org/pkg/syscall/). Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I2f917bb2be62f990c3e158e2bb99e094ea03f751
2019-12-20Add vfs.ResolvingPath.HandleJump().Jamie Liu
PiperOrigin-RevId: 286666533
2019-12-20Add vfs.Dentry.Children().Jamie Liu
PiperOrigin-RevId: 286660774
2019-12-20Move VFS2 file description status flags to vfs.FileDescription.Jamie Liu
PiperOrigin-RevId: 286616668
2019-12-20Check for valid nfds before copying in an fd set.Dean Deng
Otherwise, CopyInFDSet will try to allocate a negative-length slice. PiperOrigin-RevId: 286584907
2019-12-19futex: wake one waiter if futex_wake is called with a non-positive valueAndrei Vagin
This change is needed to be compatible with the Linux kernel. There is no glibc wrapper for the futex system call, so it is easy to make a mistake and call syscall(__NR_futex, FUTEX_WAKE, addr) without the fourth argument. This works on Linux, because it wakes one waiter even if val is nonpositive. PiperOrigin-RevId: 286494396
2019-12-19Make masterInodeOperations.Truncate take a pointer receiver.Nicolas Lacasse
Otherwise a copy happens, which triggers a data race when reading masterInodeOperations.SimpleFileOperations.uattr, which must be accessed with a lock held. PiperOrigin-RevId: 286464473
2019-12-18Merge pull request #890 from lubinszARM:pr_phyapgVisor bot
PiperOrigin-RevId: 286299056
2019-12-18Add VFS2 plumbing for extended attributes.Jamie Liu
PiperOrigin-RevId: 286281274
2019-12-18Merge pull request #1322 from lubinszARM:pr_vfp_ring0gVisor bot
PiperOrigin-RevId: 286259750
2019-12-18Add Mems_allowed to /proc/PID/statusMichael Pratt
PiperOrigin-RevId: 286248378
2019-12-18supporting lazy-fpsimd in guest on Arm64Bin Lu
Several jobs were finished in this patch: 1, provide functions to get/set fpcr/fpsr/vregs 2, support lazy-fpsimd-context-switch in el1 Signed-off-by: Bin Lu <bin.lu@arm.com>
2019-12-17Mark enableCpuidFault nosplitMichael Pratt
This is called after fork, so it must be nosplit. Updates #1408 PiperOrigin-RevId: 286053054
2019-12-17Merge pull request #1394 from zhuangel:bindlockgVisor bot
PiperOrigin-RevId: 286051631
2019-12-17Merge pull request #1321 from lubinszARM:pr_testutils_vfpgVisor bot
PiperOrigin-RevId: 286042427
2019-12-16Merge pull request #1392 from zhuangel:bindleakgVisor bot
PiperOrigin-RevId: 285874181
2019-12-16Drop unnecessary cast.Dean Deng
Bitshift operators with signed int is supported in Go 1.13. PiperOrigin-RevId: 285853622
2019-12-16Implement checks for get/setxattr at the syscall layer.Dean Deng
Add checks for input arguments, file type, permissions, etc. that match the Linux implementation. A call to get/setxattr that passes all the checks will still currently return EOPNOTSUPP. Actual support will be added in following commits. Only allow user.* extended attributes for the time being. PiperOrigin-RevId: 285835159
2019-12-16Fix deadlock in overlay bindYong He
Copy up parent when binding UDS on overlayfs is supported in commit 02ab1f187cd24c67b754b004229421d189cee264. But the using of copyUp in overlayBind will cause sentry stuck, reason is dead lock in renameMu. 1 [Process A] Invoke a Unix socket bind operation renameMu is hold in fs.(*Dirent).genericCreate by process A 2 [Process B] Invoke a read syscall on /proc/task/mounts waitng on Lock of renameMu in fs.(*MountNamespace).FindMount 3 [Process A] Continue Unix socket bind operation wating on RLock of renameMu in fs.copyUp Root cause is recursive reading lock of reanmeMu in bind call trace, if there are writing lock between the two reading lock, then deadlock occured. Fixes #1397
2019-12-16Fix UDS bind cause fd leak in goferYong He
After the finalizer optimize in 76039f895995c3fe0deef5958f843868685ecc38 commit, clientFile needs to closed before finalizer release it. The clientFile is not closed if it is created via gofer.(*inodeOperations).Bind, this will cause fd leak which is hold by gofer process. Fixes #1396 Signed-off-by: Yong He <chenglang.hy@antfin.com> Signed-off-by: Jianfeng Tan <henry.tjf@antfin.com>
2019-12-13enable kvm to support arm64lubinszARM
There are 4 jobs were finished in this package: 1, Virtual machine initialization. 2, Bluepill implementation. 3, Move ring0.Vectors() into the address with 11-bits alignment. 4, Basic support for "SwitchToUser". Signed-off-by: Bin Lu <bin.lu@arm.com> COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/919 from lubinszARM:pr_kvm eedea52db451bf62722759009a9f14c54a69c55f PiperOrigin-RevId: 285501256
2019-12-12Implement memmap.MappingIdentity for vfs.FileDescription.Jamie Liu
PiperOrigin-RevId: 285255855
2019-12-12Implement kernfs.Rahat Mahmood
PiperOrigin-RevId: 285231002
2019-12-12unix: allow to bind unix sockets only to AF_UNIX addressesAndrei Vagin
Reported-by: syzbot+2c0bcfd87fb4e8b7b009@syzkaller.appspotmail.com PiperOrigin-RevId: 285228312
2019-12-11Add support for TCP_USER_TIMEOUT option.Bhasker Hariharan
The implementation follows the linux behavior where specifying a TCP_USER_TIMEOUT will cause the resend timer to honor the user specified timeout rather than the default rto based timeout. Further it alters when connections are timedout due to keepalive failures. It does not alter the behavior of when keepalives are sent. This is as per the linux behavior. PiperOrigin-RevId: 285099795
2019-12-11Add vfs.Pathname{WithDeleted,ForGetcwd}.Jamie Liu
The former is needed for vfs.FileDescription to implement memmap.MappingIdentity, and the latter is needed to implement getcwd(2). PiperOrigin-RevId: 285051855
2019-12-11Merge pull request #1248 from xiaobo55x:ptracegVisor bot
PiperOrigin-RevId: 285038987
2019-12-11runsc/debug: add an option to list all processesAndrei Vagin
runsc debug --ps list all processes with all threads. This option is added to the debug command but not to the ps command, because it is going to be used for debug purposes and we want to add any useful information without thinking about backward compatibility. This will help to investigate syzkaller issues. PiperOrigin-RevId: 285013668
2019-12-10Deduplicate and simplify control message processing for recvmsg and sendmsg.Dean Deng
Also, improve performance by calculating how much space is needed before making an allocation for sendmsg in hostinet. PiperOrigin-RevId: 284898581
2019-12-10Add most VFS methods for syscalls.Jamie Liu
PiperOrigin-RevId: 284892289
2019-12-10Format fd_set parameters in select(2)/pselect(2) for strace.Dean Deng
I1202 14:55:06.835076 7991 x:0] [ 1] select_test E select(0xa, 0x7fc6ce924c28 [0 1], null, null, 0x7fc6ce924c08 {sec=0 usec=0}) I1202 14:55:06.835102 7991 x:0] [ 1] select_test X select(0xa, 0x7fc6ce924c28 [0 1], null, null, 0x7fc6ce924c08 {sec=0 usec=0}) PiperOrigin-RevId: 284831805
2019-12-10Let socket.ControlMessages Release() the underlying transport.ControlMessages.Dean Deng
PiperOrigin-RevId: 284804370
2019-12-10Add all upstream syscalls to tablesMichael Pratt
Package strace is missing some syscalls we actually implement (e.g., getrandom). We also see newer syscalls sometimes (e.g., membarrier) that would be handy to have formatted. Let's go ahead and add all syscalls in the latest upstream release (v5.4), even though we only intend to implement v4.4. None of them are implemented, just included as placeholders. PiperOrigin-RevId: 284797577
2019-12-10Make comments clearer for control message handling.Dean Deng
PiperOrigin-RevId: 284791600
2019-12-09Redirect TODOs to gvisor.devFabricio Voznika
PiperOrigin-RevId: 284606233
2019-12-06Bump up Go 1.13 as minimum requirementFabricio Voznika
PiperOrigin-RevId: 284320186
2019-12-06Add TCP stats for connection close and keep-alive timeouts.Mithun Iyer
Fix bugs in updates to TCP CurrentEstablished stat. Fixes #1277 PiperOrigin-RevId: 284292459
2019-12-06Add runtime tracing.Adin Scannell
This adds meaningful annotations to the trace generated by the runtime/trace package. PiperOrigin-RevId: 284290115
2019-12-06Implement TTY field in control.Processes().Nicolas Lacasse
Threadgroups already know their TTY (if they have one), which now contains the TTY Index, and is returned in the Processes() call. PiperOrigin-RevId: 284263850
2019-12-06Document ELF PT_LOAD difference from LinuxMichael Pratt
PiperOrigin-RevId: 284191345
2019-12-05Implement F_GETOWN_EX and F_SETOWN_EX.Ian Gudger
Some versions of glibc will convert F_GETOWN fcntl(2) calls into F_GETOWN_EX in some cases. PiperOrigin-RevId: 284089373
2019-12-05Create correct file for /proc/[pid]/task/[tid]/ioZach Koopmans
PiperOrigin-RevId: 284038840
2019-12-05Add vfs.CheckSetStat() and its dependencies.Jamie Liu
PiperOrigin-RevId: 284033820
2019-12-04Remove TODO since we don't plan to support debug registersFabricio Voznika
PiperOrigin-RevId: 283828423
2019-12-04Add a floating test case for Arm64Bin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2019-12-03Fix printing /proc/[pid]/io for /proc/[pid]/task/[tid]/io.Zach Koopmans
PiperOrigin-RevId: 283630669
2019-12-03strace: don't create a slice with a negative valueAndrei Vagin
PiperOrigin-RevId: 283613824
2019-12-03Remove watchdog TODOFabricio Voznika
I have not seen a false positive stuck task yet. Biggest offender was whitelistfs which is going away. PiperOrigin-RevId: 283613064
2019-12-03Point TODOs to gvisor.devFabricio Voznika
PiperOrigin-RevId: 283610781
2019-12-03Remove TODO for obsolete bug.Zach Koopmans
PiperOrigin-RevId: 283571456