summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry
AgeCommit message (Collapse)Author
2020-01-17Merge release-20200115.0-17-g19b4653 (automated)gVisor bot
2020-01-16Remove unused rpcinet.Adin Scannell
PiperOrigin-RevId: 290198756
2020-01-17Merge release-20200115.0-16-g7a45ae7 (automated)gVisor bot
2020-01-16Implement setxattr for overlays.Dean Deng
PiperOrigin-RevId: 290186303
2020-01-16Merge release-20200115.0-14-gab48112 (automated)gVisor bot
2020-01-16Add IfChange/ThenChange reminders in fs/procFabricio Voznika
There is a lot of code duplication for VFSv2 and this serves as remind to keep the copies in sync. Updates #1195 PiperOrigin-RevId: 290139234
2020-01-16Implement tmpfs.SetStat with a size argument.Nicolas Lacasse
This is similar to 'Truncate' in vfs1. Updates https://github.com/google/gvisor/issues/1197 PiperOrigin-RevId: 290139140
2020-01-16Merge release-20200115.0-12-g3dd3275 (automated)gVisor bot
2020-01-16Add more files to /proc/[pid]/*Fabricio Voznika
Files not implemented require VFSv2 plumbing into the kernel. Also, cgroup is not implemented yet. Updates #1195 PiperOrigin-RevId: 290129176
2020-01-16Merge release-20200115.0-9-g07f2584 (automated)gVisor bot
2020-01-16Plumb getting/setting xattrs through InodeOperations and 9p gofer interfaces.Dean Deng
There was a very bare get/setxattr in the InodeOperations interface. Add context.Context to both, size to getxattr, and flags to setxattr. Note that extended attributes are passed around as strings in this implementation, so size is automatically encoded into the value. Size is added in getxattr so that implementations can return ERANGE if a value is larger than can fit in the user-allocated buffer. This prevents us from unnecessarily passing around an arbitrarily large xattr when the user buffer is actually too small. Don't use the existing xattrwalk and xattrcreate messages and define our own, mainly for the sake of simplicity. Extended attributes will be implemented in future commits. PiperOrigin-RevId: 290121300
2020-01-16Merge release-20200115.0-8-g7b7c318 (automated)gVisor bot
2020-01-16Add remaining /proc/* and /proc/sys/* filesFabricio Voznika
Except for one under /proc/sys/net/ipv4/tcp_sack. /proc/pid/* is still incomplete. Updates #1195 PiperOrigin-RevId: 290120438
2020-01-16Merge release-20200115.0-7-gfea1ce6 (automated)gVisor bot
2020-01-16Merge pull request #1272 from lubinszARM:pr_ring0_2gVisor bot
PiperOrigin-RevId: 290113719
2020-01-16Merge release-20200115.0-5-g420d335 (automated)gVisor bot
2020-01-16Enable clone syscall support on arm64.Haibo Xu
sys_clone has many flavors in Linux, and amd64 chose a different one from x86(different arguments order). Ref kernel/fork.c for more info. Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I6c8cbc685f4a6e786b171715ab68292fc95cbf48 COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/1545 from xiaobo55x:clone 156bd2dfbc63ef5291627b0578ddea77997393b2 PiperOrigin-RevId: 290093953
2020-01-15Add timestamps to VFS2 tmpfs, and implement some of SetStat.Nicolas Lacasse
PiperOrigin-RevId: 289962040
2020-01-15Merge release-20191213.0-121-g2ebd214 (automated)gVisor bot
2020-01-15Merge pull request #1540 from laijs:fix-PCIDsgVisor bot
PiperOrigin-RevId: 289925133
2020-01-15Merge release-20191213.0-117-gff78a72 (automated)gVisor bot
2020-01-14enable pkg/sentry/arch to support arm64 basicallylubinszARM
Signed-off-by: Bin Lu <bin.lu@arm.com> Change-Id: I9cce23db4e5caec82ce42b4970fdb7f7e8c08f1d COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/773 from lubinszARM:pr_arch_basic 3fe2fd8e6286766bbe489ef971dce204f924feba PiperOrigin-RevId: 289795569
2020-01-15Fix "unlock of unlocked mutex" crash when getting ttychris.zn
This patch holds taskset.mu when getting tty. If we don't do this, it may cause a "unlock of unlocked mutex" problem, since signalHandlers may be replaced by CopyForExec() in runSyscallAfterExecStop after the signalHandlers.mu has been holded in TTY(). The problem is easy to reproduce with keeping to do "runsc ps". The crash log is : fatal error: sync: unlock of unlocked mutex goroutine 5801304 [running]: runtime.throw(0xfd019c, 0x1e) GOROOT/src/runtime/panic.go:774 +0x72 fp=0xc001ba47b0 sp=0xc001ba4780 pc=0x431702 sync.throw(0xfd019c, 0x1e) GOROOT/src/runtime/panic.go:760 +0x35 fp=0xc001ba47d0 sp=0xc001ba47b0 pc=0x431685 sync.(*Mutex).unlockSlow(0xc00cf94a30, 0xc0ffffffff) GOROOT/src/sync/mutex.go:196 +0xd6 fp=0xc001ba47f8 sp=0xc001ba47d0 pc=0x4707d6 sync.(*Mutex).Unlock(0xc00cf94a30) GOROOT/src/sync/mutex.go:190 +0x48 fp=0xc001ba4818 sp=0xc001ba47f8 pc=0x4706e8 gvisor.dev/gvisor/pkg/sentry/kernel.(*ThreadGroup).TTY(0xc011a9e800, 0x0) pkg/sentry/kernel/tty.go:38 +0x88 fp=0xc001ba4868 sp=0xc001ba4818 pc=0x835fa8 gvisor.dev/gvisor/pkg/sentry/control.Processes(0xc00025ae00, 0xc013e397c0, 0x40, 0xc0137b9800, 0x1, 0x7f292e9a4cc0) pkg/sentry/control/proc.go:366 +0x355 fp=0xc001ba49a0 sp=0xc001ba4868 pc=0x9ac4a5 gvisor.dev/gvisor/runsc/boot.(*containerManager).Processes(0xc0003b62c0, 0xc0051423d0, 0xc0137b9800, 0x0, 0x0) runsc/boot/controller.go:228 +0xdf fp=0xc001ba49e8 sp=0xc001ba49a0 pc=0xaf06cf Signed-off-by: chris.zn <chris.zn@antfin.com>
2020-01-14Merge release-20191213.0-115-g50625ce (automated)gVisor bot
2020-01-14Implement {g,s}etsockopt(IP_RECVTOS) for UDP socketsTamir Duberstein
PiperOrigin-RevId: 289718534
2020-01-13Merge branch 'iptables-write-input-drop' into iptables-write-filter-protoKevin Krakauer
2020-01-13Merge release-20191213.0-113-gdebd213 (automated)gVisor bot
2020-01-13Allow dual stack sockets to operate on AF_INETTamir Duberstein
Fixes #1490 Fixes #1495 PiperOrigin-RevId: 289523250
2020-01-13Only allow INPUT modifications.Kevin Krakauer
2020-01-13Merge branch 'master' into iptables-write-input-dropKevin Krakauer
2020-01-13Merge release-20191213.0-111-gb30cfb1 (automated)gVisor bot
2020-01-13Merge pull request #1528 from kevinGC:iptables-writegVisor bot
PiperOrigin-RevId: 289479774
2020-01-10I think INPUT works with protocolKevin Krakauer
2020-01-10Merge release-20191213.0-96-g27500d5 (automated)gVisor bot
2020-01-09New sync package.Ian Gudger
* Rename syncutil to sync. * Add aliases to sync types. * Replace existing usage of standard library sync package. This will make it easier to swap out synchronization primitives. For example, this will allow us to use primitives from github.com/sasha-s/go-deadlock to check for lock ordering violations. Updates #1472 PiperOrigin-RevId: 289033387
2020-01-09Merge release-20191213.0-88-gee3158f (automated)gVisor bot
2020-01-09Merge pull request #1423 from xiaobo55x:stracegVisor bot
PiperOrigin-RevId: 288965915
2020-01-09Added a test that we don't pass yetKevin Krakauer
2020-01-09Merge release-20191213.0-86-g8643933 (automated)gVisor bot
2020-01-09Change BindToDeviceOption to store NICIDEyal Soha
This makes it possible to call the sockopt from go even when the NIC has no name. PiperOrigin-RevId: 288955236
2020-01-09Merge release-20191213.0-84-g290908f (automated)gVisor bot
2020-01-09Avoid panic when c.PCIDs is nilLai Jiangshan
When PCID is disabled, there would throw a panic when dropPageTables() access to c.PCID without check. Signed-off-by: Lai Jiangshan <eag0628@gmail.com>
2020-01-08It works! It drops some packets.Kevin Krakauer
2020-01-08Merge branch 'iptables-write' into iptables-write-input-dropKevin Krakauer
2020-01-09Merge release-20191213.0-82-gfbb2c00 (automated)gVisor bot
2020-01-08More GH comments.Kevin Krakauer
2020-01-08Return correct length with MSG_TRUNC for unix sockets.Ian Lewis
This change calls a new Truncate method on the EndpointReader in RecvMsg for both netlink and unix sockets. This allows readers such as sockets to peek at the length of data without actually reading it to a buffer. Fixes #993 #1240 PiperOrigin-RevId: 288800167
2020-01-08Define sizes for extent headers and entries separately to improve clarity.Dean Deng
PiperOrigin-RevId: 288799694
2020-01-09Merge release-20191213.0-80-gb3ae8a6 (automated)gVisor bot
2020-01-08Addressed GH commentsKevin Krakauer
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-25 11:27:25 +0000