summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2020-07-24Merge release-20200622.1-216-gc59b792f5 (automated)gVisor bot
2020-07-24Merge release-20200622.1-215-g65b5e6480 (automated)gVisor bot
2020-07-24Merge release-20200622.1-214-g5e7ae0476 (automated)gVisor bot
2020-07-23Merge pull request #3142 from tanjianfeng:fix-3141gVisor bot
PiperOrigin-RevId: 322937495
2020-07-24Merge release-20200622.1-212-gbcbcaa67a (automated)gVisor bot
2020-07-23Merge pull request #3317 from sevki:patch-2gVisor bot
PiperOrigin-RevId: 322928424
2020-07-24Merge release-20200622.1-210-gd9a3f5d0c (automated)gVisor bot
2020-07-23Add permission checks to vfs2 truncate.Dean Deng
- Check write permission on truncate(2). Unlike ftruncate(2), truncate(2) fails if the user does not have write permissions on the file. - For gofers under InteropModeShared, check file type before making a truncate request. We should fail early and avoid making an rpc when possible. Furthermore, depending on the remote host's failure may give us unexpected behavior--if the host converts the truncate request to an ftruncate syscall on an open fd, we will get EINVAL instead of EISDIR. Updates #2923. PiperOrigin-RevId: 322913569
2020-07-24Merge release-20200622.1-209-gbac4ebaab (automated)gVisor bot
2020-07-23FileDescription is hard to spell.Dean Deng
Fix typos. PiperOrigin-RevId: 322913282
2020-07-24Merge release-20200622.1-208-g82a5cada5 (automated)gVisor bot
2020-07-23Add AfterFunc to tcpip.ClockSam Balana
Changes the API of tcpip.Clock to also provide a method for scheduling and rescheduling work after a specified duration. This change also implements the AfterFunc method for existing implementations of tcpip.Clock. This is the groundwork required to mock time within tests. All references to CancellableTimer has been replaced with the tcpip.Job interface, allowing for custom implementations of scheduling work. This is a BREAKING CHANGE for clients that implement their own tcpip.Clock or use tcpip.CancellableTimer. Migration plan: 1. Add AfterFunc(d, f) to tcpip.Clock 2. Replace references of tcpip.CancellableTimer with tcpip.Job 3. Replace calls to tcpip.CancellableTimer#StopLocked with tcpip.Job#Cancel 4. Replace calls to tcpip.CancellableTimer#Reset with tcpip.Job#Schedule 5. Replace calls to tcpip.NewCancellableTimer with tcpip.NewJob. PiperOrigin-RevId: 322906897
2020-07-24Merge release-20200622.1-207-g4ec351633 (automated)gVisor bot
2020-07-23Implement get/set_robust_list.Nicolas Lacasse
PiperOrigin-RevId: 322904430
2020-07-23Merge release-20200622.1-206-g5e34ee68c (automated)gVisor bot
2020-07-23Merge pull request #3024 from ridwanmsharif:ridwanmsharif/fuse-stub-implgVisor bot
PiperOrigin-RevId: 322890087
2020-07-23Merge release-20200622.1-203-g8fed97794 (automated)gVisor bot
2020-07-23Add task work mechanism.Dean Deng
Like task_work in Linux, this allows us to register callbacks to be executed before returning to userspace. This is needed for kcov support, which requires coverage information to be up-to-date whenever we are in user mode. We will provide coverage data through the kcov interface to enable coverage-directed fuzzing in syzkaller. One difference from Linux is that task work cannot queue work before the transition to userspace that it precedes; queued work will be picked up before the next transition. PiperOrigin-RevId: 322889984
2020-07-23Merge release-20200622.1-202-g3a2fac0ab (automated)gVisor bot
2020-07-23Merge release-20200622.1-201-g4eb3c8c7e (automated)gVisor bot
2020-07-23kvm-tls-2:add the preservation of user-TLS in the Arm64 kvm platformlubinszARM
This patch load/save TLS for the container application. Related issue: full context-switch supporting for Arm64 #1238 COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/2761 from lubinszARM:pr_tls_2 cb5dbca1c9c3f378002406da7a58887f9b5032b3 PiperOrigin-RevId: 322887044
2020-07-23Merge release-20200622.1-200-gdd530eeef (automated)gVisor bot
2020-07-23iptables: use keyed array literalsKevin Krakauer
PiperOrigin-RevId: 322882426
2020-07-23Use mode supplied by the mount optionsRidwan Sharif
2020-07-23Added stub FUSE filesystemRidwan Sharif
Allow FUSE filesystems to be mounted using libfuse. The appropriate flags and mount options are parsed and understood by fusefs.
2020-07-23Merge release-20200622.1-199-g15da310ef (automated)gVisor bot
2020-07-23Merge release-20200622.1-198-gfc26b3764 (automated)gVisor bot
2020-07-23Merge pull request #3207 from kevinGC:icmp-connectgVisor bot
PiperOrigin-RevId: 322853192
2020-07-23Merge release-20200622.1-196-g20b556e62 (automated)gVisor bot
2020-07-23Fix wildcard bind for raw socket.Bhasker Hariharan
Fixes #3334 PiperOrigin-RevId: 322846384
2020-07-23Merge release-20200622.1-195-g6f7f73996 (automated)gVisor bot
2020-07-23Marshallable socket opitons.Ayush Ranjan
Socket option values are now required to implement marshal.Marshallable. Co-authored-by: Rahat Mahmood <rahat@google.com> PiperOrigin-RevId: 322831612
2020-07-23Merge release-20200622.1-194-g384369e01 (automated)gVisor bot
2020-07-23Merge release-20200622.1-193-gb396d3882 (automated)gVisor bot
2020-07-23Port sendfile to vfs2.Nicolas Lacasse
And do some refactoring of the wait logic in sendfile/splice/tee. Updates #1035 #2923 PiperOrigin-RevId: 322815521
2020-07-23Merge release-20200622.1-192-g4fbd0728a (automated)gVisor bot
2020-07-23[vfs2][gofer] Fix update attributes race condition.Ayush Ranjan
We were getting the file attributes before locking the metadataMu which was causing stale updates to the file attributes. Fixes OpenTest_AppendConcurrentWrite. Updates #2923 PiperOrigin-RevId: 322804438
2020-07-23Merge release-20200622.1-191-g36257e6b7 (automated)gVisor bot
2020-07-23Merge release-20200622.1-189-g14839e027 (automated)gVisor bot
2020-07-23Merge release-20200622.1-188-gc9399797d (automated)gVisor bot
2020-07-22make connect(2) fail when dest is unreachableKevin Krakauer
Previously, ICMP destination unreachable datagrams were ignored by TCP endpoints. This caused connect to hang when an intermediate router couldn't find a route to the host. This manifested as a Kokoro error when Docker IPv6 was enabled. The Ruby image test would try to install the sinatra gem and hang indefinitely attempting to use an IPv6 address. Fixes #3079.
2020-07-22iptables: don't NAT existing connectionsKevin Krakauer
Fixes a NAT bug that manifested as: - A SYN was sent from gVisor to another host, unaffected by iptables. - The corresponding SYN/ACK was NATted by a PREROUTING REDIRECT rule despite being part of the existing connection. - The socket that sent the SYN never received the SYN/ACK and thus a connection could not be established. We handle this (as Linux does) by tracking all connections, inserting a no-op conntrack rule for new connections with no rules of their own. Needed for istio support (#170).
2020-07-22Merge release-20200622.1-187-gbd98f8201 (automated)gVisor bot
2020-07-22iptables: replace maps with arraysKevin Krakauer
For iptables users, Check() is a hot path called for every packet one or more times. Let's avoid a bunch of map lookups. PiperOrigin-RevId: 322678699
2020-07-22Merge release-20200622.1-186-g9654bf04a (automated)gVisor bot
2020-07-22[vfs2][tmpfs] Implement O_APPENDAyush Ranjan
Updates #2923 PiperOrigin-RevId: 322671489
2020-07-22Merge release-20200622.1-185-g39525d64c (automated)gVisor bot
2020-07-22Add O_APPEND support in vfs2 gofer.Ayush Ranjan
Helps in fixing open syscall tests: AppendConcurrentWrite and AppendOnly. We also now update the file size for seekable special files (regular files) which we were not doing earlier. Updates #2923 PiperOrigin-RevId: 322670843
2020-07-22Merge release-20200622.1-184-g71bf90c55 (automated)gVisor bot
2020-07-22Support for receiving outbound packets in AF_PACKET.Bhasker Hariharan
Updates #173 PiperOrigin-RevId: 322665518