summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2018-06-17Add rpcinet support for control messages.Brian Geffon
Add support for control messages, but at this time the only control message that the sentry will support here is SO_TIMESTAMP. PiperOrigin-RevId: 200922230 Change-Id: I63a852d9305255625d9df1d989bd46a66e93c446
2018-06-15Replace crypto/rand with internal rand packageMichael Pratt
PiperOrigin-RevId: 200784607 Change-Id: I39aa6ee632936dcbb00fc298adccffa606e9f4c0
2018-06-15sentry: do not start delivering external signal immediately.Zhaozhong Ni
PiperOrigin-RevId: 200765756 Change-Id: Ie4266f32e4e977df3925eb29f3fbb756e0337606
2018-06-15FIFOs should support O_TRUNC as a no-op.Brian Geffon
PiperOrigin-RevId: 200759323 Change-Id: I683b2edcc2188304c4ca563e46af457e23625905
2018-06-15Use notify explicitly on unlock path.Adin Scannell
There are circumstances under which the redpill call will not generate the appropriate action and notification. Replace this call with an explicit notification, which is guaranteed to transition as well as perform the futex wake. PiperOrigin-RevId: 200726934 Change-Id: Ie19e008a6007692dd7335a31a8b59f0af6e54aaa
2018-06-15Implement /proc/thread-selfFabricio Voznika
Closes #68 PiperOrigin-RevId: 200725401 Change-Id: I4827009b8aee89d22887c3af67291ccf7058d420
2018-06-14Ignore expiration count in kernelCPUClockListener.Notify.Jamie Liu
PiperOrigin-RevId: 200590832 Change-Id: I35b817ecccc9414a742dee4815dfc67d0c7d0496
2018-06-13Fix reference leak in VDSO validationIan Gudger
PiperOrigin-RevId: 200496070 Change-Id: I33adb717c44e5b4bcadece882be3ab1ee3920556
2018-06-13Fix missing returns in rpcinet.Brian Geffon
PiperOrigin-RevId: 200472634 Change-Id: I3f0fb9e3b2f8616e6aa1569188258f330bf1ed31
2018-06-13Deflake kvm_test.Adin Scannell
PiperOrigin-RevId: 200439846 Change-Id: I9970fe0716cb02f0f41b754891d55db7e0729f56
2018-06-13Fix failure to mount volume that sandbox process has no accessFabricio Voznika
Boot loader tries to stat mount to determine whether it's a file or not. This may file if the sandbox process doesn't have access to the file. Instead, add overlay on top of file, which is better anyway since we don't want to propagate changes to the host. PiperOrigin-RevId: 200411261 Change-Id: I14222410e8bc00ed037b779a1883d503843ffebb
2018-06-13sentry: do not treat all save errors as state file errors.Zhaozhong Ni
PiperOrigin-RevId: 200410220 Change-Id: I6a8745e33be949e335719083501f18b24f6ba471
2018-06-13Log filemem state when panicing due to invalid refcount.Jamie Liu
PiperOrigin-RevId: 200408305 Change-Id: I676ee49ec77697105723577928c7f82088cd378e
2018-06-12Fix reference leak for negative direntsIan Gudger
PiperOrigin-RevId: 200306715 Change-Id: I7c80059c77ebd3d9a5d7d48b05c8e7a597f10850
2018-06-12Rpcinet doensn't handle SO_RCVTIMEO properly.Brian Geffon
Rpcinet already inherits socket.ReceiveTimeout; however, it's never set on setsockopt(2). The value is currently forwarded as an RPC and ignored as all sockets will be non-blocking on the RPC side. PiperOrigin-RevId: 200299260 Change-Id: I6c610ea22c808ff6420c63759dccfaeab17959dd
2018-06-12Runsc checkpoint works.Brielle Broder
This is the first iteration of checkpoint that actually saves to a file. Tests for checkpoint are included. Ran into an issue when private unix sockets are enabled. An error message was added for this case and the mutex state was set. PiperOrigin-RevId: 200269470 Change-Id: I28d29a9f92c44bf73dc4a4b12ae0509ee4070e93
2018-06-12Drop MMapOpts.MappingIdentity reference in loader.mapSegment.Jamie Liu
PiperOrigin-RevId: 200261995 Change-Id: I7e460b18ceab2c23096bdeb7416159d6e774aaf7
2018-06-11Minor ring0 interface cleanup.Adin Scannell
- Remove unused methods. - Provide declaration for asm function. PiperOrigin-RevId: 200146850 Change-Id: Ic455c96ffe0d2e78ef15f824eb65d7de705b054a
2018-06-11Make page tables split-safe.Adin Scannell
In order to minimize the likelihood of exit during page table modifications, make the full set of page table functions split-safe. This is not strictly necessary (and you may still incur splits due to allocations from the allocator pool) but should make retries a very rare occurance. PiperOrigin-RevId: 200146688 Change-Id: I8fa36aa16b807beda2f0b057be60038258e8d597
2018-06-11Handle all exception vectors.Adin Scannell
PiperOrigin-RevId: 200144655 Change-Id: I5a753c74b75007b7714d6fe34aa0d2e845dc5c41
2018-06-11Set CLOEXEC option to socketsFabricio Voznika
hostinet/socket.go: the Sentry doesn't spawn new processes, but it doesn't hurt to protect the socket from leaking. unet/unet.go: should be setting closing on exec. The FD is explicitly donated to children when needed. PiperOrigin-RevId: 200135682 Change-Id: Ia8a45ced1e00a19420c8611b12e7a8ee770f89cb
2018-06-11Rpcinet is incorrectly handling MSG_TRUNC with SOCK_STREAMBrian Geffon
SOCK_STREAM has special behavior with respect to MSG_TRUNC. Specifically, the data isn't actually copied back out to userspace when MSG_TRUNC is provided on a SOCK_STREAM. According to tcp(7): "Since version 2.4, Linux supports the use of MSG_TRUNC in the flags argument of recv(2) (and recvmsg(2)). This flag causes the received bytes of data to be discarded, rather than passed back in a caller-supplied buffer." PiperOrigin-RevId: 200134860 Change-Id: I70f17a5f60ffe7794c3f0cfafd131c069202e90d
2018-06-11rpcinet is treating EAGAIN and EWOULDBLOCK as different errnos.Brian Geffon
PiperOrigin-RevId: 200124614 Change-Id: I38a7b083f1464a2a586fe24db648e624c455fec5
2018-06-11Add O_TRUNC handling in openatFabricio Voznika
PiperOrigin-RevId: 200103677 Change-Id: I3efb565c30c64d35f8fd7b5c05ed78dcc2990c51
2018-06-11Sentry: split tty.queue into its own file.Kevin Krakauer
Minor refactor. line_discipline.go was home to 2 large structs (lineDiscipline and queue), and queue is now large enough IMO to get its own file. Also moves queue locks into the queue struct, making locking simpler. PiperOrigin-RevId: 200080301 Change-Id: Ia75a0e9b3d9ac8d7e5a0f0099a54e1f5b8bdea34
2018-06-08Fix kernel flags handling and add missing vectors.Adin Scannell
PiperOrigin-RevId: 199877174 Change-Id: I9d19ea301608c2b989df0a6123abb1e779427853
2018-06-08Add checks for short CopyOut in rpcinetBrian Geffon
PiperOrigin-RevId: 199864753 Change-Id: Ibace6a1fdf99ee6ce368ac12c390aa8a02dbdfb7
2018-06-08Fix sigaltstack semantics.Adin Scannell
Walking off the bottom of the sigaltstack, for example with recursive faults, results in forced signal delivery, not resetting the stack or pushing signal stack to whatever happens to lie below the signal stack. PiperOrigin-RevId: 199856085 Change-Id: I0004d2523f0df35d18714de2685b3eaa147837e0
2018-06-08Add a protocol option to set congestion control algorithm.Bhasker Hariharan
Also adds support to query available congestion control algorithms. PiperOrigin-RevId: 199826897 Change-Id: I2b338b709820ee9cf58bb56d83aa7b1a39f4eab2
2018-06-08rpcinet is not correctly handling MSG_TRUNC on recvmsg(2).Brian Geffon
MSG_TRUNC can cause recvmsg(2) to return a value larger than the buffer size. In this situation it's an indication that the buffer was completely filled and that the msg was truncated. Previously in rpcinet we were returning the buffer size but we should actually be returning the payload length as returned by the syscall. PiperOrigin-RevId: 199814221 Change-Id: If09aa364219c1bf193603896fcc0dc5c55e85d21
2018-06-07rpcinet should not block in read(2) rpcs.Brian Geffon
PiperOrigin-RevId: 199703609 Change-Id: I8153b0396b22a230a68d4b69c46652a5545f7630
2018-06-07Add missing rpcinet ioctls.Brian Geffon
PiperOrigin-RevId: 199669120 Change-Id: I0be88cdbba29760f967e9a5bb4144ca62c1ed7aa
2018-06-07Sentry: very basic terminal echo support.Kevin Krakauer
Adds support for echo to terminals. Echoing is just copying input back out to the user, e.g. when I type "foo" into a terminal, I expect "foo" to be echoed back to my terminal. Also makes the transform function part of the queue, eliminating the need to pass them around together and the possibility of using the wrong transform for a queue. PiperOrigin-RevId: 199655147 Change-Id: I37c490d4fc1ee91da20ae58ba1f884a5c14fd0d8
2018-06-06Ensure guest-mode for page table modifications.Adin Scannell
Because of the KVM shadow page table implementation, modifications made to guest page tables from host mode may not be syncronized correctly, resulting in undefined behavior. This is a KVM bug: page table pages should also be tracked for host modifications and resynced appropriately (e.g. the guest could "DMA" into a page table page in theory). However, since we can't rely on this being fixed everywhere, workaround the issue by forcing page table modifications to be in guest mode. This will generally be the case anyways, but now if an exit occurs during modifications, we will re-enter and perform the modifications again. PiperOrigin-RevId: 199587895 Change-Id: I83c20b4cf2a9f9fa56f59f34939601dd34538fb0
2018-06-06Split PCID implementation from page tables.Adin Scannell
Instead of associating a single PCID with each set of page tables (which will reach the maximum quickly), allow a dynamic pool for each vCPU. This is the same way that Linux operates. We also split management of PCIDs out of the page tables themselves for simplicity. PiperOrigin-RevId: 199585631 Change-Id: I42f3486ada3cb2a26f623c65ac279b473ae63201
2018-06-06Add allocator abstraction for page tables.Adin Scannell
In order to prevent possible garbage collection and reuse of page table pages prior to invalidation, introduce a former allocator abstraction that can ensure entries are held during a single traversal. This also cleans up the abstraction and splits it out of the machine itself. PiperOrigin-RevId: 199581636 Change-Id: I2257d5d7ffd9c36f9b7ecd42f769261baeaf115c
2018-06-06Add support for rpcinet ioctl(2).Brian Geffon
This change will add support for ioctls that have previously been supported by netstack. LINE_LENGTH_IGNORE PiperOrigin-RevId: 199544114 Change-Id: I3769202c19502c3b7d05e06ea9552acfd9255893
2018-06-06Added a function to the controller to checkpoint a container.Googler
Functionality for checkpoint is not complete, more to come. PiperOrigin-RevId: 199500803 Change-Id: Iafb0fcde68c584270000fea898e6657a592466f7
2018-06-05Add support for rpcinet owned procfs files.Brian Geffon
This change will add support for /proc/sys/net and /proc/net which will be managed and owned by rpcinet. This will allow these inodes to be forward as rpcs. PiperOrigin-RevId: 199370799 Change-Id: I2c876005d98fe55dd126145163bee5a645458ce4
2018-06-05netstack: make TCP endpoint closed and error state cleanup work synchronous.Zhaozhong Ni
So that when saving TCP endpoint in these states, there is no pending or background activities. Also lift tcp network save rejection error to tcpip package. PiperOrigin-RevId: 199370748 Change-Id: Ief7b45c2a7338d12414cd7c23db95de6a9c22700
2018-06-01Fix refcount bug in rpcinet socketOperations.Accept.Brian Geffon
PiperOrigin-RevId: 198931222 Change-Id: I69ee12318e87b9a6a4a94b18a9bf0ae4e39d7eaf
2018-06-01Move page tables lock into the address space.Adin Scannell
This is necessary to prevent races with invalidation. It is currently possible that page tables are garbage collected while paging caches refer to them. We must ensure that pages are held until caches can be invalidated. This is not achieved by this goal alone, but moving locking to outside the page tables themselves is a requisite. PiperOrigin-RevId: 198920784 Change-Id: I66fffecd49cb14aa2e676a84a68cabfc0c8b3e9a
2018-06-01Add SyscallRules that supports argument filteringZhengyu He
PiperOrigin-RevId: 198919043 Change-Id: I7f1f0a3b3430cd0936a4ee4fc6859aab71820bdf
2018-05-30Restore FS on resume.Adin Scannell
Previously, the vCPU FS was always correct because it relied on the reset coming out of the switch. When that doesn't occur, for example, using bluepill directly, the FS value can be incorrect leading to strange corruption. This change is necessary for a subsequent change that enforces guest mode for page table modifications, and it may reduce test flakiness. (The problematic path may occur in tests, but does not occur in the actual platform.) PiperOrigin-RevId: 198648137 Change-Id: I513910a973dd8666c9a1d18cf78990964d6a644d
2018-05-30Change ring0 & page tables arguments to structs.Adin Scannell
This is a refactor of ring0 and ring0/pagetables that changes from individual arguments to opts structures. This should involve no functional changes, but sets the stage for subsequent changes. PiperOrigin-RevId: 198627556 Change-Id: Id4460340f6a73f0c793cd879324398139cd58ae9
2018-05-29Automated rollback of changelist 196886839Fabricio Voznika
PiperOrigin-RevId: 198457660 Change-Id: I6ea5cf0b4cfe2b5ba455325a7e5299880e5a088a
2018-05-24Poll should wake up on ECONNREFUSED with no mask.Brian Geffon
Today poll will not wake up on a ECONNREFUSED if no poll mask is specified, which is equivalent to POLLHUP | POLLERR which are implicitly added during the poll syscall. PiperOrigin-RevId: 197967183 Change-Id: I668d0730c33701228913f2d0843b48491b642efb
2018-05-24rpcinet connect doesn't handle all errnos correctly.Brian Geffon
These were causing non-blocking related errnos to be returned to the sentry when they were created as blocking FDs internally. PiperOrigin-RevId: 197962932 Change-Id: I3f843535ff87ebf4cb5827e9f3d26abfb79461b0
2018-05-23Adding test case for RST acceptable ack panicBrian Geffon
PiperOrigin-RevId: 197795613 Change-Id: I759dd04995d900cba6b984649fa48bbc880946d6
2018-05-23Fix typo in TCP transportIan Gudger
PiperOrigin-RevId: 197789418 Change-Id: I86b1574c8d3b8b321348d9b101ffaef7aa15f722