summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2018-05-22Clarify that syserr.New must only be called during initIan Gudger
PiperOrigin-RevId: 197599402 Change-Id: I23eb0336195ab0d3e5fb49c0c57fc9e0715a9b75
2018-05-21Dramatically improve handling of KVM vCPU pool.Adin Scannell
Especially in situations with small numbers of vCPUs, the existing system resulted in excessive thrashing. Now, execution contexts co-ordinate as smoothly as they can to share a small number of cores. PiperOrigin-RevId: 197483323 Change-Id: I0afc0c5363ea9386994355baf3904bf5fe08c56c
2018-05-18sentry: Get "ip link" working.Kevin Krakauer
In Linux, many UDS ioctls are passed through to the NIC driver. We do the same here, passing ioctl calls to Unix sockets through to epsocket. In Linux you can see this path at net/socket.c:sock_ioctl, which calls sock_do_ioctl, which calls net/core/dev_ioctl.c:dev_ioctl. SIOCGIFNAME is also added. PiperOrigin-RevId: 197167508 Change-Id: I62c326a4792bd0a473e9c9108aafb6a6354f2b64
2018-05-17Cleanup docsMichael Pratt
This brings the proc document more up-to-date. PiperOrigin-RevId: 197070161 Change-Id: Iae2cf9dc44e3e748a33f497bb95bd3c10d0c094a
2018-05-17Fix capability check for sysv semaphores.Rahat Mahmood
Capabilities for sysv sem operations were being checked against the current task's user namespace. They should be checked against the user namespace owning the ipc namespace for the sems instead, per ipc/util.c:ipcperms(). PiperOrigin-RevId: 197063111 Change-Id: Iba29486b316f2e01ee331dda4e48a6ab7960d589
2018-05-17Implement sysv shm.Rahat Mahmood
PiperOrigin-RevId: 197058289 Change-Id: I3946c25028b7e032be4894d61acb48ac0c24d574
2018-05-17Fix sendto for dual stack UDP socketsIan Gudger
Previously, dual stack UDP sockets bound to an IPv4 address could not use sendto to communicate with IPv4 addresses. Further, dual stack UDP sockets bound to an IPv6 address could use sendto to communicate with IPv4 addresses. Neither of these behaviors are consistent with Linux. PiperOrigin-RevId: 197036024 Change-Id: Ic3713efc569f26196e35bb41e6ad63f23675fc90
2018-05-16Fix another socket Dirent refcount.Christopher Koch
PiperOrigin-RevId: 196893452 Change-Id: I5ea0f851fcabc5eac5859e61f15213323d996337
2018-05-16Verify that when offset address is not null, infile must be seekableChanwit Kaewkasi
Change-Id: Id247399baeac58f6cd774acabd5d1da05e5b5697 PiperOrigin-RevId: 196887768
2018-05-16netstack: make TCP endpoint closed and error state cleanup work synchronous.Zhaozhong Ni
So that when saving TCP endpoint in these states, there is no pending or background activities. Also lift tcp network save rejection error to tcpip package. PiperOrigin-RevId: 196886839 Change-Id: I0fe73750f2743ec7e62d139eb2cec758c5dd6698
2018-05-16Refcount socket Dirents correctly.Christopher Koch
This should fix the socket Dirent memory leak. fs.NewFile takes a new reference. It should hold the *only* reference. DecRef that socket Dirent. Before the globalDirentMap was introduced, a mis-refcounted Dirent would be garbage collected when all references to it were gone. For socket Dirents, this meant that they would be garbage collected when the associated fs.Files disappeared. After the globalDirentMap, Dirents *must* be reference-counted correctly to be garbage collected, as Dirents remove themselves from the global map when their refcount goes to -1 (see Dirent.destroy). That removes the last pointer to that Dirent. PiperOrigin-RevId: 196878973 Change-Id: Ic7afcd1de97c7101ccb13be5fc31de0fb50963f0
2018-05-16Release mutex in BidirectionalConnect to avoid deadlock.Brian Geffon
When doing a BidirectionalConnect we don't need to continue holding the ConnectingEndpoint's mutex when creating the NewConnectedEndpoint as it was held during the Connect. Additionally, we're not holding the baseEndpoint mutex while Unregistering an event. PiperOrigin-RevId: 196875557 Change-Id: Ied4ceed89de883121c6cba81bc62aa3a8549b1e9
2018-05-15Fix KVM EFAULT handling.Adin Scannell
PiperOrigin-RevId: 196781718 Change-Id: I889766eed871929cdc247c6b9aa634398adea9c9
2018-05-15Simplify KVM invalidation logic.Adin Scannell
PiperOrigin-RevId: 196780209 Change-Id: I89f39eec914ce54a7c6c4f28e1b6d5ff5a7dd38d
2018-05-15Simplify KVM state handling.Adin Scannell
This also removes the dependency on tmutex. PiperOrigin-RevId: 196764317 Change-Id: I523fb67454318e1a2ca9da3a08e63bfa3c1eeed3
2018-05-15sentry: Replaces saving of inet.Stack with retrieval via context.Kevin Krakauer
Previously, inet.Stack was referenced in 2 structs in sentry/socket that can be saved/restored. If an app is saved and restored on another machine, it may try to use the old stack, which will have been replaced by a new stack on the new machine. PiperOrigin-RevId: 196733985 Change-Id: I6a8cfe73b5d7a90749734677dada635ab3389cb9
2018-05-15Fix problem with sendfile(2) writing less dataFabricio Voznika
When the amount of data read is more than the amount written, sendfile would not adjust 'in file' position and would resume from the wrong location. Closes #33 PiperOrigin-RevId: 196731287 Change-Id: Ia219895dd765016ed9e571fd5b366963c99afb27
2018-05-14Disable INVPCID check; it's not used.Adin Scannell
PiperOrigin-RevId: 196615029 Change-Id: Idfa383a9aee6a9397167a4231ce99d0b0e5b9912
2018-05-14Make KVM system call first check.Adin Scannell
PiperOrigin-RevId: 196613447 Change-Id: Ib76902896798f072c3031b0c5cf7b433718928b7
2018-05-14Simplify KVM host map handling.Adin Scannell
PiperOrigin-RevId: 196611084 Change-Id: I6afa6b01e1dcd2aa9776dfc0f910874cc6b8d72c
2018-05-14Ignore spurious KVM emulation failures.Adin Scannell
PiperOrigin-RevId: 196609789 Change-Id: Ie261eea3b7fa05b6c348ca93e229de26cbd4dc7d
2018-05-11sentry: Adds canonical mode support.Kevin Krakauer
PiperOrigin-RevId: 196331627 Change-Id: Ifef4485f8202c52481af317cedd52d2ef48cea6a
2018-05-11netstack: TCP connecting state endpoint save / restore support.Zhaozhong Ni
PiperOrigin-RevId: 196325647 Change-Id: I850eb4a29b9c679da4db10eb164bbdf967690663
2018-05-11netstack: release rcv lock after ping socket save is done.Zhaozhong Ni
PiperOrigin-RevId: 196324694 Change-Id: Ia3a48976433f21622eacb4a38fefe7143ca5e31b
2018-05-11Remove error return from AddressSpace.Release()Michael Pratt
PiperOrigin-RevId: 196291289 Change-Id: Ie3487be029850b0b410b82416750853a6c4a2b00
2018-05-11Implement MAP_32BIT.Jamie Liu
PiperOrigin-RevId: 196281052 Change-Id: Ie620a0f983a1bf2570d0003d4754611879335c1c
2018-05-10Skip atime and mtime update when file is backed by host FDFabricio Voznika
When file is backed by host FD, atime and mtime for the host file and the cached attributes in the Sentry must be close together. In this case, the call to update atime and mtime can be skipped. This is important when host filesystem is using overlay because updating atime and mtime explicitly forces a copy up for every file that is touched. PiperOrigin-RevId: 196176413 Change-Id: I3933ea91637a071ba2ea9db9d8ac7cdba5dc0482
2018-05-10Make cachePolicy int to avoid string comparisonFabricio Voznika
PiperOrigin-RevId: 196157086 Change-Id: Ia7f7ffe1bf486b21ef8091e2e8ef9a9faf733dfc
2018-05-09Cache symlinks in addition to files and directories.Nicolas Lacasse
PiperOrigin-RevId: 196051326 Change-Id: I4195b110e9a7d38d1ce1ed9c613971dea1be3bf0
2018-05-09Increment link count in CreateHardlinkFabricio Voznika
Closes #28 PiperOrigin-RevId: 196041391 Change-Id: I5d79f1735b9d72744e8bebc6897002b27df9aa7a
2018-05-09Internal change.Googler
PiperOrigin-RevId: 195980843 Change-Id: I066f9696b69e92e144c2c8d2c2aa52c546df94fb
2018-05-08state: serialize string as bytes instead of protobuf string.Zhaozhong Ni
Protobuf strings have to be UTF-8 encoded or 7-bit ASCII. PiperOrigin-RevId: 195902557 Change-Id: I9800afd47ecfa6615e28a2cce7f2532f04f10763
2018-05-08Implement /proc/[pid]/statm.Jamie Liu
PiperOrigin-RevId: 195893391 Change-Id: I645b7042d7f4f9dd54723afde3e5df0986e43160
2018-05-08Capture restore file system corruption errors in exit error.Zhaozhong Ni
PiperOrigin-RevId: 195850822 Change-Id: I4d7bdd8fe129c5ed461b73e1d7458be2cf5680c2
2018-05-08Correct definition of SysV IPC structures.Jamie Liu
PiperOrigin-RevId: 195849066 Change-Id: If2146c7ce649522f86e661c5e52a9983345d6967
2018-05-08Sentry: always use "best speed" compression for save and remove the option.Zhaozhong Ni
PiperOrigin-RevId: 195835861 Change-Id: Ib696b1b571a6b061725a33c535cd7215fe518b97
2018-05-08Reword misleading log lineIan Gudger
PiperOrigin-RevId: 195834310 Change-Id: I8af748f75ab87ad1cd29c4c8904d07fd729ba6c9
2018-05-08Fix warning: redundant if ...; err != nil check, just return error instead.Ian Gudger
This warning is produced by golint. PiperOrigin-RevId: 195833381 Change-Id: Idd6a7e57e3cfdf00819f2374b19fc113585dc1e1
2018-05-08Fix format string type in testIan Gudger
PiperOrigin-RevId: 195831778 Change-Id: I413dc909cedc18fbf5320a4f75d876f1be133c6c
2018-05-07Fix misspellingsIan Gudger
PiperOrigin-RevId: 195742598 Change-Id: Ibd4a8e4394e268c87700b6d1e50b4b37dfce5182
2018-05-07Add generated file.Adin Scannell
PiperOrigin-RevId: 195706470 Change-Id: Ia146119f04d92d559f58a6bab133d9da97e054c9
2018-05-05Remove dead code in urpcIan Gudger
PiperOrigin-RevId: 195525267 Change-Id: I7a5ef31365cb0c55c462deb9bdbec092473ebc6b
2018-05-04Remove ineffectual code in sentry ELF loaderIan Gudger
PiperOrigin-RevId: 195517702 Change-Id: Id90309a6365cac06e68e8774aa79dc76ce1b11c7
2018-05-04sentry: Adds the SIOCGIFNETMASK ioctl to epsocket.Kevin Krakauer
PiperOrigin-RevId: 195489319 Change-Id: I0841d41d042c6f91aa8d7f62c127213aa7953eac
2018-05-04Run gofmt -s on everythingIan Gudger
PiperOrigin-RevId: 195469901 Change-Id: I66d5c7a334bbb8b47e40d266a2661291c2d91c7f
2018-05-04sentry: capture CPU usage metadata for save.Zhaozhong Ni
PiperOrigin-RevId: 195466647 Change-Id: Ib5ca815f7b64a4881441e58567adedf344b206f1
2018-05-04Fix runsc capabilitiesFabricio Voznika
There was a typo and one new capability missing from the list PiperOrigin-RevId: 195427713 Change-Id: I6d9e1c6e77b48fe85ef10d9f54c70c8a7271f6e7
2018-05-03Clean up control message strace loggingIan Gudger
PiperOrigin-RevId: 195329972 Change-Id: I42f7d8800e6692c45ffa9683741f8de89f9a69bb
2018-05-03Fix misspellings.Cyrille Hemidy
PiperOrigin-RevId: 195307689 Change-Id: I499f19af49875a43214797d63376f20ae788d2f4
2018-05-03Don't prematurely remove MountSource from parent's children.Christopher Koch
Otherwise, mounts that fail to be unmounted (EBUSY) will be removed from the children list anyway. At this point, this just affects /proc/pid/mounts and /proc/pid/mountinfo. PiperOrigin-RevId: 195267588 Change-Id: I79114483d73b90f9a7d764a7d513b5b2f251182e