summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2020-03-06Add plumbing for importing fds in VFS2, along with non-socket, non-TTY impl.Dean Deng
In VFS2, imported file descriptors are stored in a kernfs-based filesystem. Upon calling ImportFD, the host fd can be accessed in two ways: 1. a FileDescription that can be added to the FDTable, and 2. a Dentry in the host.filesystem mount, which we will want to access through magic symlinks in /proc/[pid]/fd/. An implementation of the kernfs.Inode interface stores a unique host fd. This inode can be inserted into file descriptions as well as dentries. This change also plumbs in three FileDescriptionImpls corresponding to fds for sockets, TTYs, and other files (only the latter is implemented here). These implementations will mostly make corresponding syscalls to the host. Where possible, the logic is ported over from pkg/sentry/fs/host. Updates #1672 PiperOrigin-RevId: 299417263
2020-03-06Prevent memory leaks in ilistTamir Duberstein
When list elements are removed from a list but not discarded, it becomes important to invalidate the references they hold to their former neighbors to prevent memory leaks. PiperOrigin-RevId: 299412421
2020-03-06Merge pull request #1963 from xiaobo55x:kvm_commongVisor bot
PiperOrigin-RevId: 299405855
2020-03-06Merge pull request #1946 from xiaobo55x:dieTrampgVisor bot
PiperOrigin-RevId: 299405663
2020-03-06shutdown(s, SHUT_WR) in TIME-WAIT returns ENOTCONNEyal Soha
From RFC 793 s3.9 p61 Event Processing: CLOSE Call during TIME-WAIT: return with "error: connection closing" Fixes #1603 PiperOrigin-RevId: 299401353
2020-03-06Specify the source of outgoing NDP RSGhanan Gowripalan
If the NIC has a valid IPv6 address assigned, use it as the source address for outgoing NDP Router Solicitation packets. Test: stack_test.TestRouterSolicitation PiperOrigin-RevId: 299398763
2020-03-06Get strings for stack.DHCPv6ConfigurationFromNDPRAGhanan Gowripalan
Useful for logs to print the string representation of the value instead of the integer value. PiperOrigin-RevId: 299356847
2020-03-05Stub oom_score_adj and oom_score.Ian Lewis
Adds an oom_score_adj and oom_score proc file stub. oom_score_adj accepts writes of values -1000 to 1000 and persists the value with the task. New tasks inherit the parent's oom_score_adj. oom_score is a read-only stub that always returns the value '0'. Issue #202 PiperOrigin-RevId: 299245355
2020-03-05Fix S/R on inet.Namespace.Ting-Yu Wang
PiperOrigin-RevId: 299238067
2020-03-05Merge pull request #1951 from moricho:moricho/add-profiler-optiongVisor bot
PiperOrigin-RevId: 299233818
2020-03-05Use a pool of arrays to avoid slice headers from escaping in TCP options pool.Ian Gudger
By putting slices into the pool, the slice header escapes. This can be avoided by not putting the slice header into the pool. This removes an allocation from the TCP segment send path. PiperOrigin-RevId: 299215480
2020-03-04tests: Don't print log messages on stdoutAndrei Vagin
A parser of test results doesn't expect to see any extra messages. PiperOrigin-RevId: 298966577
2020-03-04Ensure that safemem.BlockSeqOf(safemem.Block{}) produces an empty BlockSeq.Jamie Liu
PiperOrigin-RevId: 298941855
2020-03-03Update cached file size when cache is skippedFabricio Voznika
gofer.dentryReadWriter.WriteFromBlocks was not updating gofer.dentry.size after a write operation that skips the cache. Updates #1198 PiperOrigin-RevId: 298708646
2020-03-03Avoid memory leaksTamir Duberstein
Properly discard segments from the segment heap. PiperOrigin-RevId: 298704074
2020-03-03platform/ptrace: don't call probeSeccomp on arm64Andrei Vagin
The support of PTRACE_SYSEMU on arm64 was added in the 5.3 kernel, so we can be sure that the current version is higher that 5.3. And this change moves vsyscall seccomp rules to the arch specific file, because vsyscall isn't supported on arm64. PiperOrigin-RevId: 298696493
2020-03-03Extract local variables for readabilityTamir Duberstein
PiperOrigin-RevId: 298690552
2020-03-03Fix datarace on TransportEndpointInfo.ID and clean up semantics.Ian Gudger
Ensures that all access to TransportEndpointInfo.ID is either: * In a function ending in a Locked suffix. * While holding the appropriate mutex. This primary affects the checkV4Mapped method on affected endpoints, which has been renamed to checkV4MappedLocked. Also document the method and change its argument to be a value instead of a pointer which had caused some awkwardness. This race was possible in the udp and icmp endpoints between Connect and uses of TransportEndpointInfo.ID including in both itself and Bind. The tcp endpoint did not suffer from this bug, but benefited from better documentation. Updates #357 PiperOrigin-RevId: 298682913
2020-03-02Fix panic caused by invalid address for Bind in packet sockets.Nayana Bidari
PiperOrigin-RevId: 298476533
2020-03-02Fix data-race when reading/writing e.amss.Bhasker Hariharan
PiperOrigin-RevId: 298451319
2020-03-02Do not read-lock NIC recursivelyGhanan Gowripalan
A deadlock may occur if a write lock on a RWMutex is blocked between nested read lock attempts as the inner read lock attempt will be blocked in this scenario. Example (T1 and T2 are differnt goroutines): T1: obtain read-lock T2: attempt write-lock (blocks) T1: attempt inner/nested read-lock (blocks) Here we can see that T1 and T2 are deadlocked. Tests: Existing tests pass. PiperOrigin-RevId: 298426678
2020-03-02Merge pull request #1885 from avagin:arm64-pcidsgVisor bot
PiperOrigin-RevId: 298405064
2020-03-02socket: take readMu to access readViewAndrei Vagin
DATA RACE in netstack.(*SocketOperations).fetchReadView Write at 0x00c001dca138 by goroutine 1001: gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).fetchReadView() pkg/sentry/socket/netstack/netstack.go:418 +0x85 gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).coalescingRead() pkg/sentry/socket/netstack/netstack.go:2309 +0x67 gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).nonBlockingRead() pkg/sentry/socket/netstack/netstack.go:2378 +0x183d Previous read at 0x00c001dca138 by goroutine 1111: gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).Ioctl() pkg/sentry/socket/netstack/netstack.go:2666 +0x533 gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Ioctl() Reported-by: syzbot+d4c3885fcc346f08deb6@syzkaller.appspotmail.com PiperOrigin-RevId: 298387377
2020-03-02Take write lock when removing xattrMichael Pratt
PiperOrigin-RevId: 298380654
2020-02-28Merge pull request #1929 from avagin:arm64-cpuidgVisor bot
PiperOrigin-RevId: 297982488
2020-02-28watchdog: print panic error message before other messagesAndrei Vagin
This is needed for syzkaller to proper classify issues. Right now, all watchdog issues are duped to one with the subject "panic: Sentry detected stuck task(s). See stack trace and message above for more details". PiperOrigin-RevId: 297975363
2020-02-28Define CPUIDInstruction for arm64Andrei Vagin
There is no cpuid instruction on arm64, so we need to defined it just to avoid a compile time error. Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-02-28pcids.go isn't arch-specificAndrei Vagin
Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-02-28Make pipe buffer implementation standard.Adin Scannell
A follow-up change will convert the networking code to use this standard pipe implementation. PiperOrigin-RevId: 297903206
2020-02-28Hide /dev/net/tun when using hostinet.Ting-Yu Wang
/dev/net/tun does not currently work with hostinet. This has caused some program starts failing because it thinks the feature exists. PiperOrigin-RevId: 297876196
2020-02-28Change dup2 call to dup3Fabricio Voznika
We changed syscalls to allow dup3 for ARM64. Updates #1198 PiperOrigin-RevId: 297870816
2020-02-27Fix a race in TCP endpoint teardown and teardown the stack in tcp_test.Ian Gudger
Call stack.Close on stacks when we are done with them in tcp_test. This avoids leaking resources and reduces the test's flakiness when race/gotsan is enabled. It also provides test coverage for the race also fixed in this change, which can be reliably triggered with the stack.Close change (and without the other changes) when race/gotsan is enabled. The race was possible when calling Abort (via stack.Close) on an endpoint processing a SYN segment as part of a passive connect. Updates #1564 PiperOrigin-RevId: 297685432
2020-02-27Merge of a369c88c0c4ece5239855000d28df045111c1be7gVisor bot
PiperOrigin-RevId: 297674924
2020-02-27Internal change.Nayana Bidari
PiperOrigin-RevId: 297638665
2020-02-26Fix construct of linux.Stat for arm64.Rahat Mahmood
PiperOrigin-RevId: 297494373
2020-02-26Merge pull request #1912 from lubinszARM:pr_kvm_buildgVisor bot
PiperOrigin-RevId: 297492004
2020-02-26add profile optionmoricho
2020-02-25Add VFS.NewDisconnectedMount().Jamie Liu
Analogous to Linux's kern_mount(). PiperOrigin-RevId: 297259580
2020-02-25Fix DATA RACE in fs.MayDelete.Adin Scannell
MayDelete must lock the directory also, otherwise concurrent renames may race. Note that this also changes the methods to be aligned with the actual Remove and RemoveDirectory methods to minimize confusion when reading the code. (It was hard to see that resolution was correct.) PiperOrigin-RevId: 297258304
2020-02-26Code Clean: Move arch independent codes to common file in kvm pkg.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: Iefbdf53e8e8d6d23ae75d8a2ff0d2a6e71f414d8
2020-02-25Merge pull request #1271 from lubinszARM:pr_ring0_1gVisor bot
PiperOrigin-RevId: 297230721
2020-02-25Add netlink sockopt logging to strace.Ian Gudger
PiperOrigin-RevId: 297220008
2020-02-25Use link-local source address for link-local multicastGhanan Gowripalan
Tests: - header_test.TestIsV6LinkLocalMulticastAddress - header_test.TestScopeForIPv6Address - stack_test.TestIPv6SourceAddressSelectionScopeAndSameAddress PiperOrigin-RevId: 297215576
2020-02-25Add option to skip stuck tasks waiting for address spaceFabricio Voznika
PiperOrigin-RevId: 297192390
2020-02-25Merge pull request #1816 from xiaobo55x:trap_flaggVisor bot
PiperOrigin-RevId: 297191168
2020-02-25Port most syscalls to VFS2.Jamie Liu
pipe and pipe2 aren't ported, pending a slight rework of pipe FDs for VFS2. mount and umount2 aren't ported out of temporary laziness. access and faccessat need additional FSImpl methods to implement properly, but are stubbed to prevent googletest from CHECK-failing. Other syscalls require additional plumbing. Updates #1623 PiperOrigin-RevId: 297188448
2020-02-25Fix nested logging.Adin Scannell
PiperOrigin-RevId: 297175316
2020-02-25Don't acquire contended lock with the OS thread locked.Adin Scannell
Fixes #1049 PiperOrigin-RevId: 297175164
2020-02-25Fix mount refcount issue.Adin Scannell
Each mount is holds a reference on a root Dirent, but the mount itself may live beyond it's own reference. This means that a call to Root() can come after the associated reference has been dropped. Instead of introducing a separate layer of references for mount objects, we simply change the Root() method to use TryIncRef() and allow it to return nil if the mount is already gone. This requires updating a small number of callers and minimizes the change (since VFSv2 will replace this code shortly). PiperOrigin-RevId: 297174230
2020-02-25Deflake TestCurrentConnectedIncrement.Bhasker Hariharan
TestCurrentConnectedIncrement fails consistently under gotsan due to the sleep to check metrics is exactly the same as the TIME-WAIT duration. Under gotsan things can be slow enough that the increment test is done before the protocol goroutine is run after the TIME-WAIT timer expires and does its cleanup. Increasing the sleep from 1s to 1.2s makes the test pass consistently. PiperOrigin-RevId: 297160181
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 16:29:24 +0000