summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2020-09-25make sure use the kernel space after change ASIDMin Le
after the SWITCH_TO_APP_PAGETABLE, the ASID is changed to the application ASID, but there are still some instruction before ERET, since these instruction is not use the kernel address space, it may use the application's TLB, which will cause fault, this patch can make sure that after SWITCH_TO_APP_PAGETABLE sentry is still use kernel address space which is mapped as Global. Signed-off-by: Min Le <lemin.lm@antgroup.com>
2020-09-21Allow partial writes for gofer.specialFileFD.Dean Deng
Originally, we avoided partial writes in case it caused us to write a partial packet to a socket-backed specialFileFD. However, this check causes splicing from a pipe to specialFileFD to fail if we hit EOF on the pipe. PiperOrigin-RevId: 333016216
2020-09-21Use kernfs.Dentry for kernfs.Lookup.Dean Deng
Updates #1193. PiperOrigin-RevId: 332939026
2020-09-20Merge pull request #3651 from ianlewis:ip-forwardinggVisor bot
PiperOrigin-RevId: 332760843
2020-09-18Merge pull request #3989 from jinmouil:feature/fuse-fixgVisor bot
PiperOrigin-RevId: 332548335
2020-09-18Implement fsimpl/overlay.filesystem.RenameAt.Jamie Liu
Updates #1199 PiperOrigin-RevId: 332539197
2020-09-18Use a tmpfs file for shared anonymous and /dev/zero mmap on VFS2.Jamie Liu
This is more consistent with Linux (see comment on MM.NewSharedAnonMappable()). We don't do the same thing on VFS1 for reasons documented by the updated comment. PiperOrigin-RevId: 332514849
2020-09-18fuse: update design doc with I/O implementationJinmou Li
2020-09-18Count packets dropped by iptables in IPStatsKevin Krakauer
PiperOrigin-RevId: 332486383
2020-09-18Merge pull request #3972 from btw616:fix/commentsgVisor bot
PiperOrigin-RevId: 332486111
2020-09-18Enqueue TCP sends arriving in SYN_SENT state.Mithun Iyer
TCP needs to enqueue any send requests arriving when the connection is in SYN_SENT state. The data should be sent out soon after completion of the connection handshake. Fixes #3995 PiperOrigin-RevId: 332482041
2020-09-18Fix definition of SchedParam.Rahat Mahmood
Linux defines this struct as: struct sched_param { int priority; } ... in include/linux/sched.h. PiperOrigin-RevId: 332473133
2020-09-18Use common parsing utilities when sniffingGhanan Gowripalan
Extract parsing utilities so they can be used by the sniffer. Fixes #3930 PiperOrigin-RevId: 332401880
2020-09-17fuse.DeviceFD needs to hold a reference on the associated filesystem.Rahat Mahmood
This fixes a use-after-free in fuse.DeviceFD.Release. PiperOrigin-RevId: 332394146
2020-09-17Test IPv4 WritePackets statsKevin Krakauer
IPv6 tests will be added in another CL along with ip6tables. PiperOrigin-RevId: 332389102
2020-09-17ip6tables: filter table supportKevin Krakauer
`ip6tables -t filter` is now usable. NAT support will come in a future CL. #3549 PiperOrigin-RevId: 332381801
2020-09-17{Set,Get} SO_LINGER on all endpoints.Nayana Bidari
SO_LINGER is a socket level option and should be stored on all endpoints even though it is used to linger only for TCP endpoints. PiperOrigin-RevId: 332369252
2020-09-17[testing] Use container address to talk to server running inside container.Ayush Ranjan
Docker does not have IPv6 port forwarding as tracked by the following issue: https://github.com/moby/moby/issues/11518 So when running bazel itself inside a docker container, we can not use the host port bindings to communicate with sockets inside the container. This was causing integration tests and image tests to fail when run through our Makefile targets. PiperOrigin-RevId: 332355051
2020-09-17Change sizeofInt32 to string sizeChong Cai
This constant is used to represent int32 stored in file xattrs. The integers are stored as strings there, so the real size should be the string size (number of digits) instead of an int size (4 bytes). PiperOrigin-RevId: 332353217
2020-09-17Set mode when creating Merkle tree fileChong Cai
PiperOrigin-RevId: 332340342
2020-09-17Complete vfs2 implementation of fallocate.Dean Deng
This change includes overlay, special regular gofer files, and hostfs. Fixes #3589. PiperOrigin-RevId: 332330860
2020-09-17Merge pull request #3979 from jinmouil:feature/fuse-fixgVisor bot
PiperOrigin-RevId: 332328860
2020-09-17Return ENOPROTOOPT for all SOL_PACKET options.Bhasker Hariharan
This is required to make tcpdump work. tcpdump falls back to not using things like PACKET_RX_RING if setsockopt returns ENOPROTOOPT. This used to be the case before https://github.com/google/gvisor/commit/6f8fb7e0db2790ff1f5ba835780c03fe245e437f. Fixes #3981 PiperOrigin-RevId: 332326517
2020-09-17Fix kernfs unlinkat and rmdirat incorrect resolved path nameJinmou Li
2020-09-17fsimpl: improve the "implements" commentsTiwei Bie
As noticed by @ayushr2, the "implements" comments are not consistent, e.g. // IterDirents implements kernfs.inodeDynamicLookup. // Generate implements vfs.DynamicBytesSource.Generate. This patch improves this by making the comments like this consistently include the package name (when the interface and struct are not in the same package) and method name. Signed-off-by: Tiwei Bie <tiwei.btw@antgroup.com>
2020-09-16Merge pull request #3934 from avagin:feature/fusegVisor bot
PiperOrigin-RevId: 332122081
2020-09-16Implement OpenAt() for verity fsChong Cai
OpenAt() for verity fs is implemented by opening both the target file or directory and the corresponding Merkle tree file in the underlying file system. Generally they are only open for read. In allowRuntimeEnable mode, the Merkle tree file is also open for write. PiperOrigin-RevId: 332116423
2020-09-16Automated rollback of changelist 329526153Nayana Bidari
PiperOrigin-RevId: 332097286
2020-09-16Bind loopback subnets' lifetime to perm addressGhanan Gowripalan
The lifetime of addreses in a loopback interface's associated subnets should be bound to their respective permanent addresses. This change also fixes a race when the stack attempts to get an IPv4 rereferencedNetworkEndpoint for an address in an associated subnet on a loopback interface. Before this change, the stack would only check if an IPv4 address is contained in an associated subnet while holding a read lock but wouldn't do this same check after releasing the read lock for a write lock to create a temporary address. This may cause the stack to bind the lifetime of the address to a new (temporary) endpoint instead of the associated subnet's permanent address. Test: integration_test.TestLoopbackSubnetLifetimeBoundToAddr PiperOrigin-RevId: 332094719
2020-09-16Implement PRead for verity fsChong Cai
PRead is implemented by read from the underlying file in blocks, and verify each block. The verified contents are saved into the output buffer. PiperOrigin-RevId: 332092267
2020-09-16Gracefully translate unknown errno.Ting-Yu Wang
Neither POSIX.1 nor Linux defines an upperbound for errno. PiperOrigin-RevId: 332085017
2020-09-16Merge pull request #3893 from lubinszARM:pr_n1_03gVisor bot
PiperOrigin-RevId: 332069743
2020-09-16fuse: fix data race in fusefs Release()Jinmou Li
fix #3956
2020-09-16fuse: fix FUSE_RELEASE reply handlingJinmou Li
fix #3963
2020-09-16Update fuse.md design doc with design detailsJinmou Li
2020-09-16Fix FUSE connection control lock ordering and race in unit testJinmou Li
2020-09-16fuse: don't pass lock by valueAndrei Vagin
copylocks: directory.go:34:7: Allocate passes lock by value: fuse/fuse.directoryFD contains fuse/fuse.fileDescription contains pkg/sentry/vfs/vfs.FileDescription contains pkg/sync/sync.Mutex
2020-09-16fuse: fix a compile time errorAndrei Vagin
readdir_test.cc:134:24: error: variable length arrays are a C99 feature [-Werror,-Wvla-extension] char readdir_payload[readdir_payload_size];
2020-09-16Revert "fuse: add benchmarking support for FUSE"Andrei Vagin
test/fuse/benchmark/read_benchmark.cc:34: Failure Expected: (fuse_prefix) != (nullptr), actual: NULL vs (nullptr) external/com_google_benchmark/src/benchmark_runner.cc:120: RunInThread: Check `st.iterations() >= st.max_iterations' failed. Benchmark returned before State::KeepRunning() returned false! --- FAIL: Benchmarks_BM_Read/262144/real_time (0.29s) runner.go:502: test "Benchmarks.BM_Read/262144/real_time" failed with error exit status 134, want nil FAIL
2020-09-16Fix FUSE unit test after vfs interface changeJinmou Li
2020-09-16Fix FUSE go unit test merge conflict mistakeJinmou Li
2020-09-16Receive broadcast packets on interested endpointsGhanan Gowripalan
When a broadcast packet is received by the stack, the packet should be delivered to each endpoint that may be interested in the packet. This includes all any address and specified broadcast address listeners. Test: integration_test.TestReuseAddrAndBroadcast PiperOrigin-RevId: 332060652
2020-09-16fs/fuse: Move the 'marshal' and 'primitive' packages to the 'pkg' directory.Andrei Vagin
2020-09-16fuse_open: add padding to open out requestBoyuan He
2020-09-16Unexport fusefs.inode.nodeIDCraig Chi
2020-09-16Implement FUSE_UNLINKBoyuan He
Fixes #3696
2020-09-16Fix comments of TODO issues.Craig Chi
2020-09-16Add FUSE umount supportJinmou Li
This change implements Release for the FUSE filesystem and expected behaviors of the FUSE devices. It includes several checks for aborted connection in the path for making a request and a function to abort all the ongoing FUSE requests in order.
2020-09-16Fix FUSE_RELEASE protocol reply processingJinmou Li
This commit fixes the potential unexpected errors of original handling of FUSE_RELEASE responses while keep the same behavior (ignoring any reply).
2020-09-16Improve FUSE async/noreply call logicJinmou Li
This change adds bookkeeping variables for the FUSE request. With them, old insecure confusing code we used to process async requests is replaced by new clear compiling ones. Future code can take advantage of them to have better control of each requests.