summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2018-08-24SyscallRules merge and add were dropping AllowAny rulesFabricio Voznika
PiperOrigin-RevId: 210131001 Change-Id: I285707c5143b3e4c9a6948c1d1a452b6f16e65b7
2018-08-23Implement POSIX per-process interval timers.Jamie Liu
PiperOrigin-RevId: 210021612 Change-Id: If7c161e6fd08cf17942bfb6bc5a8d2c4e271c61e
2018-08-23netstack: make listening tcp socket close state setting and cleanup atomic.Zhaozhong Ni
Otherwise the socket saving logic might find workers still running for closed sockets unexpectedly. PiperOrigin-RevId: 210018905 Change-Id: I443a04d355613f5f9983252cc6863bff6e0eda3a
2018-08-23sentry: mark idMapSeqHandle as savable.Zhaozhong Ni
PiperOrigin-RevId: 209994384 Change-Id: I16186cf79cb4760a134f3968db30c168a5f4340e
2018-08-23Encapsulate netstack metricsIan Gudger
PiperOrigin-RevId: 209943212 Change-Id: I96dcbc7c2ab2426e510b94a564436505256c5c79
2018-08-22Add separate Recycle method for allocator.Adin Scannell
This improves debugging for pagetable-related issues. PiperOrigin-RevId: 209827795 Change-Id: I4cfa11664b0b52f26f6bc90a14c5bb106f01e038
2018-08-22Allow building on !linuxGoogler
PiperOrigin-RevId: 209819644 Change-Id: I329d054bf8f4999e7db0dcd95b13f7793c65d4e2
2018-08-22sentry: mark S/R stating errors as save rejections / fs corruptions.Zhaozhong Ni
PiperOrigin-RevId: 209817767 Change-Id: Iddf2b8441bc44f31f9a8cf6f2bd8e7a5b824b487
2018-08-22Always add AT_BASE even if there is no interpreter.Brian Geffon
Linux will ALWAYS add AT_BASE even for a static binary, expect it will be set to 0 [1]. 1. https://github.com/torvalds/linux/blob/master/fs/binfmt_elf.c#L253 PiperOrigin-RevId: 209811129 Change-Id: I92cc66532f23d40f24414a921c030bd3481e12a0
2018-08-22fs: Hold Dirent.mu when calling Dirent.flush().Nicolas Lacasse
As required by the contract in Dirent.flush(). Also inline Dirent.freeze() into Dirent.Freeze(), since it is only called from there. PiperOrigin-RevId: 209783626 Change-Id: Ie6de4533d93dd299ffa01dabfa257c9cc259b1f4
2018-08-21sentry: do not release gofer inode file state loading lock upon error.Zhaozhong Ni
When an inode file state failed to load asynchronuously, we want to report the error instead of potentially panicing in another async loading goroutine incorrectly unblocked. PiperOrigin-RevId: 209683977 Change-Id: I591cde97710bbe3cdc53717ee58f1d28bbda9261
2018-08-21binary: append slicesIan Gudger
A new optimization in Go 1.11 improves the efficiency of slice extension: "The compiler now optimizes slice extension of the form append(s, make([]T, n)...)." https://tip.golang.org/doc/go1.11#performance-compiler Before: BenchmarkMarshalUnmarshal-12 2000000 664 ns/op 0 B/op 0 allocs/op BenchmarkReadWrite-12 500000 2395 ns/op 304 B/op 24 allocs/op After: BenchmarkMarshalUnmarshal-12 2000000 628 ns/op 0 B/op 0 allocs/op BenchmarkReadWrite-12 500000 2411 ns/op 304 B/op 24 allocs/op BenchmarkMarshalUnmarshal benchmarks the code in this package, BenchmarkReadWrite benchmarks the code in the standard library. PiperOrigin-RevId: 209679979 Change-Id: I51c6302e53f60bf79f84576b1ead4d36658897cb
2018-08-21Expose route tableGoogler
PiperOrigin-RevId: 209670528 Change-Id: I2890bcdef36f0b5f24b372b42cf628b38dd5764e
2018-08-21Build PCAP file with atomic blocking writesIan Gudger
The previous use of non-blocking writes could result in corrupt PCAP files if a partial write occurs. Using (*os.File).Write solves this problem by not allowing partial writes. This change does not increase allocations (in one path it actually reduces them), but does add additional copying. PiperOrigin-RevId: 209652974 Change-Id: I4b1cf2eda4cfd7f237a4245aceb7391b3055a66c
2018-08-21Fix races in kernel.(*Task).Value()Ian Gudger
PiperOrigin-RevId: 209627180 Change-Id: Idc84afd38003427e411df6e75abfabd9174174e1
2018-08-20Fix handling of abstract Unix socket addressesIan Gudger
* Don't truncate abstract addresses at second null. * Properly handle abstract addresses with length < 108 bytes. PiperOrigin-RevId: 209502703 Change-Id: I49053f2d18b5a78208c3f640c27dbbdaece4f1a9
2018-08-20getdents should return type=DT_DIR for SpecialDirectories.Nicolas Lacasse
It was returning DT_UNKNOWN, and this was breaking numpy. PiperOrigin-RevId: 209459351 Change-Id: Ic6f548e23aa9c551b2032b92636cb5f0df9ccbd4
2018-08-20sysfs: Add (empty) cpu directories for each cpu in /sys/devices/system/cpu.Nicolas Lacasse
Numpy needs these. Also added the "present" directory, since the contents are the same as possible and online. PiperOrigin-RevId: 209451777 Change-Id: I2048de3f57bf1c57e9b5421d607ca89c2a173684
2018-08-16fs: Support possible and online knobs for cpuChenggang Qin
Some linux commands depend on /sys/devices/system/cpu/possible, such as 'lscpu'. Add 2 knobs for cpu: /sys/devices/system/cpu/possible /sys/devices/system/cpu/online Both the values are '0 - Kernel.ApplicationCores()-1'. Change-Id: Iabd8a4e559cbb630ed249686b92c22b4e7120663 PiperOrigin-RevId: 209070163
2018-08-16Internal change.Googler
PiperOrigin-RevId: 209060862 Change-Id: I2cd02f0032b80d0087110095548b1a8ffa696ac2
2018-08-15Remove obsolete comment about panickingIan Gudger
PiperOrigin-RevId: 208908702 Change-Id: I6be9c765c257a9ddb1a965a03942ab3fc3a34a43
2018-08-15runsc fsgofer: Support dynamic serving of filesystems.Kevin Krakauer
When multiple containers run inside a sentry, each container has its own root filesystem and set of mounts. Containers are also added after sentry boot rather than all configured and known at boot time. The fsgofer needs to be able to serve the root filesystem of each container. Thus, it must be possible to add filesystems after the fsgofer has already started. This change: * Creates a URPC endpoint within the gofer process that listens for requests to serve new content. * Enables the sentry, when starting a new container, to add the new container's filesystem. * Mounts those new filesystems at separate roots within the sentry. PiperOrigin-RevId: 208903248 Change-Id: Ifa91ec9c8caf5f2f0a9eead83c4a57090ce92068
2018-08-14Reduce map lookups in syserrIan Gudger
PiperOrigin-RevId: 208755352 Change-Id: Ia24630f452a4a42940ab73a8113a2fd5ea2cfca2
2018-08-14runsc: Change cache policy for root fs and volume mounts.Nicolas Lacasse
Previously, gofer filesystems were configured with the default "fscache" policy, which caches filesystem metadata and contents aggressively. While this setting is best for performance, it means that changes from inside the sandbox may not be immediately propagated outside the sandbox, and vice-versa. This CL changes volumes and the root fs configuration to use a new "remote-revalidate" cache policy which tries to retain as much caching as possible while still making fs changes visible across the sandbox boundary. This cache policy is enabled by default for the root filesystem. The default value for the "--file-access" flag is still "proxy", but the behavior is changed to use the new cache policy. A new value for the "--file-access" flag is added, called "proxy-exclusive", which turns on the previous aggressive caching behavior. As the name implies, this flag should be used when the sandbox has "exclusive" access to the filesystem. All volume mounts are configured to use the new cache policy, since it is safest and most likely to be correct. There is not currently a way to change this behavior, but it's possible to add such a mechanism in the future. The configurability is a smaller issue for volumes, since most of the expensive application fs operations (walking + stating files) will likely served by the root fs. PiperOrigin-RevId: 208735037 Change-Id: Ife048fab1948205f6665df8563434dbc6ca8cfc9
2018-08-14TTY: Fix data race where calls into tty.queue's waiter were not synchronized.Kevin Krakauer
Now, there's a waiter for each end (master and slave) of the TTY, and each waiter.Entry is only enqueued in one of the waiters. PiperOrigin-RevId: 208734483 Change-Id: I06996148f123075f8dd48cde5a553e2be74c6dce
2018-08-14Fix `ls -laR | wc -l` hanging.Kevin Krakauer
stat()-ing /proc/PID/fd/FD incremented but didn't decrement the refcount for FD. This behavior wasn't usually noticeable, but in the above case: - ls would never decrement the refcount of the write end of the pipe to 0. - This caused the write end of the pipe never to close. - wc would then hang read()-ing from the pipe. PiperOrigin-RevId: 208728817 Change-Id: I4fca1ba5ca24e4108915a1d30b41dc63da40604d
2018-08-14Enforce Unix socket address length limitIan Gudger
PiperOrigin-RevId: 208720936 Change-Id: Ic943a88b6efeff49574306d4d4e1f113116ae32e
2018-08-14Automated rollback of changelist 208284483Nicolas Lacasse
PiperOrigin-RevId: 208685417 Change-Id: Ie2849c4811e3a2d14a002f521cef018ded0c6c4a
2018-08-14Fix bind() on overlays.Nicolas Lacasse
InodeOperations.Bind now returns a Dirent which will be cached in the Dirent tree. When an overlay is in-use, Bind cannot return the Dirent created by the upper filesystem because the Dirent does not know about the overlay. Instead, overlayBind must create a new overlay-aware Inode and Dirent and return that. This is analagous to how Lookup and overlayLookup work. PiperOrigin-RevId: 208670710 Change-Id: I6390affbcf94c38656b4b458e248739b4853da29
2018-08-13Prevent renames across walk fast path.Adin Scannell
PiperOrigin-RevId: 208533436 Change-Id: Ifc1a4e2d6438a424650bee831c301b1ac0d670a3
2018-08-13Add path sanity checks.Adin Scannell
PiperOrigin-RevId: 208527333 Change-Id: I55291bc6b8bc6b88fdd75baf899a71854c39c1a7
2018-08-10fs: Allow overlays to revalidate files from the upper fs.Nicolas Lacasse
Previously, an overlay would panic if either the upper or lower fs required revalidation for a given Dirent. Now, we allow revalidation from the upper file, but not the lower. If a cached overlay inode does need revalidation (because the upper needs revalidation), then the entire overlay Inode will be discarded and a new overlay Inode will be built with a fresh copy of the upper file. As a side effect of this change, Revalidate must take an Inode instead of a Dirent, since an overlay needs to revalidate individual Inodes. PiperOrigin-RevId: 208293638 Change-Id: Ic8f8d1ffdc09114721745661a09522b54420c5f1
2018-08-10Implemented the splice(2) syscall.Justine Olshan
Currently the implementation matches the behavior of moving data between two file descriptors. However, it does not implement this through zero-copy movement. Thus, this code is a starting point to build the more complex implementation. PiperOrigin-RevId: 208284483 Change-Id: Ibde79520a3d50bc26aead7ad4f128d2be31db14e
2018-08-10cache policy: Check policy before returning a negative dirent.Nicolas Lacasse
The cache policy determines whether Lookup should return a negative dirent, or just ENOENT. This CL fixes one spot where we returned a negative dirent without first consulting the policy. PiperOrigin-RevId: 208280230 Change-Id: I8f963bbdb45a95a74ad0ecc1eef47eff2092d3a4
2018-08-10Enable checkpoint/restore in cases of UDS use.Brielle Broder
Previously, processes which used file-system Unix Domain Sockets could not be checkpoint-ed in runsc because the sockets were saved with their inode numbers which do not necessarily remain the same upon restore. Now, the sockets are also saved with their paths so that the new inodes can be determined for the sockets based on these paths after restoring. Tests for cases with UDS use are included. Test cleanup to come. PiperOrigin-RevId: 208268781 Change-Id: Ieaa5d5d9a64914ca105cae199fd8492710b1d7ec
2018-08-10Validate FS.base before establishing it in the task's register set.Neel Natu
PiperOrigin-RevId: 208229341 Change-Id: I5d84bc52bbafa073446ef497e56958d0d7955aa8
2018-08-09Fix missing O_LARGEFILE from O_CREAT filesMichael Pratt
Cleanup some more syscall.O_* references while we're here. PiperOrigin-RevId: 208133460 Change-Id: I48db71a38f817e4f4673977eafcc0e3874eb9a25
2018-08-08Basic support for ip link/addr and ifconfigFabricio Voznika
Closes #94 PiperOrigin-RevId: 207997580 Change-Id: I19b426f1586b5ec12f8b0cd5884d5b401d334924
2018-08-08Fix error handling for bad message sizes.Adin Scannell
The message size check is legitimate: the size must be negotiated, which relies on the fixed message limit up front. Sending a message larger than that indicates that the connection is out of sync and is considered a socket error (disconnect). Similarly, sending a size that is too small indicates that the stream is out-of-sync or invalid. PiperOrigin-RevId: 207996551 Change-Id: Icd8b513d5307e9d5953dbb957ee70ceea111098d
2018-08-08Resend packets back to netstack if destined to itselfFabricio Voznika
Add option to redirect packet back to netstack if it's destined to itself. This fixes the problem where connecting to the local NIC address would not work, e.g.: echo bar | nc -l -p 8080 & echo foo | nc 192.168.0.2 8080 PiperOrigin-RevId: 207995083 Change-Id: I17adc2a04df48bfea711011a5df206326a1fb8ef
2018-08-08Protect PCIDs with a mutex.Adin Scannell
Because the Drop method may be called across vCPUs, it is necessary to protect the PCID database with a mutex to prevent concurrent modification. The PCID is assigned prior to entersyscall, so it's safe to block. PiperOrigin-RevId: 207992864 Change-Id: I8b36d55106981f51e30dcf03e12886330bb79d67
2018-08-08Fix data race in unix.BoundEndpoint.UnidirectionalConnect.Ian Gudger
Data race is: Read: (*connectionlessEndpoint).UnidirectionalConnect: writeQueue: e.receiver.(*queueReceiver).readQueue, Write: (*connectionlessEndpoint).Close: e.receiver = nil The problem is that (*connectionlessEndpoint).UnidirectionalConnect assumed that baseEndpoint.receiver is immutable which is explicitly not the case. Fixing this required two changes: 1. Add synchronization around access of baseEndpoint.receiver in (*connectionlessEndpoint).UnidirectionalConnect. 2. Check for baseEndpoint.receiver being nil in (*connectionlessEndpoint).UnidirectionalConnect. PiperOrigin-RevId: 207984402 Change-Id: Icddeeb43805e777fa3ef874329fa704891d14181
2018-08-08Enable SACK in runscFabricio Voznika
SACK is disabled by default and needs to be manually enabled. It not only improves performance, but also fixes hangs downloading files from certain websites. PiperOrigin-RevId: 207906742 Change-Id: I4fb7277b67bfdf83ac8195f1b9c38265a0d51e8b
2018-08-07Hold TaskSet.mu in Task.Parent.Jamie Liu
PiperOrigin-RevId: 207766238 Change-Id: Id3b66d8fe1f44c3570f67fa5ae7ba16021e35be1
2018-08-07Adds support to dump out cubic internal state.Bhasker Hariharan
PiperOrigin-RevId: 207754087 Change-Id: I83abce64348ea93f8692da81a881b364dae2158b
2018-08-07fs: Add new cache policy "remote_revalidate".Nicolas Lacasse
This CL adds a new cache-policy for gofer filesystems that uses the host page cache, but causes dirents to be reloaded on each Walk, and does not cache readdir results. This policy is useful when the remote filesystem may change out from underneath us, as any remote changes will be reflected on the next Walk. Importantly, this cache policy is only consistent if we do not use gVisor's internal page cache, since that page cache is tied to the Inode and may be thrown away upon Revalidation. This cache policy should only be used when the gofer supports donating host FDs, since then gVisor will make use of the host kernel page cache, which will be consistent for all open files in the gofer. In fact, a panic will be raised if a file is opened without a donated FD. PiperOrigin-RevId: 207752937 Change-Id: I233cb78b4695bbe00a4605ae64080a47629329b8
2018-08-07sentry: make epoll.pollEntry wait for the file operation in restore.Zhaozhong Ni
PiperOrigin-RevId: 207737935 Change-Id: I3a301ece1f1d30909715f36562474e3248b6a0d5
2018-08-07Netstack doesn't handle sending after SHUT_WR correctly.Brian Geffon
PiperOrigin-RevId: 207715032 Change-Id: I7b6690074c5be283145192895d706a92e921b22c
2018-08-06Make ramfs.File savableMichael Pratt
In other news, apparently proc.fdInfo is the last user of ramfs.File. PiperOrigin-RevId: 207564572 Change-Id: I5a92515698cc89652b80bea9a32d309e14059869
2018-08-06Fix a bug in PCIDs.AssignShiruRen
Store the new assigned pcid in p.cache[pt]. Signed-off-by: ShiruRen <renshiru2000@gmail.com> Change-Id: I4aee4e06559e429fb5e90cb9fe28b36139e3b4b6 PiperOrigin-RevId: 207563833