summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2021-08-11Initial cgroupfs support for subcontainersRahat Mahmood
Allow creation and management of subcontainers through cgroupfs directory syscalls. Also add a mechanism to specify a default root container to start new jobs in. This implements the filesystem support for subcontainers, but doesn't implement hierarchical resource accounting or task migration. PiperOrigin-RevId: 390254870
2021-08-09platform/kvm: fix a race condition in vCPU.unlock()Andrei Vagin
Right now, it contains the code: origState := atomic.LoadUint32(&c.state) atomicbitops.AndUint32(&c.state, ^vCPUUser) The problem here is that vCPU.bounce that is called from another thread can add vCPUWaiter when origState has been read but vCPUUser isn't cleared yet. In this case, vCPU.unlock doesn't notify other threads about changes and c.bounce will be stuck in the futex_wait call. PiperOrigin-RevId: 389697411
2021-08-05Correctly handle interruptions in blocking msgqueue syscalls.Rahat Mahmood
Reported-by: syzbot+63bde04529f701c76168@syzkaller.appspotmail.com Reported-by: syzbot+69866b9a16ec29993e6a@syzkaller.appspotmail.com PiperOrigin-RevId: 389084629
2021-08-05Bump gVisor build tags to go1.19Michael Pratt
Go's dev.typeparams branch already claims to be Go 1.18, so our !go1.18 build tags breaking testing gVisor with that branch. Normally I would not want to bump the build tags this early, but I plan to extend checklinkname to check the assumptions in these files and remove the build tags ASAP. So we just go ahead and bump the tags until then to unblock testing. PiperOrigin-RevId: 389037239
2021-08-05Automated rollback of changelist 384508720Kevin Krakauer
PiperOrigin-RevId: 389035388
2021-08-05Merge pull request #6372 from avagin:AlignedAtomicgVisor bot
PiperOrigin-RevId: 388985968
2021-08-04Reduce overhead of AlignedAtomic typesAndrei Vagin
AlignedAtomicUint64 is 15 bytes and it takes 16 bytes in structures. On 32-bit systems, variables and structure fields is guaranteed to be 32-bit aligned and this means that we need only 12 bytes to find 8 contiguous bytes.
2021-08-04Implement PR_SET_CHILD_SUBREAPER when the calling task is PID 1.Nicolas Lacasse
In this case, the task is already a subreaper, so setting this bit is a noop. Updates #2323 PiperOrigin-RevId: 388828034
2021-08-04Add Fs controlsChong Cai
Add Fs controls and implement "cat" command. PiperOrigin-RevId: 388812540
2021-08-03Add Lifecycle controlsChong Cai
Also change runsc pause/resume cmd to access Lifecycle instead of containerManager. PiperOrigin-RevId: 388534928
2021-08-03Implement MSG_COPY option for msgrcv(2).Zyad A. Ali
Implement Queue.Copy and add more tests for it. Updates #135
2021-08-03Implement stubs for msgsnd(2) and msgrcv(2).Zyad A. Ali
Add support for msgsnd and msgrcv and enable syscall tests. Updates #135
2021-08-03Implement Queue.Receive.Zyad A. Ali
Receive implements the behaviour of msgrcv(2) without the MSG_COPY flag. Updates #135
2021-08-03Implement Queue.Send.Zyad A. Ali
Send implements the functionality of msgsnd(2). Updates #135
2021-08-01Merge pull request #6350 from sudo-sturbia:cgroupfsgVisor bot
PiperOrigin-RevId: 388129112
2021-07-30Support RTM_DELLINKZeling Feng
This change will allow us to remove the default link in a packetimpact test so we can reduce indeterministic behaviors as required in https://fxbug.dev/78430. This will also help with testing #1388. Updates #578, #1388. PiperOrigin-RevId: 387896847
2021-07-30Merge pull request #6257 from zhlhahaha:2193-1gVisor bot
PiperOrigin-RevId: 387885663
2021-07-30checklinkname: rudimentary type-checking of linkname directivesMichael Pratt
This CL introduces a 'checklinkname' analyzer, which provides rudimentary type-checking that verifies that function signatures on the local and remote sides of //go:linkname directives match expected values. If the Go standard library changes the definitions of any of these function, checklinkname will flag the change as a finding, providing an error informing the gVisor team to adapt to the upstream changes. This allows us to eliminate the majority of gVisor's forward-looking negative build tags, as we can catch mismatches in testing [1]. The remaining forward-looking negative build tags are covering shared struct definitions, which I hope to add to checklinkname in a future CL. [1] Of course, semantics/requirements can change without the signature changing, so we still must be careful, but this covers the common case. PiperOrigin-RevId: 387873847
2021-07-28Explicitly encode the pcap packet headers to reduce CPU cost of pcap generation.gVisor bot
PiperOrigin-RevId: 387513118
2021-07-28Add Uid/Gid/Groups fields to VFS2 /proc/[pid]/status.Jamie Liu
For comparison: ``` $ docker run --rm -it ubuntu:focal bash -c 'cat /proc/self/status' Name: cat Umask: 0022 State: R (running) Tgid: 1 Ngid: 0 Pid: 1 PPid: 0 TracerPid: 0 Uid: 0 0 0 0 Gid: 0 0 0 0 FDSize: 64 Groups: NStgid: 1 NSpid: 1 NSpgid: 1 NSsid: 1 VmPeak: 2660 kB VmSize: 2660 kB VmLck: 0 kB VmPin: 0 kB VmHWM: 528 kB VmRSS: 528 kB ... $ docker run --runtime=runsc-vfs2 --rm -it ubuntu:focal bash -c 'cat /proc/self/status' Name: cat State: R (running) Tgid: 1 Pid: 1 PPid: 0 TracerPid: 0 Uid: 0 0 0 0 Gid: 0 0 0 0 FDSize: 4 Groups: VmSize: 10708 kB VmRSS: 3124 kB VmData: 316 kB ... ``` Fixes #6374 PiperOrigin-RevId: 387465655
2021-07-28Merge pull request #6358 from zhlhahaha:2232gVisor bot
PiperOrigin-RevId: 387442805
2021-07-28Lock gofer.dentry.dataMu before SetAttr RPC modifying file size.Jamie Liu
PiperOrigin-RevId: 387427887
2021-07-28tunning hasSlot function and fix store wrong value in usedSlotsHoward Zhang
Make hasSlot scan allocated slot, rather than the whole slice. It is supposed to store physicalStart in usedSlot. Signed-off-by: Howard Zhang <howard.zhang@arm.com>
2021-07-27Don't create an extra fd bitmap to allocate a new fd.Andrei Vagin
2021-07-23Clean up logic for when a VFS2 gofer regular file close causes a flushf.Jamie Liu
PiperOrigin-RevId: 386577891
2021-07-23Don't panic on user-controlled state in semaphore syscalls.Rahat Mahmood
Reported-by: syzbot+beb099a67f670386a367@syzkaller.appspotmail.com PiperOrigin-RevId: 386521361
2021-07-23Add support for SIOCGIFCONF ioctl in hostinet.Lucas Manning
PiperOrigin-RevId: 386511818
2021-07-22VFS2: remove ext codeKevin Krakauer
We opted to move forward with FUSE instead. PiperOrigin-RevId: 386344258
2021-07-22kvm: set CR0.NE = 1Andrei Vagin
CR0.NE enables internal x87 floating point error reporting when set, else enables PC style x87 error detection. On AMD, the #MF exception isn't generated if CR0.NE isn't set. PiperOrigin-RevId: 386340269
2021-07-22Merge pull request #6108 from sudo-sturbia:msgqueue/syscallsgVisor bot
PiperOrigin-RevId: 386323389
2021-07-22Replace kernel package types for clone and unshare with linux package types.Jamie Liu
PiperOrigin-RevId: 386312456
2021-07-22Delete unnecessary function.Zyad A. Ali
Since cgroupfs.dir embedes cgroupfs.implStatFS, and dir.StatFS and implStatFS.StatFS are identical, dir.StatFS is not needed.
2021-07-21Add metric to count number of segments acknowledged by DSACK.Nayana Bidari
- Creates new metric "/tcp/segments_acked_with_dsack" to count the number of segments acked with DSACK. - Added check to verify the metric is getting incremented when a DSACK is sent in the unit tests. PiperOrigin-RevId: 386135949
2021-07-21Use atomics when checking for parent setgid in VFS2 tmpfs file creation.Jamie Liu
Reported-by: syzbot+59550b48e06cc0d3b638@syzkaller.appspotmail.com PiperOrigin-RevId: 386075453
2021-07-20Enable RACK by default in netstack.Nayana Bidari
PiperOrigin-RevId: 385944428
2021-07-20Expose local address from raw socketsGhanan Gowripalan
PiperOrigin-RevId: 385940836
2021-07-20Merge pull request #6220 from laijs:disconnect-fpgVisor bot
PiperOrigin-RevId: 385919423
2021-07-20Add go:build directives as required by Go 1.17's gofmt.Jamie Liu
PiperOrigin-RevId: 385894869
2021-07-20ring0: Initialize sentryXCR0 from Kernel.init()Andrei Vagin
Fixes #6300 PiperOrigin-RevId: 385840917
2021-07-15Fix refcount increments in gofer.filesystem.Sync.Fabricio Voznika
fs.renameMu is released and reacquired in `dentry.destroyLocked()` allowing a dentry to be in `fs.syncableDentries` with a negative reference count. Fixes #5263 PiperOrigin-RevId: 385054337
2021-07-15netstack: support SO_RCVBUFFORCEKevin Krakauer
TCP is fully supported. As with SO_RCVBUF, other transport protocols perform no-ops per DefaultSocketOptionsHandler.OnSetReceiveBufferSize. PiperOrigin-RevId: 385023239
2021-07-14Set tcp endpoint state atomicallyTamir Duberstein
PiperOrigin-RevId: 384776517
2021-07-13Replace whitelist with allowlistFabricio Voznika
PiperOrigin-RevId: 384586164
2021-07-13Do not require O_PATH flag to enable verityChong Cai
Remove the hack in gVisor vfs that allows verity to bypass the O_PATH check, since ioctl is not allowed on fds opened with O_PATH in linux. Verity still opens the lowerFD with O_PATH to open it as a symlink, but the API no longer expects O_PATH to open a fd to be verity enabled. Now only O_FOLLOW should be specified when opening and enabling verity features. PiperOrigin-RevId: 384567833
2021-07-13Implement stubs for msgget(2) and msgctl(IPC_RMID).Zyad A. Ali
Add support for msgget, and msgctl(IPC_RMID), and enable msgqueue syscall tests. Updates #135
2021-07-13Implement Registry.Remove.Zyad A. Ali
Remove implements the behaviour or msgctl(IPC_RMID). Updates #135
2021-07-13Implement Registry.FindOrCreate.Zyad A. Ali
FindOrCreate implements the behaviour of msgget(2). Updates #135
2021-07-13Create package msgqueue.Zyad A. Ali
Create package msgqueue, define primitives to be used for message queues, and add a msgqueue.Registry to IPCNamespace. Updates #135
2021-07-13Add abi definitions for sysv message queues.Zyad A. Ali
Updates #135
2021-07-13Create ipc.Registry.Zyad A. Ali
Create ipc.Registry to hold fields, and define functionality common to all SysV registries, and have registries use it.