summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2019-12-16Implement checks for get/setxattr at the syscall layer.Dean Deng
Add checks for input arguments, file type, permissions, etc. that match the Linux implementation. A call to get/setxattr that passes all the checks will still currently return EOPNOTSUPP. Actual support will be added in following commits. Only allow user.* extended attributes for the time being. PiperOrigin-RevId: 285835159
2019-12-13enable kvm to support arm64lubinszARM
There are 4 jobs were finished in this package: 1, Virtual machine initialization. 2, Bluepill implementation. 3, Move ring0.Vectors() into the address with 11-bits alignment. 4, Basic support for "SwitchToUser". Signed-off-by: Bin Lu <bin.lu@arm.com> COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/919 from lubinszARM:pr_kvm eedea52db451bf62722759009a9f14c54a69c55f PiperOrigin-RevId: 285501256
2019-12-13Properly generate the EUI64 interface identifier from an Ethernet addressGhanan Gowripalan
Fixed a bug where the interface identifier was not properly generated from an Ethernet address. Tests: Unittests to make sure the functions generating the EUI64 interface identifier are correct. PiperOrigin-RevId: 285494562
2019-12-12Implement memmap.MappingIdentity for vfs.FileDescription.Jamie Liu
PiperOrigin-RevId: 285255855
2019-12-12Implement kernfs.Rahat Mahmood
PiperOrigin-RevId: 285231002
2019-12-12unix: allow to bind unix sockets only to AF_UNIX addressesAndrei Vagin
Reported-by: syzbot+2c0bcfd87fb4e8b7b009@syzkaller.appspotmail.com PiperOrigin-RevId: 285228312
2019-12-11Add support for TCP_USER_TIMEOUT option.Bhasker Hariharan
The implementation follows the linux behavior where specifying a TCP_USER_TIMEOUT will cause the resend timer to honor the user specified timeout rather than the default rto based timeout. Further it alters when connections are timedout due to keepalive failures. It does not alter the behavior of when keepalives are sent. This is as per the linux behavior. PiperOrigin-RevId: 285099795
2019-12-11Add vfs.Pathname{WithDeleted,ForGetcwd}.Jamie Liu
The former is needed for vfs.FileDescription to implement memmap.MappingIdentity, and the latter is needed to implement getcwd(2). PiperOrigin-RevId: 285051855
2019-12-11Add additional packages to go branchMichael Pratt
We're missing several packages that runsc doesn't depend on. Most notable are several tcpip link packages. To find packages, I looked at a diff of directories on master vs go: $ bazel build //:gopath $ find bazel-bin/gopath/src/gvisor.dev/gvisor/ -type d > /tmp/gopath.txt $ find . -type d > /tmp/master.txt $ sed 's|bazel-bin/gopath/src/gvisor.dev/gvisor/||' < /tmp/gopath.txt > /tmp/gopath.trunc.txt $ sed 's|./||' < /tmp/master.txt > /tmp/master.trunc.txt $ vimdiff /tmp/gopath.trunc.txt /tmp/master.trunc.txt Testing packages are still left out because :gopath can't depend on testonly targets... PiperOrigin-RevId: 285049029
2019-12-11Merge pull request #1248 from xiaobo55x:ptracegVisor bot
PiperOrigin-RevId: 285038987
2019-12-11runsc/debug: add an option to list all processesAndrei Vagin
runsc debug --ps list all processes with all threads. This option is added to the debug command but not to the ps command, because it is going to be used for debug purposes and we want to add any useful information without thinking about backward compatibility. This will help to investigate syzkaller issues. PiperOrigin-RevId: 285013668
2019-12-10Deduplicate and simplify control message processing for recvmsg and sendmsg.Dean Deng
Also, improve performance by calculating how much space is needed before making an allocation for sendmsg in hostinet. PiperOrigin-RevId: 284898581
2019-12-10Add most VFS methods for syscalls.Jamie Liu
PiperOrigin-RevId: 284892289
2019-12-10Inform the integrator on receipt of an NDP Recursive DNS Server optionGhanan Gowripalan
This change adds support to let an integrator know when it receives an NDP Router Advertisement message with the NDP Recursive DNS Server option with at least one DNS server's address. The stack will not maintain any state related to the DNS servers - the integrator is expected to maintain any required state and invalidate the servers after its valid lifetime expires, or refresh the lifetime when a new one is received for a known DNS server. Test: Unittest to make sure that an event is sent to the integrator when an NDP Recursive DNS Server option is received with at least one address. PiperOrigin-RevId: 284890502
2019-12-10Format fd_set parameters in select(2)/pselect(2) for strace.Dean Deng
I1202 14:55:06.835076 7991 x:0] [ 1] select_test E select(0xa, 0x7fc6ce924c28 [0 1], null, null, 0x7fc6ce924c08 {sec=0 usec=0}) I1202 14:55:06.835102 7991 x:0] [ 1] select_test X select(0xa, 0x7fc6ce924c28 [0 1], null, null, 0x7fc6ce924c08 {sec=0 usec=0}) PiperOrigin-RevId: 284831805
2019-12-10Let socket.ControlMessages Release() the underlying transport.ControlMessages.Dean Deng
PiperOrigin-RevId: 284804370
2019-12-10Add all upstream syscalls to tablesMichael Pratt
Package strace is missing some syscalls we actually implement (e.g., getrandom). We also see newer syscalls sometimes (e.g., membarrier) that would be handy to have formatted. Let's go ahead and add all syscalls in the latest upstream release (v5.4), even though we only intend to implement v4.4. None of them are implemented, just included as placeholders. PiperOrigin-RevId: 284797577
2019-12-10Make comments clearer for control message handling.Dean Deng
PiperOrigin-RevId: 284791600
2019-12-09Add UDP SO_REUSEADDR support to the port manager.Ian Gudger
Next steps include adding support to the transport demuxer and the UDP endpoint. PiperOrigin-RevId: 284652151
2019-12-09Redirect TODOs to gvisor.devFabricio Voznika
PiperOrigin-RevId: 284606233
2019-12-06Bump up Go 1.13 as minimum requirementFabricio Voznika
PiperOrigin-RevId: 284320186
2019-12-06Add TCP stats for connection close and keep-alive timeouts.Mithun Iyer
Fix bugs in updates to TCP CurrentEstablished stat. Fixes #1277 PiperOrigin-RevId: 284292459
2019-12-06Add runtime tracing.Adin Scannell
This adds meaningful annotations to the trace generated by the runtime/trace package. PiperOrigin-RevId: 284290115
2019-12-06Fix flakiness in tcp_test.Bhasker Hariharan
This change marks the socket as ESTABLISHED and creates the receiver and sender the moment we send the final ACK in case of an active TCP handshake or when we receive the final ACK for a passive TCP handshake. Before this change there was a short window in which an ACK can be received and processed but the state on the socket is not yet ESTABLISHED. This can be seen in TestConnectBindToDevice which is flaky because sometimes the socket is in SYN-SENT and not ESTABLISHED even though the other side has already received the final ACK of the handshake. PiperOrigin-RevId: 284277713
2019-12-06Do IPv6 Stateless Address Auto-Configuration (SLAAC)Ghanan Gowripalan
This change allows the netstack to do SLAAC as outlined by RFC 4862 section 5.5. Note, this change will not break existing uses of netstack as the default configuration for the stack options is set in such a way that SLAAC will not be performed. See `stack.Options` and `stack.NDPConfigurations` for more details. This change reuses 1 option and introduces a new one that is required to take advantage of SLAAC, all available under NDPConfigurations: - HandleRAs: Whether or not NDP RAs are processes - AutoGenGlobalAddresses: Whether or not SLAAC is performed. Also note, this change does not deprecate SLAAC generated addresses after the preferred lifetime. That will come in a later change (b/143713887). Currently, only the valid lifetime is honoured. Tests: Unittest to make sure that SLAAC generates and adds addresses only when configured to do so. Tests also makes sure that conflicts with static addresses do not modify the static address. PiperOrigin-RevId: 284265317
2019-12-06Implement TTY field in control.Processes().Nicolas Lacasse
Threadgroups already know their TTY (if they have one), which now contains the TTY Index, and is returned in the Processes() call. PiperOrigin-RevId: 284263850
2019-12-06Document ELF PT_LOAD difference from LinuxMichael Pratt
PiperOrigin-RevId: 284191345
2019-12-05Implement F_GETOWN_EX and F_SETOWN_EX.Ian Gudger
Some versions of glibc will convert F_GETOWN fcntl(2) calls into F_GETOWN_EX in some cases. PiperOrigin-RevId: 284089373
2019-12-05Create correct file for /proc/[pid]/task/[tid]/ioZach Koopmans
PiperOrigin-RevId: 284038840
2019-12-05Add vfs.CheckSetStat() and its dependencies.Jamie Liu
PiperOrigin-RevId: 284033820
2019-12-05Add a type to represent the NDP Recursive DNS Server optionGhanan Gowripalan
This change adds a type to represent the NDP Recursive DNS Server option, as defined by RFC 8106 section 5.1. PiperOrigin-RevId: 284005493
2019-12-04Remove TODO since we don't plan to support debug registersFabricio Voznika
PiperOrigin-RevId: 283828423
2019-12-03net/udp: return a local route address as the bound-to addressAndrei Vagin
If the socket is bound to ANY and connected to a loopback address, getsockname() has to return the loopback address. Without this fix, getsockname() returns ANY. PiperOrigin-RevId: 283647781
2019-12-03Fix printing /proc/[pid]/io for /proc/[pid]/task/[tid]/io.Zach Koopmans
PiperOrigin-RevId: 283630669
2019-12-03Fix panic due to early transition to Closed.Bhasker Hariharan
The code in rcv.consumeSegment incorrectly transitions to CLOSED state from LAST-ACK before the final ACK for the FIN. Further if receiving a segment changes a socket to a closed state then we should not invoke the sender as the socket is now closed and sending any segments is incorrect. PiperOrigin-RevId: 283625300
2019-12-03strace: don't create a slice with a negative valueAndrei Vagin
PiperOrigin-RevId: 283613824
2019-12-03Remove watchdog TODOFabricio Voznika
I have not seen a false positive stuck task yet. Biggest offender was whitelistfs which is going away. PiperOrigin-RevId: 283613064
2019-12-03Point TODOs to gvisor.devFabricio Voznika
PiperOrigin-RevId: 283610781
2019-12-03Remove TODO for obsolete bug.Zach Koopmans
PiperOrigin-RevId: 283571456
2019-12-03Support IP_TOS and IPV6_TCLASS socket options for hostinet sockets.Dean Deng
There are two potential ways of sending a TOS byte with outgoing packets: including a control message in sendmsg, or setting the IP_TOS/IPV6_TCLASS socket options (for IPV4 and IPV6 respectively). This change lets hostinet support the latter. Fixes #1188 PiperOrigin-RevId: 283550925
2019-12-03platform/ptrace: make some operations arch specificHaibo Xu
Make the patchSignalInfo/cpuid faulting/initial thread seccomp rules operations architecture dependent. Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: Iaf692dbe3700d2e01168ec2f1b4beeda9136fd62
2019-12-02Support sending IP_TOS and IPV6_TCLASS control messages with hostinet sockets.Dean Deng
There are two potential ways of sending a TOS byte with outgoing packets: including a control message in sendmsg, or setting the IP_TOS/IPV6_TCLASS socket options (for IPV4 and IPV6 respectively). This change lets hostinet support the former. PiperOrigin-RevId: 283346737
2019-11-28Test handling segments on completed but not yet accepted TCP connectionsGhanan Gowripalan
This change does not introduce any new features, or modify existing ones. This change tests handling TCP segments right away for connections that were completed from a listening endpoint. PiperOrigin-RevId: 282986457
2019-11-27Add support for receiving TOS and TCLASS control messages in hostinet.Dean Deng
This involves allowing getsockopt/setsockopt for the corresponding socket options, as well as allowing hostinet to process control messages received from the actual recvmsg syscall. PiperOrigin-RevId: 282851425
2019-11-26Allow open(O_TRUNC) and (f)truncate for proc files.Ian Lewis
This allows writable proc and devices files to be opened with O_CREAT|O_TRUNC. This is encountered most frequently when interacting with proc or devices files via the command line. e.g. $ echo 8192 1048576 4194304 > /proc/sys/net/ipv4/tcp_rmem Also adds a test to test the behavior of open(O_TRUNC), truncate, and ftruncate on named pipes. Fixes #1116 PiperOrigin-RevId: 282677425
2019-11-26Mark execveat as supported for linux64_arm64.Dean Deng
PiperOrigin-RevId: 282667122
2019-11-25Minor VFS2 interface changes.Jamie Liu
- Remove the Filesystem argument from DentryImpl.*Ref(); in general DentryImpls that need the Filesystem for reference counting will probably also need it for other interface methods that don't plumb Filesystem, so it's easier to just store a pointer to the filesystem in the DentryImpl. - Add a pointer to the VirtualFilesystem to Filesystem, which is needed by the gofer client to disown dentries for cache eviction triggered by dentry reference count changes. - Rename FilesystemType.NewFilesystem to GetFilesystem; in some cases (e.g. sysfs, cgroupfs) it's much cleaner for there to be only one Filesystem that is used by all mounts, and in at least one case (devtmpfs) it's visibly incorrect not to do so, so NewFilesystem doesn't always actually create and return a *new* Filesystem. - Require callers of FileDescription.Init() to increment Mount/Dentry references. This is because the gofer client may, in the OpenAt() path, take a reference on a dentry with 0 references, which is safe due to synchronization that is outside the scope of this CL, and it would be safer to still have its implementation of DentryImpl.IncRef() check for an increment for 0 references in other cases. - Add FileDescription.TryIncRef. This is used by the gofer client to take references on "special file descriptions" (FDs for files such as pipes, sockets, and devices), which use per-FD handles (fids) instead of dentry-shared handles, for sync() and syncfs(). PiperOrigin-RevId: 282473364
2019-11-25Implement basic umounting for vfs2.Jamie Liu
This is required to test filesystems with a non-trivial implementation of FilesystemImpl.Release(). Propagation isn't handled yet, and umount isn't yet plumbed out to VirtualFilesystem.UmountAt(), but otherwise the implementation of umount is believed to be correct. - Move entering mountTable.seq writer critical sections to callers of mountTable.{insert,remove}Seqed. This is required since umount(2) must ensure that no new references are taken on the candidate mount after checking that it isn't busy, which is only possible by entering a vfs.mountTable.seq writer critical section before the check and remaining in it until after VFS.umountRecursiveLocked() is complete. (Linux does the same thing: fs/namespace.c:do_umount() => lock_mount_hash(), fs/pnode.c:propagate_mount_busy(), umount_tree(), unlock_mount_hash().) - It's not possible for dentry deletion to umount while only holding VFS.mountMu for reading, but it's also very unappealing to hold VFS.mountMu exclusively around e.g. gofer unlink RPCs. Introduce dentry.mu to avoid these problems. This means that VFS.mountMu is never acquired for reading, so change it to a sync.Mutex. PiperOrigin-RevId: 282444343
2019-11-25Internal change.Adin Scannell
PiperOrigin-RevId: 282396322
2019-11-25Merge pull request #1176 from xiaobo55x:runsc_bootgVisor bot
PiperOrigin-RevId: 282382564