summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2020-06-12Merge release-20200522.0-148-g61d6c059a (automated)gVisor bot
2020-06-12Merge release-20200522.0-147-g8ea99d58f (automated)gVisor bot
2020-06-11Set the HOME environment variable for sub-containers.Ian Lewis
Fixes #701 PiperOrigin-RevId: 316025635
2020-06-12Merge release-20200522.0-146-g5a894e35a (automated)gVisor bot
2020-06-12Merge release-20200522.0-145-g77c206e37 (automated)gVisor bot
2020-06-11Add //pkg/sentry/fsimpl/overlay.Jamie Liu
Major differences from existing overlay filesystems: - Linux allows lower layers in an overlay to require revalidation, but not the upper layer. VFS1 allows the upper layer in an overlay to require revalidation, but not the lower layer. VFS2 does not allow any layers to require revalidation. (Now that vfs.MkdirOptions.ForSyntheticMountpoint exists, no uses of overlay in VFS1 are believed to require upper layer revalidation; in particular, the requirement that the upper layer support the creation of "trusted." extended attributes for whiteouts effectively required the upper filesystem to be tmpfs in most cases.) - Like VFS1, but unlike Linux, VFS2 overlay does not attempt to make mutations of the upper layer atomic using a working directory and features like RENAME_WHITEOUT. (This may change in the future, since not having a working directory makes error recovery for some operations, e.g. rmdir, particularly painful.) - Like Linux, but unlike VFS1, VFS2 represents whiteouts using character devices with rdev == 0; the equivalent of the whiteout attribute on directories is xattr trusted.overlay.opaque = "y"; and there is no equivalent to the whiteout attribute on non-directories since non-directories are never merged with lower layers. - Device and inode numbers work as follows: - In Linux, modulo the xino feature and a special case for when all layers are the same filesystem: - Directories use the overlay filesystem's device number and an ephemeral inode number assigned by the overlay. - Non-directories that have been copied up use the device and inode number assigned by the upper filesystem. - Non-directories that have not been copied up use a per-(overlay, layer)-pair device number and the inode number assigned by the lower filesystem. - In VFS1, device and inode numbers always come from the lower layer unless "whited out"; this has the adverse effect of requiring interaction with the lower filesystem even for non-directory files that exist on the upper layer. - In VFS2, device and inode numbers are assigned as in Linux, except that xino and the samefs special case are not supported. - Like Linux, but unlike VFS1, VFS2 does not attempt to maintain memory mapping coherence across copy-up. (This may have to change in the future, as users may be dependent on this property.) - Like Linux, but unlike VFS1, VFS2 uses the overlayfs mounter's credentials when interacting with the overlay's layers, rather than the caller's. - Like Linux, but unlike VFS1, VFS2 permits multiple lower layers in an overlay. - Like Linux, but unlike VFS1, VFS2's overlay filesystem is application-mountable. Updates #1199 PiperOrigin-RevId: 316019067
2020-06-12Merge release-20200522.0-144-gdc4e0157e (automated)gVisor bot
2020-06-12Merge release-20200522.0-143-gfbe41987c (automated)gVisor bot
2020-06-11Merge release-20200522.0-142-g4c0a8bdaf (automated)gVisor bot
2020-06-11Do not use tentative addresses for routesGhanan Gowripalan
Tentative addresses should not be used when finding a route. This change fixes a bug where a tentative address may have been used. Test: stack_test.TestDADResolve PiperOrigin-RevId: 315997624
2020-06-11Merge release-20200522.0-141-g4f111b638 (automated)gVisor bot
2020-06-11Merge pull request #2863 from lubinszARM:pr_sndbufgVisor bot
PiperOrigin-RevId: 315991648
2020-06-11Merge release-20200522.0-139-gd58d57606 (automated)gVisor bot
2020-06-11Don't copy structs with sync.Mutex during initializationFabricio Voznika
During inititalization inode struct was copied around, but it isn't great pratice to copy it around since it contains ref count and sync.Mutex. Updates #1480 PiperOrigin-RevId: 315983788
2020-06-11Merge release-20200522.0-138-g11dc95e6c (automated)gVisor bot
2020-06-11Merge release-20200522.0-136-g13f2664cf (automated)gVisor bot
2020-06-11Merge release-20200522.0-134-g44575bf72 (automated)gVisor bot
2020-06-11Merge release-20200522.0-133-gaf6ec7b73 (automated)gVisor bot
2020-06-11Add Generate method in merkletreegVisor bot
A method is added to generate a merkle tree for data, and store the generated tree in the output. PiperOrigin-RevId: 315966571
2020-06-11Merge release-20200522.0-132-gd2cc9a888 (automated)gVisor bot
2020-06-11Factor out flipcall mmap for internal usegVisor bot
PiperOrigin-RevId: 315959279
2020-06-11Merge release-20200522.0-131-gb39cc6a80 (automated)gVisor bot
2020-06-11Add merkle tree size measuregVisor bot
This change creates a merkletree package which will be used in the future for an implementation of file system API. PiperOrigin-RevId: 315952451
2020-06-11Merge release-20200522.0-130-g0c7a5bc69 (automated)gVisor bot
2020-06-11Merge release-20200522.0-129-ga085e562d (automated)gVisor bot
2020-06-10Add support for SO_REUSEADDR to UDP sockets/endpoints.Ian Gudger
On UDP sockets, SO_REUSEADDR allows multiple sockets to bind to the same address, but only delivers packets to the most recently bound socket. This differs from the behavior of SO_REUSEADDR on TCP sockets. SO_REUSEADDR for TCP sockets will likely need an almost completely independent implementation. SO_REUSEADDR has some odd interactions with the similar SO_REUSEPORT. These interactions are tested fairly extensively and all but one particularly odd one (that honestly seems like a bug) behave the same on gVisor and Linux. PiperOrigin-RevId: 315844832
2020-06-11Merge release-20200522.0-128-ga87c74bc5 (automated)gVisor bot
2020-06-10Remove duplicate colon from warning log.Nicolas Lacasse
doAction()->log.TracebackAll() will append a colon. PiperOrigin-RevId: 315842611
2020-06-11Merge release-20200522.0-127-gb436b9717 (automated)gVisor bot
2020-06-10Deleting the maxSendBufferSize from fs/hostBin Lu
When I do high-performance networking, the value of wmem_max is often set very high, specially for 10/25/50 Gigabit NIC. I think maybe this restriction is not suitable. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-06-10Merge pull request #2711 from lubinszARM:pr_mmiogVisor bot
PiperOrigin-RevId: 315812219
2020-06-11Merge release-20200522.0-125-g508e7c3a7 (automated)gVisor bot
2020-06-10Merge pull request #2763 from ↵gVisor bot
gaurav1086:sentry_kernel_timekeeper_use_buffered_channel PiperOrigin-RevId: 315803553
2020-06-11Merge release-20200522.0-123-gab4c85189 (automated)gVisor bot
2020-06-10Merge release-20200522.0-122-g41d9e536d (automated)gVisor bot
2020-06-10Merge release-20200522.0-121-g9338854ea (automated)gVisor bot
2020-06-10Merge release-20200522.0-120-g4b9652d63 (automated)gVisor bot
2020-06-10{S,G}etsockopt for TCP_KEEPCNT option.Nayana Bidari
TCP_KEEPCNT is used to set the maximum keepalive probes to be sent before dropping the connection. WANT_LGTM=jchacon PiperOrigin-RevId: 315758094
2020-06-10Merge release-20200522.0-119-ga5a4f8048 (automated)gVisor bot
2020-06-10socket/unix: handle sendto address argument for connected socketsAndrei Vagin
In case of SOCK_SEQPACKET, it has to be ignored. In case of SOCK_STREAM, EISCONN or EOPNOTSUPP has to be returned. PiperOrigin-RevId: 315755972
2020-06-10Merge release-20200522.0-118-gfadbfd83d (automated)gVisor bot
2020-06-10Include panic message in logMichael Pratt
PiperOrigin-RevId: 315745386
2020-06-10Merge release-20200522.0-117-g6d43ac957 (automated)gVisor bot
2020-06-10Merge pull request #2787 from lubinszARM:pr_race_timegVisor bot
PiperOrigin-RevId: 315734425
2020-06-10Merge release-20200522.0-115-gf004bb870 (automated)gVisor bot
2020-06-10Remove duplicate and incorrect size checkTamir Duberstein
Minimum header sizes are already checked in each `case` arm below. Worse, the ICMP entries in transportProtocolMinSizes are incorrect, and produce false "raw packet" logs. PiperOrigin-RevId: 315730073
2020-06-10Merge release-20200522.0-114-g9d2b2c121 (automated)gVisor bot
2020-06-10Replace use of %v in snifferTamir Duberstein
PiperOrigin-RevId: 315711208
2020-06-10Merge release-20200522.0-113-g203dc121f (automated)gVisor bot
2020-06-10Redirect TODOs to more specific issuesFabricio Voznika
Closes #1623 PiperOrigin-RevId: 315681993