summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2020-08-10Merge release-20200804.0-57-g7ba5e3558 (automated)gVisor bot
2020-08-10ip6tables: move target-specific code to targets.goKevin Krakauer
This is purely moving code, no changes. netfilter.go is cluttered and targets.go is a good place for this. #3549 PiperOrigin-RevId: 325879965
2020-08-10Merge release-20200804.0-56-g9ac71dc78 (automated)gVisor bot
2020-08-10Merge release-20200804.0-55-g79e7d0b06 (automated)gVisor bot
2020-08-10Run GC before sandbox exit when leak checking is enabled.Dean Deng
Running garbage collection enqueues all finalizers, which are used by the refs/refs_vfs2 packages to detect reference leaks. Note that even with GC, there is no guarantee that all finalizers will be run before the program exits. This is a best effort attempt to activate leak checks as much as possible. Updates #3545. PiperOrigin-RevId: 325834438
2020-08-09Merge release-20200804.0-54-gb404b5c25 (automated)gVisor bot
2020-08-08Use unicast source for ICMP echo repliesGhanan Gowripalan
Packets MUST NOT use a non-unicast source address for ICMP Echo Replies. Test: integration_test.TestPingMulticastBroadcast PiperOrigin-RevId: 325634380
2020-08-08Merge release-20200804.0-53-g13a8ae81b (automated)gVisor bot
2020-08-07Add context.FullStateChanged()Andrei Vagin
It indicates that the Sentry has changed the state of the thread and next calls of PullFullState() has to do nothing. PiperOrigin-RevId: 325567415
2020-08-08Merge release-20200804.0-52-g3be26a271 (automated)gVisor bot
2020-08-07[vfs2] Fix tmpfs mounting.Ayush Ranjan
Earlier we were using NLink to decide if /tmp is empty or not. However, NLink at best tells us about the number of subdirectories (via the ".." entries). NLink = n + 2 for n subdirectories. But it does not tell us if the directory is empty. There still might be non-directory files. We could also not rely on NLink because host overlayfs always returned 1. VFS1 uses Readdir to decide if the directory is empty. Used a similar approach. We now use IterDirents to decide if the "/tmp" directory is empty. Fixes #3369 PiperOrigin-RevId: 325554234
2020-08-08Merge release-20200804.0-51-g977618c8e (automated)gVisor bot
2020-08-08Merge release-20200804.0-49-g343661770 (automated)gVisor bot
2020-08-07Don't hold gofer.filesystem.renameMu during dentry destruction.Jamie Liu
PiperOrigin-RevId: 325546629
2020-08-08Merge release-20200804.0-48-g8f6d576af (automated)gVisor bot
2020-08-07Merge pull request #3069 from lubinszARM:pr_serr_injection2gVisor bot
PiperOrigin-RevId: 325546308
2020-08-08Merge release-20200804.0-46-gb7a97fe33 (automated)gVisor bot
2020-08-07Merge release-20200804.0-45-g0b7cd1e75 (automated)gVisor bot
2020-08-07Mark dropped pages unevictable in fsimpl/gofer.dentry.destroyLocked.Jamie Liu
PiperOrigin-RevId: 325531657
2020-08-07Merge release-20200804.0-44-g80c80a141 (automated)gVisor bot
2020-08-07Merge release-20200804.0-43-g94447aeab (automated)gVisor bot
2020-08-07Fix panic during Address Resolution of neighbor entry created by NSSam Balana
When a Neighbor Solicitation is received, a neighbor entry is created with the remote host's link layer address, but without a link layer address resolver. If the host decides to send a packet addressed to the IP address of that neighbor entry, Address Resolution starts with a nil pointer to the link layer address resolver. This causes the netstack to panic and crash. This change ensures that when a packet is sent in that situation, the link layer address resolver will be set before Address Resolution begins. Tests: pkg/tcpip/stack:stack_test + TestEntryUnknownToStaleToProbeToReachable - TestNeighborCacheEntryNoLinkAddress Updates #1889 Updates #1894 Updates #1895 Updates #1947 Updates #1948 Updates #1949 Updates #1950 PiperOrigin-RevId: 325516471
2020-08-07Merge release-20200804.0-42-g7b9bfc0ce (automated)gVisor bot
2020-08-07Port Ruby benchmark.Zach Koopmans
PiperOrigin-RevId: 325500772
2020-08-07Merge release-20200804.0-41-ga7bd0a701 (automated)gVisor bot
2020-08-07Merge release-20200804.0-40-g10c13bcca (automated)gVisor bot
2020-08-07tcp: change the limit of TCP_LINGER2Andrei Vagin
It was changed in the Linux kernel: commit f0628c524fd188c3f9418e12478dfdfadacba815 Date: Fri Apr 24 16:06:16 2020 +0800 net: Replace the limit of TCP_LINGER2 with TCP_FIN_TIMEOUT_MAX PiperOrigin-RevId: 325493859
2020-08-07Merge release-20200804.0-39-g93cb66825 (automated)gVisor bot
2020-08-07Support separate read/write handles in fsimpl/gofer.dentry.Jamie Liu
PiperOrigin-RevId: 325490674
2020-08-07Merge release-20200804.0-38-g293f11ca9 (automated)gVisor bot
2020-08-07Merge release-20200804.0-37-g8c1573eba (automated)gVisor bot
2020-08-07Merge release-20200804.0-36-g4fa1c304a (automated)gVisor bot
2020-08-07Try to update atime and mtime on VFS2 gofer files on dentry eviction.Jamie Liu
PiperOrigin-RevId: 325388385
2020-08-07Merge release-20200804.0-35-gf20e63e31 (automated)gVisor bot
2020-08-06Add LinkAt support to goferFabricio Voznika
Updates #1198 PiperOrigin-RevId: 325350818
2020-08-06Merge release-20200804.0-34-g90021e775 (automated)gVisor bot
2020-08-06Merge release-20200804.0-33-gb918d9785 (automated)gVisor bot
2020-08-06Add reference counting utility to VFS2.Dean Deng
The utility has several differences from the VFS1 equivalent: - There are no weak references, which have a significant overhead - In order to print useful debug messages with the type of the reference- counted object, we use a generic Refs object with the owner type as a template parameter. In vfs1, this was accomplished by storing a type name and caller stack directly in the ref count (as in vfs1), which increases the struct size by 6x. (Note that the caller stack was needed because fs types like Dirent were shared by all fs implementations; in vfs2, each impl has its own data structures, so this is no longer necessary.) Updates #1486. PiperOrigin-RevId: 325271469
2020-08-06Merge release-20200804.0-32-g0d69bfa8a (automated)gVisor bot
2020-08-06Merge release-20200804.0-30-g72b528c84 (automated)gVisor bot
2020-08-06Merge release-20200804.0-29-g63447e5af (automated)gVisor bot
2020-08-06Only register /dev/net/tun if supported.Dean Deng
PiperOrigin-RevId: 325266487
2020-08-06Merge release-20200804.0-28-gfc4dd3ef4 (automated)gVisor bot
2020-08-06Join IPv4 all-systems group on NIC enableGhanan Gowripalan
Test: - stack_test.TestJoinLeaveMulticastOnNICEnableDisable - integration_test.TestIncomingMulticastAndBroadcast PiperOrigin-RevId: 325185259
2020-08-06Merge release-20200804.0-27-g35312a95c (automated)gVisor bot
2020-08-05Add loss recovery option for TCP.Nayana Bidari
/proc/sys/net/ipv4/tcp_recovery is used to enable RACK loss recovery in TCP. PiperOrigin-RevId: 325157807
2020-08-06Merge release-20200804.0-26-g7ed4b2b5a (automated)gVisor bot
2020-08-05Correctly decrement link counts in tmpfs rename operations.Dean Deng
When a directory is replaced by a rename operation, its link count should reach zero. We were missing the link from `dir/.` PiperOrigin-RevId: 325141730
2020-08-06Merge release-20200804.0-25-gce463c027 (automated)gVisor bot
2020-08-06Merge release-20200804.0-24-g90a2d4e82 (automated)gVisor bot