summaryrefslogtreecommitdiffhomepage
path: root/pkg
AgeCommit message (Collapse)Author
2018-09-26Use the ICMP target address in responsesTamir Duberstein
There is a subtle bug that is the result of two changes made when upstreaming ICMPv6 support from Fuchsia: 1) ipv6.endpoint.WritePacket writes the local address it was initialized with, rather than the provided route's local address 2) ipv6.endpoint.handleICMP doesn't set its route's local address to the ICMP target address before writing the response The result is that the ICMP response erroneously uses the target ipv6 address (rather than icmp) as its source address in the response. When trying to debug this by fixing (2), we ran into problems with bad ipv6 checksums because (1) didn't respect the local address of the route being passed to it. This fixes both problems. PiperOrigin-RevId: 214650822 Change-Id: Ib6148bf432e6428d760ef9da35faef8e4b610d69
2018-09-26Export ipv6 address helpersTamir Duberstein
This is useful for Fuchsia. PiperOrigin-RevId: 214619681 Change-Id: If5a60dd82365c2eae51a12bbc819e5aae8c76ee9
2018-09-21Remove unnecessary deferIan Gudger
PiperOrigin-RevId: 214073949 Change-Id: I8fab916cd77362c13dac2c9dcf2ecc1710d87a5e
2018-09-21Run gofmt -s on everythingIan Gudger
PiperOrigin-RevId: 214040901 Change-Id: I74d79497a053da3624921ad2b7c5193ca4a87942
2018-09-21Extend tcpip.Address.String to ipv6 addressesTamir Duberstein
PiperOrigin-RevId: 214039349 Change-Id: Ia7d09c5f85eddd1e5634f3c21b0bd60b10be6bd2
2018-09-21Deflake TestSimpleReceiveTamir Duberstein
...by increasing the allotted timeout and using direct comparison rather than reflect.DeepEqual (which should be faster). PiperOrigin-RevId: 214027024 Change-Id: I0a2690e65c7e14b4cc118c7312dbbf5267dc78bc
2018-09-21Export read-only tcpip.Subnet.MaskTamir Duberstein
PiperOrigin-RevId: 214023383 Change-Id: I5a7572f949840fb68a3ffb7342e6a3524bd00864
2018-09-19Fix data race on tcp.endpoint.hardError in tcp.(*endpoint).ReadIan Gudger
tcp.endpoint.hardError is protected by tcp.endpoint.mu. PiperOrigin-RevId: 213730698 Change-Id: I4e4f322ac272b145b500b1a652fbee0c7b985be2
2018-09-19Pass local link address to DeliverNetworkPacketBert Muthalaly
This allows a NetworkDispatcher to implement transparent bridging, assuming all implementations of LinkEndpoint.WritePacket call eth.Encode with header.EthernetFields.SrcAddr set to the passed Route.LocalLinkAddress, if it is provided. PiperOrigin-RevId: 213686651 Change-Id: I446a4ac070970202f0724ef796ff1056ae4dd72a
2018-09-19Fix RTT estimation when timestamp option is enabled.Bhasker Hariharan
From RFC7323#Section-4 The [RFC6298] RTT estimator has weighting factors, alpha and beta, based on an implicit assumption that at most one RTTM will be sampled per RTT. When multiple RTTMs per RTT are available to update the RTT estimator, an implementation SHOULD try to adhere to the spirit of the history specified in [RFC6298]. An implementation suggestion is detailed in Appendix G. From RFC7323#appendix-G Appendix G. RTO Calculation Modification Taking multiple RTT samples per window would shorten the history calculated by the RTO mechanism in [RFC6298], and the below algorithm aims to maintain a similar history as originally intended by [RFC6298]. It is roughly known how many samples a congestion window worth of data will yield, not accounting for ACK compression, and ACK losses. Such events will result in more history of the path being reflected in the final value for RTO, and are uncritical. This modification will ensure that a similar amount of time is taken into account for the RTO estimation, regardless of how many samples are taken per window: ExpectedSamples = ceiling(FlightSize / (SMSS * 2)) alpha' = alpha / ExpectedSamples beta' = beta / ExpectedSamples Note that the factor 2 in ExpectedSamples is due to "Delayed ACKs". Instead of using alpha and beta in the algorithm of [RFC6298], use alpha' and beta' instead: RTTVAR <- (1 - beta') * RTTVAR + beta' * |SRTT - R'| SRTT <- (1 - alpha') * SRTT + alpha' * R' (for each sample R') PiperOrigin-RevId: 213644795 Change-Id: I52278b703540408938a8edb8c38be97b37f4a10e
2018-09-18Short-circuit Readdir calls on overlay files when the dirent is frozen.Nicolas Lacasse
If we have an overlay file whose corresponding Dirent is frozen, then we should not bother calling Readdir on the upper or lower files, since DirentReaddir will calculate children based on the frozen Dirent tree. A test was added that fails without this change. PiperOrigin-RevId: 213531215 Change-Id: I4d6c98f1416541a476a34418f664ba58f936a81d
2018-09-18Increase state test timeoutMichael Pratt
PiperOrigin-RevId: 213519378 Change-Id: Iffdb987da3a7209a297ea2df171d2ae5fa9b2b34
2018-09-18Allow for MSG_CTRUNC in input flags for recv.Brian Geffon
PiperOrigin-RevId: 213481363 Change-Id: I8150ea20cebeb207afe031ed146244de9209e745
2018-09-18Provide better message when memfd_create fails with ENOSYSFabricio Voznika
Updates #100 PiperOrigin-RevId: 213414821 Change-Id: I90c2e6c18c54a6afcd7ad6f409f670aa31577d37
2018-09-17Remove memory usage static initFabricio Voznika
panic() during init() can be hard to debug. Updates #100 PiperOrigin-RevId: 213391932 Change-Id: Ic103f1981c5b48f1e12da3b42e696e84ffac02a9
2018-09-17Prevent TCP connect from picking bound portsTamir Duberstein
PiperOrigin-RevId: 213387851 Change-Id: Icc6850761bc11afd0525f34863acd77584155140
2018-09-17runsc: Enable waiting on exited processes.Kevin Krakauer
This makes `runsc wait` behave more like waitpid()/wait4() in that: - Once a process has run to completion, you can wait on it and get its exit code. - Processes not waited on will consume memory (like a zombie process) PiperOrigin-RevId: 213358916 Change-Id: I5b5eca41ce71eea68e447380df8c38361a4d1558
2018-09-17Allow kernel.(*Task).Block to accept an extract only channelIan Gudger
PiperOrigin-RevId: 213328293 Change-Id: I4164133e6f709ecdb89ffbb5f7df3324c273860a
2018-09-17Add empty .s file to allow `//go:linkname`Tamir Duberstein
This was previously broken in 212917409, resulting in "missing function body" compilation errors. PiperOrigin-RevId: 213323695 Change-Id: I32a95b76a1c73fd731f223062ec022318b979bd4
2018-09-17Implement packet forwarding to enable NATTamir Duberstein
PiperOrigin-RevId: 213323501 Change-Id: I0996ddbdcf097588745efe35481085d42dbaf446
2018-09-17Allow NULL data in mount(2)Michael Pratt
PiperOrigin-RevId: 213315267 Change-Id: I7562bcd81fb22e90aa9c7dd9eeb94803fcb8c5af
2018-09-14Avoid reuse of pending SignalInfo objectsnewmanwang
runApp.execute -> Task.SendSignal -> sendSignalLocked -> sendSignalTimerLocked -> pendingSignals.enqueue assumes that it owns the arch.SignalInfo returned from platform.Context.Switch. On the other hand, ptrace.context.Switch assumes that it owns the returned SignalInfo and can safely reuse it on the next call to Switch. The KVM platform always returns a unique SignalInfo. This becomes a problem when the returned signal is not immediately delivered, allowing a future signal in Switch to change the previous pending SignalInfo. This is noticeable in #38 when external SIGINTs are delivered from the PTY slave FD. Note that the ptrace stubs are in the same process group as the sentry, so they are eligible to receive the PTY signals. This should probably change, but is not the only possible cause of this bug. Updates #38 Original change by newmanwang <wcs1011@gmail.com>, updated by Michael Pratt <mpratt@google.com>. Change-Id: I5383840272309df70a29f67b25e8221f933622cd PiperOrigin-RevId: 213071072
2018-09-14Remove buffer.Prependable.UsedBytesTamir Duberstein
It is the same as buffer.Prependable.View. PiperOrigin-RevId: 213064166 Change-Id: Ib33b8a2c4da864209d9a0be0a1c113be10b520d3
2018-09-14Reuse readlink parameter, add sockaddr max.Michael Pratt
PiperOrigin-RevId: 213058623 Change-Id: I522598c655d633b9330990951ff1c54d1023ec29
2018-09-14Pass buffer.Prependable by valueTamir Duberstein
PiperOrigin-RevId: 213053370 Change-Id: I60ea89572b4fca53fd126c870fcbde74fcf52562
2018-09-14Make gVisor hard link check match Linux's.Nicolas Lacasse
Linux permits hard-linking if the target is owned by the user OR the target has Read+Write permission. PiperOrigin-RevId: 213024613 Change-Id: If642066317b568b99084edd33ee4e8822ec9cbb3
2018-09-14Fix interaction between rt_sigtimedwait and ignored signals.Jamie Liu
PiperOrigin-RevId: 213011782 Change-Id: I716c6ea3c586b0c6c5a892b6390d2d11478bc5af
2018-09-13platform/kvm: Get max vcpu number dynamically by ioctlChenggang
The old kernel version, such as 4.4, only support 255 vcpus. While gvisor is ran on these kernels, it could panic because the vcpu id and vcpu number beyond max_vcpus. Use ioctl(vmfd, _KVM_CHECK_EXTENSION, _KVM_CAP_MAX_VCPUS) to get max vcpus number dynamically. Change-Id: I50dd859a11b1c2cea854a8e27d4bf11a411aa45c PiperOrigin-RevId: 212929704
2018-09-13Plumb monotonic time to netstackIan Gudger
Netstack needs to be portable, so this seems to be preferable to using raw system calls. PiperOrigin-RevId: 212917409 Change-Id: I7b2073e7db4b4bf75300717ca23aea4c15be944c
2018-09-13Extend memory usage events to report mapped memory usage.Rahat Mahmood
PiperOrigin-RevId: 212887555 Change-Id: I3545383ce903cbe9f00d9b5288d9ef9a049b9f4f
2018-09-13Format struct itimerspecMichael Pratt
PiperOrigin-RevId: 212874745 Change-Id: I0c3e8e6a9e8976631cee03bf0b8891b336ddb8c8
2018-09-13initArgs must hold a reference on the Root if it is not nil.Nicolas Lacasse
The contract in ExecArgs says that a reference on ExecArgs.Root must be held for the lifetime of the struct, but the caller is free to drop the ref after that. As a result, proc.Exec must take an additional ref on Root when it constructs the CreateProcessArgs, since that holds a pointer to Root as well. That ref is dropped in CreateProcess. PiperOrigin-RevId: 212828348 Change-Id: I7f44a612f337ff51a02b873b8a845d3119408707
2018-09-12Always pass buffer.VectorisedView by valueTamir Duberstein
PiperOrigin-RevId: 212757571 Change-Id: I04200df9e45c21eb64951cd2802532fa84afcb1a
2018-09-12Add multicast supportTamir Duberstein
PiperOrigin-RevId: 212750821 Change-Id: I822fd63e48c684b45fd91f9ce057867b7eceb792
2018-09-12compressio: stop worker-pool reference / dependency loop.Zhaozhong Ni
PiperOrigin-RevId: 212732300 Change-Id: I9a0b9b7c28e7b7439d34656dd4f2f6114d173e22
2018-09-12runsc: Add exec flag that specifies where to save the sandbox-internal pid.Kevin Krakauer
This is different from the existing -pid-file flag, which saves a host pid. PiperOrigin-RevId: 212713968 Change-Id: I2c486de8dd5cfd9b923fb0970165ef7c5fc597f0
2018-09-12Prevent UDP sockets from binding to bound portsTamir Duberstein
PiperOrigin-RevId: 212653818 Change-Id: Ib4e1d754d9cdddeaa428a066cb675e6ec44d91ad
2018-09-11platform: Pass device fd into platform constructor.Nicolas Lacasse
We were previously openining the platform device (i.e. /dev/kvm) inside the platfrom constructor (i.e. kvm.New). This requires that we have RW access to the platform device when constructing the platform. However, now that the runsc sandbox process runs as user "nobody", it is not able to open the platform device. This CL changes the kvm constructor to take the platform device FD, rather than opening the device file itself. The device file is opened outside of the sandbox and passed to the sandbox process. PiperOrigin-RevId: 212505804 Change-Id: I427e1d9de5eb84c84f19d513356e1bb148a52910
2018-09-10Map committed chunks concurrently in FileMem.LoadFrom.Jamie Liu
PiperOrigin-RevId: 212345401 Change-Id: Iac626ee87ba312df88ab1019ade6ecd62c04c75c
2018-09-10Allow '/dev/zero' to be mapped with unaligned lengthFabricio Voznika
PiperOrigin-RevId: 212321271 Change-Id: I79d71c2e6f4b8fcd3b9b923fe96c2256755f4c48
2018-09-10Simplify some code in VectorisedView#ToView.Bert Muthalaly
PiperOrigin-RevId: 212317717 Change-Id: Ic77449c53bf2f8be92c9f0a7a726c45bd35ec435
2018-09-07Update cleanup TODOMichael Pratt
PiperOrigin-RevId: 212068327 Change-Id: I3f360cdf7d6caa1c96fae68ae3a1caaf440f0cbe
2018-09-07runsc: Support multi-container exec.Nicolas Lacasse
We must use a context.Context with a Root Dirent that corresponds to the container's chroot. Previously we were using the root context, which does not have a chroot. Getting the correct context required refactoring some of the path-lookup code. We can't lookup the path without a context.Context, which requires kernel.CreateProcArgs, which we only get inside control.Execute. So we have to do the path lookup much later than we previously were. PiperOrigin-RevId: 212064734 Change-Id: I84a5cfadacb21fd9c3ab9c393f7e308a40b9b537
2018-09-07Add 'Starting gVisor...' message to syslogFabricio Voznika
This allows applications to verify they are running with gVisor. It also helps debugging when running with a mix of container runtimes. Closes #54 PiperOrigin-RevId: 212059457 Change-Id: I51d9595ee742b58c1f83f3902ab2e2ecbd5cedec
2018-09-07Add additional sanity checks for walk.Adin Scannell
PiperOrigin-RevId: 212058684 Change-Id: I319709b9ffcfccb3231bac98df345d2a20eca24b
2018-09-07Use root abstract socket namespace for execFabricio Voznika
PiperOrigin-RevId: 211999211 Change-Id: I5968dd1a8313d3e49bb6e6614e130107495de41d
2018-09-07Continue handling signals after disabling forwardingMichael Pratt
Before destroying the Kernel, we disable signal forwarding, relinquishing control to the Go runtime. External signals that arrive after disabling forwarding but before the sandbox exits thus may use runtime.raise (i.e., tkill(2)) and violate the syscall filters. Adjust forwardSignals to handle signals received after disabling forwarding the same way they are handled before starting forwarding. i.e., by implementing the standard Go runtime behavior using tgkill(2) instead of tkill(2). This also makes the stop callback block until forwarding actually stops. This isn't required to avoid tkill(2) but is a saner interface. PiperOrigin-RevId: 211995946 Change-Id: I3585841644409260eec23435cf65681ad41f5f03
2018-09-06createProcessArgs.RootFromContext should return process Root if it exists.Nicolas Lacasse
It was always returning the MountNamespace root, which may be different from the process Root if the process is in a chroot environment. PiperOrigin-RevId: 211862181 Change-Id: I63bfeb610e2b0affa9fdbdd8147eba3c39014480
2018-09-05Fix race condition introduced in 211135505Tamir Duberstein
Now that it's possible to remove subnets, we must iterate over them with locks held. Also do the removal more efficiently while I'm here. PiperOrigin-RevId: 211737416 Change-Id: I29025ec8b0c3ad11f22d4447e8ad473f1c785463
2018-09-05Imported FD in exec was leakingFabricio Voznika
Imported file needs to be closed after it's been imported. PiperOrigin-RevId: 211732472 Change-Id: Ia9249210558b77be076bcce465b832a22eed301f