Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-08-03 | Merge release-20210726.0-30-g8caf231cb (automated) | gVisor bot | |
2021-08-03 | Add Lifecycle controls | Chong Cai | |
Also change runsc pause/resume cmd to access Lifecycle instead of containerManager. PiperOrigin-RevId: 388534928 | |||
2021-07-28 | Merge release-20210720.0-39-g964fb3ca7 (automated) | gVisor bot | |
2021-07-23 | Merge release-20210712.0-58-g0eea96057 (automated) | gVisor bot | |
2021-07-23 | Add support for SIOCGIFCONF ioctl in hostinet. | Lucas Manning | |
PiperOrigin-RevId: 386511818 | |||
2021-07-21 | Merge release-20210712.0-32-g990cd1a95 (automated) | gVisor bot | |
2021-07-20 | Don't kill container when volume is unmounted | Fabricio Voznika | |
The gofer session is killed when a gofer backed volume is unmounted. The gofer monitor catches the disconnect and kills the container. This changes the gofer monitor to only care about the rootfs connections, which cannot be unmounted. Fixes #6259 PiperOrigin-RevId: 385929039 | |||
2021-07-20 | Merge release-20210712.0-29-g1ad382220 (automated) | gVisor bot | |
2021-07-20 | Add go:build directives as required by Go 1.17's gofmt. | Jamie Liu | |
PiperOrigin-RevId: 385894869 | |||
2021-07-13 | Merge release-20210705.0-19-gc16e69a9d (automated) | gVisor bot | |
2021-07-13 | Use consistent naming for subcontainers | Fabricio Voznika | |
It was confusing to find functions relating to root and non-root containers. Replace "non-root" and "subcontainer" and make naming consistent in Sandbox and controller. PiperOrigin-RevId: 384512518 | |||
2021-07-13 | Merge release-20210705.0-14-g275932bf0 (automated) | gVisor bot | |
2021-07-12 | Fix stdios ownership | Fabricio Voznika | |
Set stdio ownership based on the container's user to ensure the user can open/read/write to/from stdios. 1. stdios in the host are changed to have the owner be the same uid/gid of the process running the sandbox. This ensures that the sandbox has full control over it. 2. stdios owner owner inside the sandbox is changed to match the container's user to give access inside the container and make it behave the same as runc. Fixes #6180 PiperOrigin-RevId: 384347009 | |||
2021-07-12 | Merge release-20210705.0-12-g7132b9a07 (automated) | gVisor bot | |
2021-07-12 | Fix GoLand analyzer errors under runsc/... | Fabricio Voznika | |
PiperOrigin-RevId: 384344990 | |||
2021-07-08 | Merge release-20210628.0-31-g052eb90dc (automated) | gVisor bot | |
2021-07-08 | Replace kernel.ExitStatus with linux.WaitStatus. | Jamie Liu | |
PiperOrigin-RevId: 383705129 | |||
2021-07-01 | Merge release-20210628.0-16-g590b8d3e9 (automated) | gVisor bot | |
2021-07-01 | [syserror] Update several syserror errors to linuxerr equivalents. | Zach Koopmans | |
Update/remove most syserror errors to linuxerr equivalents. For list of removed errors, see //pkg/syserror/syserror.go. PiperOrigin-RevId: 382574582 | |||
2021-06-30 | Merge release-20210628.0-9-g90dbb4b0c (automated) | gVisor bot | |
2021-06-29 | Add SIOCGIFFLAGS ioctl support to hostinet. | Lucas Manning | |
PiperOrigin-RevId: 382194711 | |||
2021-06-28 | Merge release-20210622.0-29-g2d899a843 (automated) | gVisor bot | |
2021-06-28 | Exit early with error message on checkpoint/pause w/ hostinet. | Ian Lewis | |
PiperOrigin-RevId: 381964660 | |||
2021-06-25 | Merge release-20210614.0-34-ge5526f4f2 (automated) | gVisor bot | |
2021-06-25 | Merge pull request #6222 from avagin:stop | gVisor bot | |
PiperOrigin-RevId: 381561785 | |||
2021-06-22 | Merge release-20210614.0-14-ge1dc1c78e (automated) | gVisor bot | |
2021-06-22 | [syserror] Add conversions to linuxerr with temporary Equals method. | Zach Koopmans | |
Add Equals method to compare syserror and unix.Errno errors to linuxerr errors. This will facilitate removal of syserror definitions in a followup, and finding needed conversions from unix.Errno to linuxerr. PiperOrigin-RevId: 380909667 | |||
2021-06-22 | runsc: don't kill sandbox, let it stop properly | Andrei Vagin | |
The typical sequence of calls to start a container looks like this ct, err := container.New(conf, containerArgs) defer ct.Destroy() ct.Start(conf) ws, err := ct.Wait() For the root container, ct.Destroy() kills the sandbox process. This doesn't look like a right wait to stop it. For example, all ongoing rpc calls are aborted in this case. If everything is going alright, we can just wait and it will exit itself. Reported-by: syzbot+084fca334720887441e7@syzkaller.appspotmail.com Signed-off-by: Andrei Vagin <avagin@gmail.com> | |||
2021-06-17 | Merge release-20210607.0-54-g3cf1644a3 (automated) | gVisor bot | |
2021-06-17 | Move tcpip.Clock impl to Timekeeper | Tamir Duberstein | |
...and pass it explicitly. This reverts commit b63e61828d0652ad1769db342c17a3529d2d24ed. PiperOrigin-RevId: 380039167 | |||
2021-06-10 | Merge release-20210601.0-43-gd81fcbf85 (automated) | gVisor bot | |
2021-06-10 | Set RLimits during `runsc exec` | Fabricio Voznika | |
PiperOrigin-RevId: 378726430 | |||
2021-06-10 | Merge release-20210601.0-39-g9ede1a605 (automated) | gVisor bot | |
2021-06-10 | [op] Move SignalInfo to abi/linux package. | Ayush Ranjan | |
Fixes #214 PiperOrigin-RevId: 378680466 | |||
2021-06-10 | Merge release-20210601.0-38-gd3ebc2db6 (automated) | gVisor bot | |
2021-06-10 | remove the erroneous (5th) filter argument to sendmmsg. | gVisor bot | |
PiperOrigin-RevId: 378677167 | |||
2021-06-09 | Merge release-20210601.0-29-g1ca981f50 (automated) | gVisor bot | |
2021-06-09 | Remove --overlayfs-stale-read flag | Fabricio Voznika | |
It defaults to true and setting it to false can cause filesytem corruption. PiperOrigin-RevId: 378518663 | |||
2021-06-04 | Merge release-20210518.0-71-g86cf56eb7 (automated) | gVisor bot | |
2021-06-03 | Add additional mmap seccomp rule | Fabricio Voznika | |
HostFileMapper.RegenerateMappings calls mmap with MAP_SHARED|MAP_FIXED and these were not allowed. Closes #6116 PiperOrigin-RevId: 377428463 | |||
2021-06-03 | Merge release-20210518.0-69-g758713f4c (automated) | gVisor bot | |
2021-06-03 | Initialize metrics at init | Tamir Duberstein | |
Avoids a race condition at kernel initialization. Updates #6057. PiperOrigin-RevId: 377357723 | |||
2021-05-27 | Merge release-20210518.0-52-g097efe81a (automated) | gVisor bot | |
2021-05-26 | Use the stack RNG everywhere | Tamir Duberstein | |
...except in tests. Note this replaces some uses of a cryptographic RNG with a plain RNG. PiperOrigin-RevId: 376070666 | |||
2021-05-26 | Merge release-20210518.0-44-gb63e61828 (automated) | gVisor bot | |
2021-05-25 | Initialize Kernel.Timekeeper before network NS | Tamir Duberstein | |
PiperOrigin-RevId: 375843579 | |||
2021-05-26 | Merge release-20210518.0-43-ga54cb9d8a (automated) | gVisor bot | |
2021-05-25 | Use specific fmt verbs (avoid %v) | Tamir Duberstein | |
Remove useless conversions. Avoid unhandled errors. PiperOrigin-RevId: 375834275 | |||
2021-05-14 | Merge release-20210510.0-38-g894187b2c (automated) | gVisor bot | |
2021-05-14 | Resolve remaining O_PATH TODOs. | Dean Deng | |
O_PATH is now implemented in vfs2. Fixes #2782. PiperOrigin-RevId: 373861410 |