Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-07-14 | Merge release-20200622.1-153-g1bfb556cc (automated) | gVisor bot | |
2020-07-14 | Prepare boot.Loader to support multi-container TTY | Fabricio Voznika | |
- Combine process creation code that is shared between root and subcontainer processes - Move root container information into a struct for clarity Updates #2714 PiperOrigin-RevId: 321204798 | |||
2020-07-13 | Merge pull request #2672 from amscanne:shim-integrated | gVisor bot | |
PiperOrigin-RevId: 321053634 | |||
2020-07-08 | Merge release-20200622.1-82-ga75d9f7be (automated) | gVisor bot | |
2020-07-08 | Drop empty line | Michael Pratt | |
PiperOrigin-RevId: 320281516 | |||
2020-06-16 | Merge release-20200608.0-67-gdbf786c6b (automated) | gVisor bot | |
2020-06-16 | Add runsc options to set checksum offloading status | gVisor bot | |
--tx-checksum-offload=<true|false> enable TX checksum offload (default: false) --rx-checksum-offload=<true|false> enable RX checksum offload (default: true) Fixes #2989 PiperOrigin-RevId: 316781309 | |||
2020-05-28 | Merge release-20200522.0-25-gf7418e21 (automated) | gVisor bot | |
2020-05-28 | Move Cleanup to its own package | Fabricio Voznika | |
PiperOrigin-RevId: 313663382 | |||
2020-05-27 | Merge release-20200518.0-45-g0bc022b7 (automated) | gVisor bot | |
2020-05-07 | Merge release-20200422.0-51-g1f4087e (automated) | gVisor bot | |
2020-04-30 | Merge release-20200422.0-7-gae15d90 (automated) | gVisor bot | |
2020-04-30 | FIFO QDisc implementation | Bhasker Hariharan | |
Updates #231 PiperOrigin-RevId: 309323808 | |||
2020-04-23 | Merge release-20200323.0-215-g0c58694 (automated) | gVisor bot | |
2020-04-22 | Specify a memory file in platform.New(). | Andrei Vagin | |
PiperOrigin-RevId: 307941984 | |||
2020-04-10 | Merge release-20200323.0-111-g2a28e3e (automated) | gVisor bot | |
2020-04-09 | Don't unconditionally set --panic-signal | Fabricio Voznika | |
Closes #2393 PiperOrigin-RevId: 305793027 | |||
2020-04-08 | Merge release-20200323.0-89-g56054fc (automated) | gVisor bot | |
2020-04-07 | Add friendlier messages for frequently encountered errors. | Ian Lewis | |
Issue #2270 Issue #1765 PiperOrigin-RevId: 305385436 | |||
2020-04-07 | Merge release-20200323.0-85-gacf0259 (automated) | gVisor bot | |
2020-04-07 | Don't map the 0 uid into a sandbox user namespace | Andrei Vagin | |
Starting with go1.13, we can specify ambient capabilities when we execute a new process with os/exe.Cmd. PiperOrigin-RevId: 305366706 | |||
2020-04-01 | Merge release-20200323.0-49-g4e6a1a5 (automated) | gVisor bot | |
2020-04-01 | Automated rollback of changelist 303799678 | Adin Scannell | |
PiperOrigin-RevId: 304221302 | |||
2020-03-30 | Merge release-20200219.0-259-g3fac85d (automated) | gVisor bot | |
2020-03-30 | kvm: handle exit reasons even under EINTR. | Adin Scannell | |
In the case of other signals (preemption), inject a normal bounce and defer the signal until the vCPU has been returned from guest mode. PiperOrigin-RevId: 303799678 | |||
2020-03-12 | Merge release-20200219.0-157-gf2e4b5a (automated) | gVisor bot | |
2020-03-12 | Kill sandbox process when parent process terminates | Fabricio Voznika | |
When the sandbox runs in attached more, e.g. runsc do, runsc run, the sandbox lifetime is controlled by the parent process. This wasn't working in all cases because PR_GET_PDEATHSIG doesn't propagate through execve when the process changes uid/gid. So it was getting dropped when the sandbox execve's to change to user nobody. PiperOrigin-RevId: 300601247 | |||
2020-03-11 | Merge release-20200219.0-146-gd3fa741 (automated) | gVisor bot | |
2020-03-11 | runsc: Set asyncpreemptoff for the kvm platform | Andrei Vagin | |
The asynchronous goroutine preemption is a new feature of Go 1.14. When we switched to go 1.14 (cl/297915917) in the bazel config, the kokoro syscall-kvm job started permanently failing. Lets temporary set asyncpreemptoff for the kvm platform to unblock tests. PiperOrigin-RevId: 300372387 | |||
2020-03-06 | Merge release-20200219.0-109-g6367963 (automated) | gVisor bot | |
2020-03-05 | Merge pull request #1951 from moricho:moricho/add-profiler-option | gVisor bot | |
PiperOrigin-RevId: 299233818 | |||
2020-02-28 | Merge release-20200219.0-66-g322dbfe (automated) | gVisor bot | |
2020-02-28 | Allow to specify a separate log for GO's runtime messages | Andrei Vagin | |
GO's runtime calls the write system call twice to print "panic:" and "the reason of this panic", so here is a race window when other threads can print something to the log and we will see something like this: panic: log messages from another thread The reason of the panic. This confuses the syzkaller blacklist and dedup detection. It also makes the logs generally difficult to read. e.g., data races often have one side of the race, followed by a large "diagnosis" dump, finally followed by the other side of the race. PiperOrigin-RevId: 297887895 | |||
2020-02-26 | add profile option | moricho | |
2020-02-20 | Merge release-20200211.0-57-g4a73bae (automated) | gVisor bot | |
2020-02-20 | Initial network namespace support. | gVisor bot | |
TCP/IP will work with netstack networking. hostinet doesn't work, and sockets will have the same behavior as it is now. Before the userspace is able to create device, the default loopback device can be used to test. /proc/net and /sys/net will still be connected to the root network stack; this is the same behavior now. Issue #1833 PiperOrigin-RevId: 296309389 | |||
2020-02-11 | Merge release-20200127.0-131-gb8e22e2 (automated) | gVisor bot | |
2020-02-11 | Disallow duplicate NIC names. | gVisor bot | |
PiperOrigin-RevId: 294500858 | |||
2020-02-06 | Merge release-20200127.0-85-g1b6a12a (automated) | gVisor bot | |
2020-01-27 | Merge release-20200115.0-103-gd29e59a (automated) | gVisor bot | |
2020-01-27 | Standardize on tools directory. | Adin Scannell | |
PiperOrigin-RevId: 291745021 | |||
2020-01-15 | Merge release-20191213.0-118-gf874723 (automated) | gVisor bot | |
2020-01-15 | Bump SO_SNDBUF for fdbased endpoint used by runsc. | Bhasker Hariharan | |
Updates #231 PiperOrigin-RevId: 289897881 | |||
2020-01-10 | Merge release-20191213.0-96-g27500d5 (automated) | gVisor bot | |
2020-01-09 | New sync package. | Ian Gudger | |
* Rename syncutil to sync. * Add aliases to sync types. * Replace existing usage of standard library sync package. This will make it easier to swap out synchronization primitives. For example, this will allow us to use primitives from github.com/sasha-s/go-deadlock to check for lock ordering violations. Updates #1472 PiperOrigin-RevId: 289033387 | |||
2019-12-17 | Merge release-20191210.0-46-g725e73e (automated) | gVisor bot | |
2019-12-17 | Leave minimum CPU number as a constant | Aleksandr Razumov | |
Remove introduced CPUNumMin config and hard-code it as 2. | |||
2019-12-17 | Add minimum CPU number and only lower CPUs on --cpu-num-from-quota | Aleksandr Razumov | |
* Add `--cpu-num-min` flag to control minimum CPUs * Only lower CPU count * Fix comments | |||
2019-12-15 | Set CPU number to CPU quota | Aleksandr Razumov | |
When application is not cgroups-aware, it can spawn excessive threads which often defaults to CPU number. Introduce a opt-in flag that will set CPU number accordingly to CPU quota (if available). Fixes #1391 | |||
2019-12-12 | Merge release-20191210.0-24-gb9aa62b (automated) | gVisor bot | |