Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 390405182
|
|
PiperOrigin-RevId: 390346783
|
|
+ Do not check for CAP_NET_RAW on Fuchsia
Fuchsia does not support capabilities the same way Linux does. Instead
emulate the check for CAP_NET_RAW by checking if a packet socket may
be created.
Bug: https://fxbug.dev/79016, https://fxbug.dev/81592
PiperOrigin-RevId: 390263666
|
|
Allow creation and management of subcontainers through cgroupfs
directory syscalls. Also add a mechanism to specify a default root
container to start new jobs in.
This implements the filesystem support for subcontainers, but doesn't
implement hierarchical resource accounting or task migration.
PiperOrigin-RevId: 390254870
|
|
+ Do not check for CAP_NET_RAW on Fuchsia
Fuchsia does not support capabilities the same way Linux does. Instead
emulate the check for CAP_NET_RAW by checking if a raw IP sockets may
be created.
PiperOrigin-RevId: 389663218
|
|
PiperOrigin-RevId: 386533065
|
|
...and rename the library to socket_util.
PiperOrigin-RevId: 386348306
|
|
TCP is fully supported. As with SO_RCVBUF, other transport protocols perform
no-ops per DefaultSocketOptionsHandler.OnSetReceiveBufferSize.
PiperOrigin-RevId: 385023239
|
|
PiperOrigin-RevId: 384823097
|
|
Instead, roll the output scraping into the main runner. Pass a perf flag to
the runner in order to control leak checking, apply tags via the macro and
appropriately disable logging. This may be removed in the future.
PiperOrigin-RevId: 384348035
|
|
Compare
if (!thread_group_leader(tracee))
tracee = rcu_dereference(tracee->group_leader);
in security/yama/yama_lsm.c:ptracer_exception_found().
PiperOrigin-RevId: 381074242
|
|
PiperOrigin-RevId: 373854462
|
|
Previously, registration was racy because we were publishing
hierarchies in the registry without fully initializing the underlying
filesystem. This led to concurrent mount(2)s discovering the partially
intialized filesystems and dropping the final refs on them which cause
them to be freed prematurely.
Reported-by: syzbot+13f54e77bdf59f0171f0@syzkaller.appspotmail.com
Reported-by: syzbot+2c7f0a9127ac6a84f17e@syzkaller.appspotmail.com
PiperOrigin-RevId: 373824552
|
|
PiperOrigin-RevId: 371216407
|
|
PiperOrigin-RevId: 370565903
|
|
Dropping CAP_SYS_ADMIN and not restoring it causes
other tests to be skipped.
PiperOrigin-RevId: 370002644
|
|
PiperOrigin-RevId: 369967629
|
|
PiperOrigin-RevId: 369724358
|
|
We do not currently run random save tests.
PiperOrigin-RevId: 368309921
|
|
A skeleton implementation of cgroupfs. It supports trivial cpu and
memory controllers with no support for hierarchies.
PiperOrigin-RevId: 366561126
|
|
PiperOrigin-RevId: 357015186
|
|
Individual test cases must not rely on being executed in a clean environment.
PiperOrigin-RevId: 354604389
|
|
PiperOrigin-RevId: 354441239
|
|
PiperOrigin-RevId: 354367665
|
|
EXPECT*/ASSERT* functions are not async-signal-safe and should not
be called from the function passed to InForkedProcess. However,
these happen accidentally sometimes but do no cause InForkedProcess
to fail.
Detect and notify in such cases.
PiperOrigin-RevId: 353354540
|
|
This Notify was added as part of cl/279106406; but notifying `EventHUp`
in `FIN_WAIT2` is incorrect, as we want to only notify later on
`TIME_WAIT` or a reset. However, we do need to notify any blocked
waiters of an activity on the endpoint with `EventIn`|`EventOut`.
PiperOrigin-RevId: 341490913
|
|
Writes to pipes of size < PIPE_BUF are guaranteed to be atomic, so writes
larger than that will return EAGAIN if the pipe has capacity < PIPE_BUF.
Writes to eventfds will return EAGAIN if the write would cause the eventfd
value to go over the max.
In both such cases, calling Ready() on the FD will return true (because it is
possible to write), but specific kinds of writes will in fact return EAGAIN.
This CL fixes an infinite loop in splice and sendfile (VFS1 and VFS2) by
forcing skipping the readiness check for the outfile in send, splice, and tee.
PiperOrigin-RevId: 341102260
|
|
PiperOrigin-RevId: 339459247
|
|
Inode number consistency checks are now skipped in save/restore tests for
reasons described in greatest detail in StatTest.StateDoesntChangeAfterRename.
They pass in VFS1 due to the bug described in new test case
SimpleStatTest.DifferentFilesHaveDifferentDeviceInodeNumberPairs.
Fixes #1663
PiperOrigin-RevId: 338776148
|
|
Currently, this Fault() function does not work properly on the arm platform.
After modification, sigaltstack_test_runsc_kvm can be passed on
Arm64.
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
ualarm(2) is obsolete. Move IntervalTimer into a test util, where it can be
used by flock tests.
These tests were flaky with TSAN, probably because it slowed the tests down
enough that the alarm was expiring before flock() was called. Use an interval
timer so that even if we miss the first alarm (or more), flock() is still
guaranteed to be interrupted.
PiperOrigin-RevId: 337578751
|
|
PiperOrigin-RevId: 335429072
|
|
|
|
According to Linux 4.4's FUSE behavior, the flags and fh attributes in
FUSE_GETATTR are only used in read, write, and lseek. fstat(2) doesn't
use them either. Add tests to ensure the requests sent from FUSE module
are consistent with Linux's.
Updates #3655
|
|
fuse_util provides utilities for fuse testing. Add a function to return
a stub fuse_attr struct with specified mode and nodeid.
|
|
Fixes #3174
|
|
This commit adds a function in the newly created fuse_util library,
which accepts a variable number of arguments and data structures.
Fixes #3609
|
|
Overlayfs intentionally does not compute nlink for directories (because it can
be really expensive). Linux returns 1, VFS2 returns 2 and VFS1 actually
calculates the correct value.
PiperOrigin-RevId: 330967139
|
|
Updates #2972
PiperOrigin-RevId: 329584905
|
|
These mostly guard linux-only headers; check for linux instead.
PiperOrigin-RevId: 329362762
|
|
ioctl calls with TIOCSCTTY fail if the calling process already has a
controlling terminal, which occurs on a 5.4 kernel like our Ubuntu 18 CI.
Thus, run tests calling ioctl TTOCSCTTY in clean subprocess.
Also, while we're here, switch out non-inclusive master/slave for main/replica.
PiperOrigin-RevId: 328756598
|
|
This is needed to support the overlay opaque attribute.
PiperOrigin-RevId: 328552985
|
|
PiperOrigin-RevId: 321411758
|
|
PiperOrigin-RevId: 321008185
|
|
This change gates all FUSE commands (by gating /dev/fuse) behind a runsc
flag. In order to use FUSE commands, use the --fuse flag with the --vfs2
flag. Check if FUSE is enabled by running dmesg in the sandbox.
|
|
- Only use MAXSYMLINKS/2+1 symlinks for each of the interpreter and script
paths in SymlinkLimitRefreshedForInterpreter to tolerate cases where the
original paths (/tmp, /bin, or /bin/echo) themselves contain symlinks.
- Ensure that UnshareFiles performs execve immediately after clone(CLONE_VFORK)
(no heap allocation for ExecveArray/RunfilesPath).
- Use lstat() rather than stat() for the existence check in fs_util's Exists;
the latter will fail if the symlink target does not exist, even if the
symlink does.
PiperOrigin-RevId: 320110156
|
|
... so that Fuchsia gets the same special cases applied to gVisor in tests when
this envrionment variable is set.
PiperOrigin-RevId: 319239064
|
|
Updates #2923.
PiperOrigin-RevId: 317246916
|
|
VFS2 is adding more functionality than VFS1. In order to test
new functionality, it's required to skip some tests with VFS1.
To skip tests, use:
SKIP_IF(IsRunningWithVFS1());
The test will run in Linux and gVisor with VFS2 enabled.
Updates #1035
PiperOrigin-RevId: 312698616
|
|
PiperOrigin-RevId: 304659346
|