Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 305604557
|
|
PiperOrigin-RevId: 305592245
|
|
Determine system time from within the sentry rather than relying on the remote
filesystem to prevent inconsistencies.
Resolve related TODOs; the time discrepancies in question don't exist anymore.
PiperOrigin-RevId: 305557099
|
|
PiperOrigin-RevId: 305546584
|
|
Updates #164
PiperOrigin-RevId: 305544029
|
|
PiperOrigin-RevId: 305466309
|
|
SO_REUSEPORT is not properly restored:
https://github.com/google/gvisor/issues/873
PiperOrigin-RevId: 305422775
|
|
RFC 1122 Section 3.7: A sending TCP MUST be robust against window shrinking,
which may cause the "useable window" to become negative.
PiperOrigin-RevId: 305377072
|
|
PiperOrigin-RevId: 305341059
|
|
PiperOrigin-RevId: 305328184
|
|
gofer operations accumulate dentries touched in a slice to call
checkCachingLocked on them when the operation is over. In case
the same dentry is touched multiple times during the operation,
checkCachingLocked, and consequently destroyLocked, may be called
more than once for the same dentry.
Updates #1198
PiperOrigin-RevId: 305276819
|
|
PiperOrigin-RevId: 305157179
|
|
Running the test 1000x almost always produces 1+ test failures where
the sample count is slightly more than 60.
PiperOrigin-RevId: 305051754
|
|
Tested:
Sample output for printing 3 different Layer structs:
&testbench.Ether{SrcAddr:02:42:c4:77:5d:14 DstAddr:02:42:c4:77:5d:0a}
&testbench.IPv4{SrcAddr:196.119.93.20 DstAddr:224.0.0.1}
&testbench.UDP{SrcPort:0xc00033b260 DstPort:0xc00033b280}
Sample output for printing a Layers struct (word-wrapped):
[&testbench.Ether{SrcAddr:02:42:c4:77:5d:14 DstAddr:02:42:c4:77:5d:0a}
&testbench.IPv4{SrcAddr:196.119.93.20 DstAddr:224.0.0.1}
&testbench.UDP{SrcPort:0xc00033b260 DstPort:0xc00033b280}
&testbench.Payload{Bytes:[104 101 108 108 111 32 119 111 114 108 100]}]
PiperOrigin-RevId: 305014376
|
|
PiperOrigin-RevId: 304684417
|
|
* Increase a buffer size for getdents64
* Increase a number of shards
PiperOrigin-RevId: 304670004
|
|
PiperOrigin-RevId: 304659346
|
|
PiperOrigin-RevId: 304641990
|
|
PiperOrigin-RevId: 304508083
|
|
The test is flaky in cooperative S/R mode because TCP timers are not restored
across a S/R. This can cause the TCPLinger2 timer to not fire. This change
disables S/R before setting the TCP_LINGER2 timeout.
PiperOrigin-RevId: 304430536
|
|
This allows control over the gRPC timeouts as needed.
PiperOrigin-RevId: 304225713
|
|
PiperOrigin-RevId: 304098611
|
|
A socket mount where anonymous sockets will reside is added to the
VirtualFilesystem. Socketfs is built on top of kernfs.
Updates #1476, #1478, #1484, #1485.
PiperOrigin-RevId: 304095251
|
|
This feature will match UID and GID of the packet creator, for locally
generated packets. This match is only valid in the OUTPUT and POSTROUTING
chains. Forwarded packets do not have any socket associated with them.
Packets from kernel threads do have a socket, but usually no owner.
|
|
PiperOrigin-RevId: 303158421
|
|
PiperOrigin-RevId: 303147253
|
|
PiperOrigin-RevId: 302987344
|
|
It's possible to execute the command that checks user's
$HOME dir before the user is created. Move the code that
creates the user inside exec so it can be serialized.
PiperOrigin-RevId: 302986184
|
|
The only test failing now requires socket which is not
available in VFS2 yet.
Updates #1198
PiperOrigin-RevId: 302976572
|
|
- Fix definitions of Futex* wrappers.
- Correctly handle glibc syscall() (which returns -1 and sets errno instead of
returning the raw syscall return value).
- De-parameterize FutexWaitBitset, which was apparently intended to test with
deadlines of between 0 and 100000 nanoseconds after the Unix epoch, but was
broken due to the preceding two issues.
- Use wall time to measure the durations of tests that are expected to block
(and thus stop accumulating CPU time).
- Require 5s for all tests to improve robustness in the presence of sentry GC.
- Remove FutexContend and FutexContendDeadline; it's unclear what these are
supposed to measure, given that (1) FutexLock is unrealistically inefficient
and (2) the benchmark rewards slow scheduling (since this reduces
contention).
PiperOrigin-RevId: 302925246
|
|
In cl/302130790, we started using a temp directory which is provided by bazel.
By default, a test process has enough permissions to open it, but there is not
any guarantee that it still will be able to do this after changing credentials.
PiperOrigin-RevId: 302702337
|
|
Fixes #506
PiperOrigin-RevId: 302540404
|
|
The root mount is not shared by default, but all other mounts are shared.
So if we create the /tmp mount, this means that we run tests on a shared mount
even if tests run without the --shared option.
PiperOrigin-RevId: 302130790
|
|
PiperOrigin-RevId: 301872161
|
|
PiperOrigin-RevId: 301716568
|
|
These tests could timeout because net.DialTCP didn't respect the
timeout.
|
|
PiperOrigin-RevId: 301686266
|
|
PiperOrigin-RevId: 301650898
|
|
PiperOrigin-RevId: 301614096
|
|
Fixes #2058
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Change-Id: I05750d238a6425d3a47fae15720901f4dd924a32
|
|
PiperOrigin-RevId: 301476456
|
|
PiperOrigin-RevId: 301382690
|
|
PiperOrigin-RevId: 301208471
|
|
PiperOrigin-RevId: 301197007
|
|
- When setting up the virtual filesystem, mount a host.filesystem to contain
all files that need to be imported.
- Make read/preadv syscalls to the host in cases where preadv2 may not be
supported yet (likewise for writing).
- Make save/restore functions in kernel/kernel.go return early if vfs2 is
enabled.
PiperOrigin-RevId: 300922353
|
|
PiperOrigin-RevId: 300802159
|
|
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Change-Id: Ibc926c917d98b31fc92bbf8d82d6818c39b0f93c
|
|
PiperOrigin-RevId: 300626011
|
|
When the sandbox runs in attached more, e.g. runsc do, runsc run, the
sandbox lifetime is controlled by the parent process. This wasn't working
in all cases because PR_GET_PDEATHSIG doesn't propagate through execve
when the process changes uid/gid. So it was getting dropped when the
sandbox execve's to change to user nobody.
PiperOrigin-RevId: 300601247
|
|
Fixed flakes (tested via --runs_per_test=100) and added skips for
not-yet-implemented features. Once submitted, the iptables tests will be
ready to enable in kokoro.
|