Age | Commit message (Collapse) | Author |
|
Runsc wants to mount /tmp using internal tmpfs implementation for
performance. However, it risks hiding files that may exist under
/tmp in case it's present in the container. Now, it only mounts
over /tmp iff:
- /tmp was not explicitly asked to be mounted
- /tmp is empty
If any of this is not true, then /tmp maps to the container's
image /tmp.
Note: checkpoint doesn't have sentry FS mounted to check if /tmp
is empty. It simply looks for explicit mounts right now.
PiperOrigin-RevId: 229607856
Change-Id: I10b6dae7ac157ef578efc4dfceb089f3b94cde06
|
|
syscall test split testcase via shard count, reset
high bound as begin of next subslice, cause the slice
is half-open range.
Change-Id: I1954f57c93cbfd9be518153315da305a2de377a0
PiperOrigin-RevId: 229405199
|
|
More helper structs have been added to the fsutil package to make it easier to
implement fs.InodeOperations and fs.FileOperations.
PiperOrigin-RevId: 229305982
Change-Id: Ib6f8d3862f4216745116857913dbfa351530223b
|
|
test/syscalls/linux/wait.cc:626:8: warning: lambda capture 'this' is not
used
302
[this, stack] { ASSERT_THAT(FreeStack(stack), SyscallSucceeds()); });
303
^~~~~
test/syscalls/linux/priority.cc:195:17: warning: lambda capture
'kParentPriority' is not required to be captured for this use
273
ScopedThread([kParentPriority, kChildPriority]() {
274
^~~~~~~~~~~~~~~~
PiperOrigin-RevId: 229275900
Change-Id: I6f0c88efc7891c6c729378a2fa70f70b1b9046a7
|
|
PiperOrigin-RevId: 229238781
Change-Id: Ib5a1e46293583efcb09e255fcd400c3fcc53ef1b
|
|
PiperOrigin-RevId: 229214698
Change-Id: Ib4ea2e330e61ee34bf913938d6120a52ecc38ce1
|
|
- Fix a few cases where async-signal-unsafe code is executed in a forked
process pre-execve.
- Ensure that the return value of fork() is always checked.
PiperOrigin-RevId: 228949310
Change-Id: I3096cb7d7394b8d9ab81b0e0245f2060713ef589
|
|
PiperOrigin-RevId: 228949227
Change-Id: I8f47bcd56aab706081218ec7498af8049ccd6d63
|
|
PiperOrigin-RevId: 228945914
Change-Id: Idfa0a3c27434655b5f9ac241f1726e0bc9ef0392
|
|
PiperOrigin-RevId: 228805981
Change-Id: I4f4c4a5d8de325dff38f6dfb92108fc848d823fd
|
|
Removing check to RLIMIT_NOFILE in select call.
Adding unit test to select suite to document behavior.
Moving setrlimit class from mlock to a util file for reuse.
Fixing flaky test based on comments from Jamie.
PiperOrigin-RevId: 228726131
Change-Id: Ie9dbe970bbf835ba2cca6e17eec7c2ee6fadf459
|
|
Instead just find the syscall_test_runner binary in the shell script.
PiperOrigin-RevId: 228621230
Change-Id: I274ee0874e47d53f59474b1ac730ee45e3dff977
|
|
The static local variable `enabled` in CooperativeSaveEnabled() is not
initialized until the first call to CooperativeSaveEnabled(), per the
C++14 standard, section 6.7 ("Declaration statement"), paragraph 4. This
initialization is thread-safe as of C++11, but it is *not* required to
be async-signal-safe. Use a namespace-scope variable instead, since this
is guaranteed to be zero-initialized before main() by section 3.6.2
("Initialization of non-local variables").
getenv() is technically not async-signal-safe either, hence the hedging
in the change summary line. However, glibc's implementation of getenv()
appears to be async-signal-safe in the absence of calls to setenv().
PiperOrigin-RevId: 228588617
Change-Id: I669f555d1c91352d55c606970bb237ec888fa7ca
|
|
PiperOrigin-RevId: 228574092
Change-Id: Id93abcca1ce964eb595907df9355702d469bc33b
|
|
PiperOrigin-RevId: 228403149
Change-Id: Iab212e49d9eb27d785bddc9fd447835ce8c485ae
|
|
PiperOrigin-RevId: 228245523
Change-Id: I5a4d0a6570b93958e51437e917e5331d83e23a7e
|
|
PiperOrigin-RevId: 228243120
Change-Id: I2726d580f4f9fad0ecc6a912e0e576ed9e08ce72
|
|
PiperOrigin-RevId: 227738801
Change-Id: Ic0c5d10c3b1f21b3f85ff9a661a55db77fab77b0
|
|
This option allows multiple sockets to be bound to the same port.
Incoming packets are distributed to sockets using a hash based on source and
destination addresses. This means that all packets from one sender will be
received by the same server socket.
PiperOrigin-RevId: 227153413
Change-Id: I59b6edda9c2209d5b8968671e9129adb675920cf
|
|
epoll_wait acquires EventPoll.listsMu (in EventPoll.ReadEvents) and
then calls Inotify.Readiness which tries to acquire Inotify.evMu.
getdents acquires Inotify.evMu (in Inotify.queueEvent) and then calls
readyCallback.Callback which tries to acquire EventPoll.listsMu.
The fix is to release Inotify.evMu before calling Queue.Notify. Queue
is thread-safe and doesn't require Inotify.evMu to be held.
Closes #121
PiperOrigin-RevId: 227066695
Change-Id: Id29364bb940d1727f33a5dff9a3c52f390c15761
|
|
PiperOrigin-RevId: 226993086
Change-Id: I71757f231436538081d494da32ca69f709bc71c7
|
|
We don't explicitly support out-of-band data and treat it like normal in-band
data. This is equilivent to SO_OOBINLINE being enabled, so always report that
it is enabled.
PiperOrigin-RevId: 226572742
Change-Id: I4c30ccb83265e76c30dea631cbf86822e6ee1c1b
|
|
We now build all packages (including //test/...) with RBE as part of the Kokoro
presubmit.
The tests do not yet use RBE, because there are some failures. The Golang unit,
integration, and image tests still run locally.
The syscall test suite needs even more work to make it pass on RBE. Those will
be enabled in follow-up CLs. They currently are not enabled at all on Kokoro.
PiperOrigin-RevId: 226562208
Change-Id: Idd2b81b3e8f07bf300c77e68990493ba97d16e23
|
|
heapcheck works fine now.
PiperOrigin-RevId: 226552252
Change-Id: Ifcf17a377b3d6512a576f54462dd81c1d4c7b17c
|
|
Within gVisor, plumb new socket options to netstack.
Within netstack, fix GetSockOpt and SetSockOpt return value logic.
PiperOrigin-RevId: 226532229
Change-Id: If40734e119eed633335f40b4c26facbebc791c74
|
|
We actually need to include test main!
PiperOrigin-RevId: 226524447
Change-Id: I9d9e631611183c7c1fbae1c20a222c9aeef269b2
|
|
The code that matches the event being published with events watchers
was wronly matching all watchers in case any of the control event bits
were set.
Issue #121
PiperOrigin-RevId: 226521230
Change-Id: Ie2c42bc4366faaf59fbf80a74e9297499bd93f9e
|
|
PiperOrigin-RevId: 226493053
Change-Id: Ia98d1cb6dd0682049e4d907ef69619831de5c34a
|
|
PiperOrigin-RevId: 226387521
Change-Id: I0579ab262320fde6c72d2994dd38437f01a99ea5
|
|
PiperOrigin-RevId: 226350590
Change-Id: Idff080705f644f8f78ce92b53c77eecc37e002e7
|
|
PiperOrigin-RevId: 226224230
Change-Id: Id24c7d3733722fd41d5fe74ef64e0ce8c68f0b12
|
|
Implement pwritev2 and associated unit tests.
Clean up preadv2 unit tests.
Tag RWF_ flags in both preadv2 and pwritev2 with associated bug tickets.
PiperOrigin-RevId: 226222119
Change-Id: Ieb22672418812894ba114bbc88e67f1dd50de620
|
|
PiperOrigin-RevId: 226037787
Change-Id: I5fb5f55f68b67dd86bbff46349b46e3e8e6b9d1b
|
|
PiperOrigin-RevId: 226029237
Change-Id: I6fcdb241d635468beb6d6c173f2e7f96d715bf26
|
|
PiperOrigin-RevId: 226018694
Change-Id: I98965e26fe565f37e98e5df5f997363ab273c91b
|
|
PiperOrigin-RevId: 225992500
Change-Id: Icc8b1675f1cb625fc5e8ef7389beb42fa7bfaa13
|
|
Connectionless Unix sockets (DGRAM Unix sockets created with the socket system
call) inherently only have a read queue. They do not establish bidirectional
connections, instead, the connect system call only sets a default send
location. Writes give the data to the other endpoint which has its own read
queue.
To simplify the code, connectionless Unix sockets still get read and write
queues, but the write queue is a dummy and never waited on. The read queue is
the connectionless endpoint's queue. This change fixes a bug where the dummy
queue was incorrectly set as the read queue and the endpoint's queue was
incorrectly set as the write queue. This meant that read notifications went
to the dummy queue and were black holed.
PiperOrigin-RevId: 225921042
Change-Id: I8d9059def787a2c3c305185b92d05093fbd2be2a
|
|
PiperOrigin-RevId: 225887356
Change-Id: Iee000dcfc9e0168c2566edf41c66108be9b68cd6
|
|
Currently mlock() and friends do nothing whatsoever. However, mlocking
is directly application-visible in a number of ways; for example,
madvise(MADV_DONTNEED) and msync(MS_INVALIDATE) both fail on mlocked
regions. We handle this inconsistently: MADV_DONTNEED is too important
to not work, but MS_INVALIDATE is rejected.
Change MM to track mlocked regions in a manner consistent with Linux.
It still will not actually pin pages into host physical memory, but:
- mlock() will now cause sentry memory management to precommit mlocked
pages.
- MADV_DONTNEED and MS_INVALIDATE will interact with mlocked pages as
described above.
PiperOrigin-RevId: 225861605
Change-Id: Iee187204979ac9a4d15d0e037c152c0902c8d0ee
|
|
PiperOrigin-RevId: 225646045
Change-Id: Ic712ebc627587ef4a9486f0b39fe8c96100f10ff
|
|
PiperOrigin-RevId: 225620490
Change-Id: Ia726107b3f58093a5f881634f90b071b32d2c269
|
|
PiperOrigin-RevId: 225574278
Change-Id: If5060a37e8a9b0120bec2b5de4037354f0eaba16
|
|
PiperOrigin-RevId: 225455503
Change-Id: I327fc6e7ba26532b628f343dece3bd9fc4d3b524
|
|
This test suite was creating shm segments without ensuring they were
cleaned up. Shm segments outlive the process creating them, so on a
standard linux machine the test was leaving segments behind after each
run. This would often cause failures as test cases would be affected
by the cases that ran before them and left unexpected segments lying
around.
Also skip some assertions around memory usage when running on a Linux
host, as we can't reason about external users of shm segments.
PiperOrigin-RevId: 225435523
Change-Id: Ia299dacf59045002436f5e30dcc131f679bb7272
|
|
PiperOrigin-RevId: 225424296
Change-Id: I60fcc2b859339dca9963cb32227a287e719ab765
|
|
This ensures that we know what type of socket caused a timeout.
PiperOrigin-RevId: 225294255
Change-Id: I9033bd0f3791d3b5714aa08d111cf58a3014d252
|
|
This allows ValueOrDie() to be called on PosixErrorOr rvalues (e.g.
temporaries) holding move-only types without extraneous std::move()s.
PiperOrigin-RevId: 225098036
Change-Id: I662862e4f3562141f941845fc6e197edb27ce29b
|
|
PiperOrigin-RevId: 225054712
Change-Id: I26e8bc3ef04fe96a4640e50ba4b635d4aa72cc50
|
|
PiperOrigin-RevId: 225046313
Change-Id: I95fe9c353a5bec13e6ad99094b7741a0e160e4d0
|
|
The argument is --test_tag_filters, not --test_tag_filter.
Also switch to ... instead of :*, as it doesn't require special shell
quoting to avoid * expansion.
PiperOrigin-RevId: 224949618
Change-Id: I45dd6acbaeae29f2cc0baa977b086b5c037c6a88
|