Age | Commit message (Collapse) | Author |
|
When the sandbox runs in attached more, e.g. runsc do, runsc run, the
sandbox lifetime is controlled by the parent process. This wasn't working
in all cases because PR_GET_PDEATHSIG doesn't propagate through execve
when the process changes uid/gid. So it was getting dropped when the
sandbox execve's to change to user nobody.
PiperOrigin-RevId: 300601247
|
|
Fixed flakes (tested via --runs_per_test=100) and added skips for
not-yet-implemented features. Once submitted, the iptables tests will be
ready to enable in kokoro.
|
|
PiperOrigin-RevId: 300362789
|
|
PiperOrigin-RevId: 300171916
|
|
Issue #1833
PiperOrigin-RevId: 299998105
|
|
Without this change, the assembly code of this test compiled without
optimizations:
mov -0x150(%rbp),%rax
movl $0x77777777,(%rax)
lea -0x128(%rbp),%rax
with optimizations:
movl $0x77777777,0x0
This code doesn't work properly, because the test changes rax in the segv
handler.
PiperOrigin-RevId: 299896117
|
|
From RFC 793 s3.9 p61 Event Processing:
CLOSE Call during TIME-WAIT: return with "error: connection closing"
Fixes #1603
PiperOrigin-RevId: 299401353
|
|
PiperOrigin-RevId: 299396286
|
|
Adds an oom_score_adj and oom_score proc file stub. oom_score_adj accepts
writes of values -1000 to 1000 and persists the value with the task. New tasks
inherit the parent's oom_score_adj.
oom_score is a read-only stub that always returns the value '0'.
Issue #202
PiperOrigin-RevId: 299245355
|
|
PiperOrigin-RevId: 299151227
|
|
PiperOrigin-RevId: 298951909
|
|
The benchmark_filter options accepts regex-s, but
the gtest-filter option accepts shell-like wildcards.
Fixes #2034
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
$RANDOM can cause collisions but shuf uses /dev/urandom so it ought to cause
fewer.
PiperOrigin-RevId: 298786344
|
|
PiperOrigin-RevId: 298683693
|
|
PiperOrigin-RevId: 298683502
|
|
PiperOrigin-RevId: 298667595
|
|
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
PiperOrigin-RevId: 298476533
|
|
PiperOrigin-RevId: 298451319
|
|
The error was introduced in the merge of PR #1471.
Some codes are missing when adding bazel select_arch
command to the test/syscall/linux/BUILD file.
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Change-Id: I8cae3f4ae78c2e14671f3ac6e7361dc2806d9305
|
|
PiperOrigin-RevId: 297915815
|
|
/dev/net/tun does not currently work with hostinet. This has caused some
program starts failing because it thinks the feature exists.
PiperOrigin-RevId: 297876196
|
|
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
PiperOrigin-RevId: 297638665
|
|
PiperOrigin-RevId: 297485310
|
|
|
|
- commit the changes for the comments.
|
|
PiperOrigin-RevId: 297009116
|
|
PiperOrigin-RevId: 296975376
|
|
Build runsc and run "runsc do ls".
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
PiperOrigin-RevId: 296526279
|
|
PiperOrigin-RevId: 296519566
|
|
TCP/IP will work with netstack networking. hostinet doesn't work, and sockets
will have the same behavior as it is now.
Before the userspace is able to create device, the default loopback device can
be used to test.
/proc/net and /sys/net will still be connected to the root network stack; this
is the same behavior now.
Issue #1833
PiperOrigin-RevId: 296309389
|
|
PiperOrigin-RevId: 296104390
|
|
So that they can be included by Fuchsia's syscall tests
PiperOrigin-RevId: 296030383
|
|
Added the ability to get/set the IP_RECVTCLASS socket option on UDP endpoints.
If enabled, traffic class from the incoming Network Header passed as ancillary
data in the ControlMessages.
Adding Get/SetSockOptBool to decrease the overhead of getting/setting simple
options. (This was absorbed in a CL that will be landing before this one).
Test:
* Added unit test to udp_test.go that tests getting/setting as well as
verifying that we receive expected TOS from incoming packet.
* Added a syscall test for verifying getting/setting
* Removed test skip for existing syscall test to enable end to end test.
PiperOrigin-RevId: 295840218
|
|
PiperOrigin-RevId: 295835807
|
|
- Retry if fallocate returns EINTR.
- If fallocate fails, don't try to fstat and confirm the result.
PiperOrigin-RevId: 295789790
|
|
PiperOrigin-RevId: 295785052
|
|
Add nat table support for Prerouting hook with Redirect option.
Add tests to check redirect of ports.
|
|
$ iptables -N foochain
$ iptables -A INPUT -j foochain
|
|
PiperOrigin-RevId: 294957297
|
|
PiperOrigin-RevId: 294952610
|
|
- Adds creation of user chains via `-N <chainname>`
- Adds `-j RETURN` support for built-in chains, which triggers the
chain's underflow rule (usually the default policy).
- Adds tests for chain creation, default policies, and `-j RETURN' from
built-in chains.
|
|
So that they can be included by Fuchsia's syscall tests
PiperOrigin-RevId: 294654890
|
|
In particular, explain how to push updates to the images.
PiperOrigin-RevId: 294508879
|
|
PiperOrigin-RevId: 294265019
|
|
The readme didn't mention that users need to:
- `bazel build` when working on iptables tests
- enable raw sockets in /etc/docker/daemon.json.
PiperOrigin-RevId: 294260169
|
|
PiperOrigin-RevId: 294250370
|
|
Note that these are only implemented for tmpfs, and other impls will still
return EOPNOTSUPP.
PiperOrigin-RevId: 293899385
|