Fabricio Voznika
gVisor bot
parent
981a587476
commit
6dd5a1f3fe
|
|
@ -44,9 +44,6 @@ const (
|
||||||
// lookup.
|
// lookup.
|
||||||
cacheRevalidate = "revalidate"
|
cacheRevalidate = "revalidate"
|
||||||
|
|
||||||
// TODO(edahlgren/mpratt): support a tmpfs size limit.
|
|
||||||
// size = "size"
|
|
||||||
|
|
||||||
// Permissions that exceed modeMask will be rejected.
|
// Permissions that exceed modeMask will be rejected.
|
||||||
modeMask = 01777
|
modeMask = 01777
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -682,7 +682,7 @@ func (fs *Filesystem) StatFSAt(ctx context.Context, rp *vfs.ResolvingPath) (linu
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return linux.Statfs{}, err
|
return linux.Statfs{}, err
|
||||||
}
|
}
|
||||||
// TODO: actually implement statfs
|
// TODO(gvisor.dev/issue/1193): actually implement statfs.
|
||||||
return linux.Statfs{}, syserror.ENOSYS
|
return linux.Statfs{}, syserror.ENOSYS
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -184,7 +184,6 @@ func (t *Task) CanTrace(target *Task, attach bool) bool {
|
||||||
if targetCreds.PermittedCaps&^callerCreds.PermittedCaps != 0 {
|
if targetCreds.PermittedCaps&^callerCreds.PermittedCaps != 0 {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
// TODO: Yama LSM
|
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -497,7 +497,7 @@ type FilesystemImpl interface {
|
||||||
// Preconditions: vd.Mount().Filesystem().Impl() == this FilesystemImpl.
|
// Preconditions: vd.Mount().Filesystem().Impl() == this FilesystemImpl.
|
||||||
PrependPath(ctx context.Context, vfsroot, vd VirtualDentry, b *fspath.Builder) error
|
PrependPath(ctx context.Context, vfsroot, vd VirtualDentry, b *fspath.Builder) error
|
||||||
|
|
||||||
// TODO: inotify_add_watch()
|
// TODO(gvisor.dev/issue/1479): inotify_add_watch()
|
||||||
}
|
}
|
||||||
|
|
||||||
// PrependPathAtVFSRootError is returned by implementations of
|
// PrependPathAtVFSRootError is returned by implementations of
|
||||||
|
|
|
||||||
|
|
@ -233,9 +233,9 @@ func (vfs *VirtualFilesystem) MountAt(ctx context.Context, creds *auth.Credentia
|
||||||
}
|
}
|
||||||
vd.dentry.mu.Lock()
|
vd.dentry.mu.Lock()
|
||||||
}
|
}
|
||||||
// TODO: Linux requires that either both the mount point and the mount root
|
// TODO(gvisor.dev/issue/1035): Linux requires that either both the mount
|
||||||
// are directories, or neither are, and returns ENOTDIR if this is not the
|
// point and the mount root are directories, or neither are, and returns
|
||||||
// case.
|
// ENOTDIR if this is not the case.
|
||||||
mntns := vd.mount.ns
|
mntns := vd.mount.ns
|
||||||
mnt := newMount(vfs, fs, root, mntns, opts)
|
mnt := newMount(vfs, fs, root, mntns, opts)
|
||||||
vfs.mounts.seq.BeginWrite()
|
vfs.mounts.seq.BeginWrite()
|
||||||
|
|
@ -274,9 +274,9 @@ func (vfs *VirtualFilesystem) UmountAt(ctx context.Context, creds *auth.Credenti
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO(jamieliu): Linux special-cases umount of the caller's root, which
|
// TODO(gvisor.dev/issue/1035): Linux special-cases umount of the caller's
|
||||||
// we don't implement yet (we'll just fail it since the caller holds a
|
// root, which we don't implement yet (we'll just fail it since the caller
|
||||||
// reference on it).
|
// holds a reference on it).
|
||||||
|
|
||||||
vfs.mounts.seq.BeginWrite()
|
vfs.mounts.seq.BeginWrite()
|
||||||
if opts.Flags&linux.MNT_DETACH == 0 {
|
if opts.Flags&linux.MNT_DETACH == 0 {
|
||||||
|
|
|
||||||
|
|
@ -55,7 +55,7 @@ func TestMountTableInsertLookup(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: concurrent lookup/insertion/removal
|
// TODO(gvisor.dev/issue/1035): concurrent lookup/insertion/removal.
|
||||||
|
|
||||||
// must be powers of 2
|
// must be powers of 2
|
||||||
var benchNumMounts = []int{1 << 2, 1 << 5, 1 << 8}
|
var benchNumMounts = []int{1 << 2, 1 << 5, 1 << 8}
|
||||||
|
|
|
||||||
|
|
@ -272,9 +272,8 @@ func setupRootFS(spec *specs.Spec, conf *boot.Config) error {
|
||||||
|
|
||||||
root := spec.Root.Path
|
root := spec.Root.Path
|
||||||
if !conf.TestOnlyAllowRunAsCurrentUserWithoutChroot {
|
if !conf.TestOnlyAllowRunAsCurrentUserWithoutChroot {
|
||||||
// FIXME: runsc can't be re-executed without
|
// runsc can't be re-executed without /proc, so we create a tmpfs mount,
|
||||||
// /proc, so we create a tmpfs mount, mount ./proc and ./root
|
// mount ./proc and ./root there, then move this mount to the root and after
|
||||||
// there, then move this mount to the root and after
|
|
||||||
// setCapsAndCallSelf, runsc will chroot into /root.
|
// setCapsAndCallSelf, runsc will chroot into /root.
|
||||||
//
|
//
|
||||||
// We need a directory to construct a new root and we know that
|
// We need a directory to construct a new root and we know that
|
||||||
|
|
|
||||||
|
|
@ -56,10 +56,6 @@ TEST(EpollTest, AllWritable) {
|
||||||
struct epoll_event result[kFDsPerEpoll];
|
struct epoll_event result[kFDsPerEpoll];
|
||||||
ASSERT_THAT(RetryEINTR(epoll_wait)(epollfd.get(), result, kFDsPerEpoll, -1),
|
ASSERT_THAT(RetryEINTR(epoll_wait)(epollfd.get(), result, kFDsPerEpoll, -1),
|
||||||
SyscallSucceedsWithValue(kFDsPerEpoll));
|
SyscallSucceedsWithValue(kFDsPerEpoll));
|
||||||
// TODO(edahlgren): Why do some tests check epoll_event::data, and others
|
|
||||||
// don't? Does Linux actually guarantee that, in any of these test cases,
|
|
||||||
// epoll_wait will necessarily write out the epoll_events in the order that
|
|
||||||
// they were registered?
|
|
||||||
for (int i = 0; i < kFDsPerEpoll; i++) {
|
for (int i = 0; i < kFDsPerEpoll; i++) {
|
||||||
ASSERT_EQ(result[i].events, EPOLLOUT);
|
ASSERT_EQ(result[i].events, EPOLLOUT);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -87,6 +87,7 @@ class FileTest : public ::testing::Test {
|
||||||
ClosePipes();
|
ClosePipes();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected:
|
||||||
std::string test_file_name_;
|
std::string test_file_name_;
|
||||||
FileDescriptor test_file_fd_;
|
FileDescriptor test_file_fd_;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -27,14 +27,7 @@ namespace testing {
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
|
|
||||||
// This test is currently very rudimentary.
|
// TODO(gvisor.dev/issue/2370): This test is currently very rudimentary.
|
||||||
//
|
|
||||||
// TODO(edahlgren):
|
|
||||||
// * bad buffer states (EFAULT).
|
|
||||||
// * bad fds (wrong permission, wrong type of file, EBADF).
|
|
||||||
// * check offset is not incremented.
|
|
||||||
// * check for EOF.
|
|
||||||
// * writing to pipes, symlinks, special files.
|
|
||||||
class Pwrite64 : public ::testing::Test {
|
class Pwrite64 : public ::testing::Test {
|
||||||
void SetUp() override {
|
void SetUp() override {
|
||||||
name_ = NewTempAbsPath();
|
name_ = NewTempAbsPath();
|
||||||
|
|
|
||||||
|
|
@ -242,7 +242,7 @@ TEST_F(TuntapTest, InvalidReadWrite) {
|
||||||
TEST_F(TuntapTest, WriteToDownDevice) {
|
TEST_F(TuntapTest, WriteToDownDevice) {
|
||||||
SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN)));
|
SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN)));
|
||||||
|
|
||||||
// FIXME: gVisor always creates enabled/up'd interfaces.
|
// FIXME(b/110961832): gVisor always creates enabled/up'd interfaces.
|
||||||
SKIP_IF(IsRunningOnGvisor());
|
SKIP_IF(IsRunningOnGvisor());
|
||||||
|
|
||||||
FileDescriptor fd = ASSERT_NO_ERRNO_AND_VALUE(Open(kDevNetTun, O_RDWR));
|
FileDescriptor fd = ASSERT_NO_ERRNO_AND_VALUE(Open(kDevNetTun, O_RDWR));
|
||||||
|
|
@ -280,10 +280,11 @@ PosixErrorOr<FileDescriptor> OpenAndAttachTap(
|
||||||
&addr, sizeof(addr)));
|
&addr, sizeof(addr)));
|
||||||
|
|
||||||
if (!IsRunningOnGvisor()) {
|
if (!IsRunningOnGvisor()) {
|
||||||
// FIXME: gVisor doesn't support setting MAC address on interfaces yet.
|
// FIXME(b/110961832): gVisor doesn't support setting MAC address on
|
||||||
|
// interfaces yet.
|
||||||
RETURN_IF_ERRNO(LinkSetMacAddr(link->index, kMacA, sizeof(kMacA)));
|
RETURN_IF_ERRNO(LinkSetMacAddr(link->index, kMacA, sizeof(kMacA)));
|
||||||
|
|
||||||
// FIXME: gVisor always creates enabled/up'd interfaces.
|
// FIXME(b/110961832): gVisor always creates enabled/up'd interfaces.
|
||||||
RETURN_IF_ERRNO(LinkChangeFlags(link->index, IFF_UP, IFF_UP));
|
RETURN_IF_ERRNO(LinkChangeFlags(link->index, IFF_UP, IFF_UP));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -31,14 +31,8 @@ namespace gvisor {
|
||||||
namespace testing {
|
namespace testing {
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
// This test is currently very rudimentary.
|
|
||||||
//
|
// TODO(gvisor.dev/issue/2370): This test is currently very rudimentary.
|
||||||
// TODO(edahlgren):
|
|
||||||
// * bad buffer states (EFAULT).
|
|
||||||
// * bad fds (wrong permission, wrong type of file, EBADF).
|
|
||||||
// * check offset is incremented.
|
|
||||||
// * check for EOF.
|
|
||||||
// * writing to pipes, symlinks, special files.
|
|
||||||
class WriteTest : public ::testing::Test {
|
class WriteTest : public ::testing::Test {
|
||||||
public:
|
public:
|
||||||
ssize_t WriteBytes(int fd, int bytes) {
|
ssize_t WriteBytes(int fd, int bytes) {
|
||||||
|
|
|
||||||
|
|
@ -105,7 +105,6 @@ def _go_template_instance_impl(ctx):
|
||||||
executable = ctx.executable._tool,
|
executable = ctx.executable._tool,
|
||||||
)
|
)
|
||||||
|
|
||||||
# TODO: How can we get the dependencies out?
|
|
||||||
return struct(
|
return struct(
|
||||||
files = depset([output]),
|
files = depset([output]),
|
||||||
)
|
)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue