Fabricio Voznika
ac01f245ff
Skip atime and mtime update when file is backed by host FD
...
When file is backed by host FD, atime and mtime for the host file and the
cached attributes in the Sentry must be close together. In this case,
the call to update atime and mtime can be skipped. This is important when
host filesystem is using overlay because updating atime and mtime explicitly
forces a copy up for every file that is touched.
PiperOrigin-RevId: 196176413
Change-Id: I3933ea91637a071ba2ea9db9d8ac7cdba5dc0482
2018-05-10 14:59:40 -07:00
Fabricio Voznika
31a4fefbe0
Make cachePolicy int to avoid string comparison
...
PiperOrigin-RevId: 196157086
Change-Id: Ia7f7ffe1bf486b21ef8091e2e8ef9a9faf733dfc
2018-05-10 12:47:15 -07:00
Nicolas Lacasse
9d91c44d77
Fix nightly release upload path.
...
The "nightly/latest" was duplicated.
PiperOrigin-RevId: 196156453
Change-Id: Iccac65d870f3eb44c4bd97bcbed5cc436cb1d3c9
2018-05-10 12:42:17 -07:00
Fabricio Voznika
5a509c47a2
Open file as read-write when mount points to a file
...
This is to allow files mapped directly, like /etc/hosts, to be writable.
Closes #40
PiperOrigin-RevId: 196155920
Change-Id: Id2027e421cef5f94a0951c3e18b398a77c285bbd
2018-05-10 12:38:36 -07:00
Nicolas Lacasse
2d3c6dc2ef
Upload the nightly release to a "nightly/latest" bucket for easy download.
...
We also upload to a path with the current date, so that previous builds are
archived. Since these builds only include the date (and not time) their links
are somewhat discoverable as well.
PiperOrigin-RevId: 196147475
Change-Id: I54792d7a4ba2a7af24a51cd9b9f153c7744b310b
2018-05-10 11:40:29 -07:00
Nicolas Lacasse
e2720f91dc
Put the http dependencies first in the WORKSPACE file.
...
PiperOrigin-RevId: 196131690
Change-Id: I3a4eec0dcca654380ea229e3ae388ca416200110
2018-05-10 10:07:14 -07:00
Nicolas Lacasse
3271d549f0
Build nightly runsc releases with Kokoro.
...
PiperOrigin-RevId: 196129010
Change-Id: I655eb3eecf24ffff475b3882ec55a8b55e6d2f36
2018-05-10 09:48:50 -07:00
Nicolas Lacasse
0ca020dcb3
Use the go_repository rule from the Gazelle repo.
...
The one from rules_go is being deprecated.
PiperOrigin-RevId: 196128132
Change-Id: I7a4ab32696a1bcd221b0585b7a4e8109462a3609
2018-05-10 09:41:58 -07:00
Nicolas Lacasse
c97f0978b7
Cache symlinks in addition to files and directories.
...
PiperOrigin-RevId: 196051326
Change-Id: I4195b110e9a7d38d1ce1ed9c613971dea1be3bf0
2018-05-09 16:58:21 -07:00
Nicolas Lacasse
b3bfb24991
Small readme tweak.
...
Change-Id: Ibbb94cfd901d72d879657aca38bf3db1580f0d62
PiperOrigin-RevId: 196043734
2018-05-09 16:01:24 -07:00
Fabricio Voznika
4453b56bd9
Increment link count in CreateHardlink
...
Closes #28
PiperOrigin-RevId: 196041391
Change-Id: I5d79f1735b9d72744e8bebc6897002b27df9aa7a
2018-05-09 15:44:26 -07:00
Nicolas Lacasse
1bdec86bae
Return better errors from Docker when runsc fails to start.
...
Two changes in this CL:
First, make the "boot" process sleep when it encounters an error to give the
controller time to send the error back to the "start" process. Otherwise the
"boot" process exits immediately and the control connection errors with EOF.
Secondly, open the log file with O_APPEND, not O_TRUNC. Docker uses the same
log file for all runtime commands, and setting O_TRUNC causes them to get
destroyed. Furthermore, containerd parses these log files in the event of an
error, and it does not like the file being truncated out from underneath it.
Now, when trying to run a binary that does not exist in the image, the error
message is more reasonable:
$ docker run alpine /not/found
docker: Error response from daemon: OCI runtime start failed: /usr/local/google/docker/runtimes/runscd did not terminate sucessfully: error starting sandbox: error starting application [/not/found]: failed to create init process: no such file or directory
Fixes #32
PiperOrigin-RevId: 196027084
Change-Id: Iabc24c0bdd8fc327237acc051a1655515f445e68
2018-05-09 14:13:37 -07:00
Googler
5ed969aff0
Internal change.
...
PiperOrigin-RevId: 195980843
Change-Id: I066f9696b69e92e144c2c8d2c2aa52c546df94fb
2018-05-09 09:21:25 -07:00
Zhaozhong Ni
ad278d6944
state: serialize string as bytes instead of protobuf string.
...
Protobuf strings have to be UTF-8 encoded or 7-bit ASCII.
PiperOrigin-RevId: 195902557
Change-Id: I9800afd47ecfa6615e28a2cce7f2532f04f10763
2018-05-08 17:23:50 -07:00
Jamie Liu
10a2cfc6a9
Implement /proc/[pid]/statm.
...
PiperOrigin-RevId: 195893391
Change-Id: I645b7042d7f4f9dd54723afde3e5df0986e43160
2018-05-08 16:14:48 -07:00
Nicolas Lacasse
d8c758cb15
Bump Bazel rules_go to v0.12.0, and Go toolchain to v1.10.2
...
PiperOrigin-RevId: 195866234
Change-Id: I81404d44a45b41c6cb81f83bd7b7a8d8493f5c98
2018-05-08 13:25:40 -07:00
Zhaozhong Ni
174161013d
Capture restore file system corruption errors in exit error.
...
PiperOrigin-RevId: 195850822
Change-Id: I4d7bdd8fe129c5ed461b73e1d7458be2cf5680c2
2018-05-08 11:36:59 -07:00
Jamie Liu
3ac3ea1d6a
Correct definition of SysV IPC structures.
...
PiperOrigin-RevId: 195849066
Change-Id: If2146c7ce649522f86e661c5e52a9983345d6967
2018-05-08 11:26:36 -07:00
Nicolas Lacasse
32cabad8da
Use the containerd annotation instead of detecting the "pause" application.
...
FIXED=72380268
PiperOrigin-RevId: 195846596
Change-Id: Ic87fed1433482a514631e1e72f5ee208e11290d1
2018-05-08 11:11:50 -07:00
Fabricio Voznika
e1b412d660
Error if container requires AppArmor, SELinux or seccomp
...
Closes #35
PiperOrigin-RevId: 195840128
Change-Id: I31c1ad9b51ec53abb6f0b485d35622d4e9764b29
2018-05-08 10:34:11 -07:00
Zhaozhong Ni
fea624b37a
Sentry: always use "best speed" compression for save and remove the option.
...
PiperOrigin-RevId: 195835861
Change-Id: Ib696b1b571a6b061725a33c535cd7215fe518b97
2018-05-08 10:07:10 -07:00
Ian Gudger
09c323910d
Reword misleading log line
...
PiperOrigin-RevId: 195834310
Change-Id: I8af748f75ab87ad1cd29c4c8904d07fd729ba6c9
2018-05-08 09:59:03 -07:00
Ian Gudger
b4765f782d
Fix warning: redundant if ...; err != nil check, just return error instead.
...
This warning is produced by golint.
PiperOrigin-RevId: 195833381
Change-Id: Idd6a7e57e3cfdf00819f2374b19fc113585dc1e1
2018-05-08 09:51:56 -07:00
Ian Gudger
d0d01a1896
Fix format string type in test
...
PiperOrigin-RevId: 195831778
Change-Id: I413dc909cedc18fbf5320a4f75d876f1be133c6c
2018-05-08 09:39:42 -07:00
Ian Gudger
7c8c3705ea
Fix misspellings
...
PiperOrigin-RevId: 195742598
Change-Id: Ibd4a8e4394e268c87700b6d1e50b4b37dfce5182
2018-05-07 16:38:01 -07:00
Travis McDemus
a445b17933
tools/go_generics: fix typo in documentation of the type flag
...
PiperOrigin-RevId: 195742471
Change-Id: I114657f9238675da23461817ca542bdcb81312c2
2018-05-07 16:37:05 -07:00
Ian Gudger
d5104a56e5
Improve consistency in go_stateify file generation
...
This also fixes the go_vet warning:
error: Fprintln call ends with newline (vet)
PiperOrigin-RevId: 195738471
Change-Id: Ic7a9df40eec1457ef03e6ee70872c497a676b53c
2018-05-07 16:08:52 -07:00
Ian Gudger
5666e35c43
Improve consistency of github templates
...
PiperOrigin-RevId: 195735915
Change-Id: If4dcd836c3cf9da7c314b95101b23f95ff0eb234
2018-05-07 15:52:47 -07:00
Adin Scannell
bd806c37f0
Add generated file.
...
PiperOrigin-RevId: 195706470
Change-Id: Ia146119f04d92d559f58a6bab133d9da97e054c9
2018-05-07 12:52:44 -07:00
Fabricio Voznika
2c21e4c32c
Make bug template more readable in edit mode
...
When editing the bug, the rendered view of the tags don't show up. This format is easier to read.
PiperOrigin-RevId: 195697019
Change-Id: If9bb818b7ecd28bb87608a52b3343d488144ebfd
2018-05-07 11:50:36 -07:00
Ian Gudger
f0a17bf910
Remove dead code in urpc
...
PiperOrigin-RevId: 195525267
Change-Id: I7a5ef31365cb0c55c462deb9bdbec092473ebc6b
2018-05-05 01:22:23 -07:00
Michael Pratt
ebae219162
Note architecture and Linux version requirements
...
PiperOrigin-RevId: 195522238
Change-Id: I0107f856bea72ea6af8b196c1c13bafbc293ce95
2018-05-05 00:27:40 -07:00
Ian Gudger
268edf0e62
Remove ineffectual code in sentry ELF loader
...
PiperOrigin-RevId: 195517702
Change-Id: Id90309a6365cac06e68e8774aa79dc76ce1b11c7
2018-05-04 23:20:01 -07:00
Kevin Krakauer
d70787d340
sentry: Adds the SIOCGIFNETMASK ioctl to epsocket.
...
PiperOrigin-RevId: 195489319
Change-Id: I0841d41d042c6f91aa8d7f62c127213aa7953eac
2018-05-04 16:22:31 -07:00
Ian Gudger
f47174f06b
Run gofmt -s on everything
...
PiperOrigin-RevId: 195469901
Change-Id: I66d5c7a334bbb8b47e40d266a2661291c2d91c7f
2018-05-04 14:16:11 -07:00
Zhaozhong Ni
0ce9c81b41
sentry: capture CPU usage metadata for save.
...
PiperOrigin-RevId: 195466647
Change-Id: Ib5ca815f7b64a4881441e58567adedf344b206f1
2018-05-04 13:55:53 -07:00
Michael Pratt
7bb10dc7a0
Disable stack protector in VDSO build
...
The VDSO has no hooks to handle stack protector failures.
Fixes #9
PiperOrigin-RevId: 195460989
Change-Id: Idf1d55bfee1126e551d7274b7f484e03bf440427
2018-05-04 13:15:51 -07:00
Ian Gudger
f94d90073f
Add to the github issue template
...
PiperOrigin-RevId: 195444658
Change-Id: I62d12405324f9c80ec572c65d76c5f320a9b549e
2018-05-04 11:26:22 -07:00
Fabricio Voznika
c90fefc116
Fix runsc capabilities
...
There was a typo and one new capability missing from the list
PiperOrigin-RevId: 195427713
Change-Id: I6d9e1c6e77b48fe85ef10d9f54c70c8a7271f6e7
2018-05-04 09:39:28 -07:00
Fabricio Voznika
7e82550bf7
Add github bug template
...
PiperOrigin-RevId: 195382309
Change-Id: I3e50206d137bb15c0532282ffbc3508aa5ddeb28
2018-05-04 01:24:23 -07:00
Fabricio Voznika
3ea6805e54
Add common docker error when version is wrong
...
Also updated gofer image with more accurate boundaries.
PiperOrigin-RevId: 195373809
Change-Id: Id91f31fedf33db43a20bd678c1ca7d19287e85ff
2018-05-03 23:27:22 -07:00
Fabricio Voznika
c186ebb62a
Return error when child exits early
...
PiperOrigin-RevId: 195365050
Change-Id: I8754dc7a3fc2975d422cae453762a455478a8e6a
2018-05-03 21:09:31 -07:00
Ian Gudger
58235b1840
Clean up control message strace logging
...
PiperOrigin-RevId: 195329972
Change-Id: I42f7d8800e6692c45ffa9683741f8de89f9a69bb
2018-05-03 16:26:23 -07:00
Nicolas Lacasse
6488f40aa3
Python 3.0 is now supported.
...
Also document that linux is required.
Updates #8
PiperOrigin-RevId: 195317016
Change-Id: I4c0305a26339f03772001b56e7a0ac4b39a4352a
2018-05-03 15:04:46 -07:00
Eric Chiang
1a59625a66
Readme: fix JSON formatting
...
PiperOrigin-RevId: 195310218
Change-Id: I1d5a6d2bc3bb72c505ad25427d285afbc26f59a0
2018-05-03 14:21:04 -07:00
Cyrille Hemidy
04b79137ba
Fix misspellings.
...
PiperOrigin-RevId: 195307689
Change-Id: I499f19af49875a43214797d63376f20ae788d2f4
2018-05-03 14:06:13 -07:00
Tobias Klauser
5c8db0a818
CONTRIBUTING.md: fix golang.org/x/sys/unix package name
...
This should be org_golang_x_sys instead of com_golang_x_sys
PiperOrigin-RevId: 195305212
Change-Id: I970a7edbcc871ccd4fcec184b1702fbd15b68e20
2018-05-03 13:52:06 -07:00
Christopher Koch
18ebda3476
Include Gold linker in requirements.
...
Updates #26 .
PiperOrigin-RevId: 195303940
Change-Id: I833cee55b5df6196ed90c1f8987c3c9c07204678
2018-05-03 13:44:05 -07:00
Christopher Koch
9739b8c21c
Don't prematurely remove MountSource from parent's children.
...
Otherwise, mounts that fail to be unmounted (EBUSY) will be removed
from the children list anyway.
At this point, this just affects /proc/pid/mounts and /proc/pid/mountinfo.
PiperOrigin-RevId: 195267588
Change-Id: I79114483d73b90f9a7d764a7d513b5b2f251182e
2018-05-03 10:00:24 -07:00
Sergiusz Bazanski
9c665c4c24
Make check_vdso compatible with Python 2 and 3
...
This makes gVisor build with `python` set to Python 3.
Fixes #8
PiperOrigin-RevId: 195216683
Change-Id: I1c8b86ad91a0844f7c3c85839d53f3fcba10813e
2018-05-03 01:40:57 -07:00