This test fails on arm64:
ERROR: vdso/BUILD:12:8: Executing genrule //vdso:vdso failed: (Exit 1):
bash failed: error executing command /bin/bash -c ...
Use --sandbox_debug to see verbose messages from the sandbox
gcc: error: unrecognized command line option '-m64'
Target //runsc:runsc failed to build
PiperOrigin-RevId: 449398920
On COS, buildkite agents are running inside docker containers and so
we can't modify a docker config and restart a docker daemon.
PiperOrigin-RevId: 449063929
Aside from saving resources, this is also a workaround for the case where
timers are bound after the netstack is initialized.
Updates #7338.
PiperOrigin-RevId: 448509194
Previously, we created vCPUs on demand, and so taking an unused vCPU from the
pool was expensive. Now, we pre-create all vCPUs at the start, so it makes
sense to use them all to reduce contention.
PiperOrigin-RevId: 448382485
Previously, this was a lock order violation, as mm.metadataMutex ->
mm.mappingRWMutex -> kernel.taskSetRWMutex is required when forking
the task image, and ptrace aquired kernel.taskSetRWMutex ->
mm.metadataMutex to check dumpability.
Ptrace doesn't require a critical section around the use of the
dumpability value.
PiperOrigin-RevId: 448360804
Adding test case to check empty size parsing in Linux.
If a value is not passed with size the mount(2) should return EINVAL.
Handling empty size parsing in gVisor.
PiperOrigin-RevId: 448132149
I followed the following procedure to generate this change:
- Query the runtime test image to see if the excluded test even exists. Many
tests were removed from upstream because they were broken or superseded by
another test. No point in excluding them now, so removed all these entries
from the exclude file.
- Run the remaining tests with runc. If the test fails with runc (natively)
then we can consider the test "broken". Such tests do not signal a
compatibility gap in gVisor. Marked such tests with `Broken test`.
- Run the non-broken tests with runsc (gVisor). If they are now passing, remove
them from the exclude list. This effectively increases our testing surface.
More importantly, these tests were once failing with gVisor. Now they pass.
Something was fixed in between. These tests now act as regression tests for
the fix.
- Some tests were marked flaky. Before removing them from the exclude list, we
need to ensure that they really don't flake. I ran some of these flaky tests
100 times to test for flakiness and only removed them if they passed 100
times. But maybe some test has a flake rate <1%. Or some flaky tests were not
marked flaky. So we might end up re-enabling flaky tests. This may cause
pain. We will need to investigate into such tests when this happens.
PiperOrigin-RevId: 448073470
It isn't required and can have side effects. For example, the current endpoint
can be in an SCM message that is queued to the connected endpoint.
PiperOrigin-RevId: 447906621
Golang wrapped errors are lost when they go through gRPC. Every
error returned from `task.TaskService` interface should be
translated using `errdefs.ToGRPC`.
Fixes#7504
PiperOrigin-RevId: 447863123
The trace commands allows a user to manipulate trace sessions.
`runsc trace create <name> --config <file>` => creates a new trace session
`runsc trace delete <name>` => deletes an existing trace session
`runsc trace list` => lists all running trace sessions
`runsc trace metadata` => lists all point with their respective optional and
context fields
This allows trace sessions to be created/deleted on a running sandbox. Note
that the system currently only allows a single trace session to exist, named
'Default'. Attempts to manipulate other sessions will error out.
Updates #4805
PiperOrigin-RevId: 447815153
Before this change, this test fixture expected it to be enabled already
instead of updating the config.
The Teardown method also restore the initial configuration, so that
these tests do not permanently change the config of the machines that
run the tests.
PiperOrigin-RevId: 447814273
These functions used to allocate even when iptables were disabled. Prevent that
from happening again.
Update to also use gVisor's sync package, as we were using the standard one.
PiperOrigin-RevId: 447812920
Calls to IPTables.Check* functions were allocating on every single call, even
when IPTables were disabled. Changing from a method pointer to a function
pointer is enough to let the compiler know that nothing escapes and no
allocations are necessary.
PiperOrigin-RevId: 447792280
It is already listed earlier in the command line.
Ordinarily I wouldn't make a change for something this small, but I'm
going to use this change as a means to dip my toes with the BuildKite
build pipeline.
PiperOrigin-RevId: 447618014
When the init task is specifically placed into some initial cgroup,
sandbox users expect to be able to create cgroupfs dirs as the app
uid/gid.
Previously we default the synthetic directories for the initial cgroup
to 0555, which disallows arbitrary users from creating children.
Add a way to specify the ownership and permissions for the initial
cgroup, and sandbox uses can use these to make the initial cgroup dir
writable by the init task's user.
PiperOrigin-RevId: 447614804
When enabled with `AllowUDS`, unix domain sockets can be created in the sandbox
and bound on the host filesystem. The application can listen() and accept() on
these sockets as usual. Accept'ed sockets will be donated to the sandbox,
similar to how connect'ed sockets work.
In order to make notifications like poll work, the gofer donates the host-bound
socket FD to the sandbox, but the seccomp filters will (correctly) prevent the
sandbox from calling listen and accept directly on that FD. Instead, listen and
accept calls must go through the gofer. The donated host FD can should only be
used to poll for new incoming connectins.
Note that I changed the order of some of the Lisa RPCs in order to group Bind
with the existing similar Connect method. This changes the RPC numbers in a
backwards-incompatible way, but since nobody is using Lisa yet we are OK. It's
better to make these cleanup changes now before we have users and are locked
in.
PiperOrigin-RevId: 447236441
The use of protobuf.Any is convenient, but adds to proto serialization
time and number of memory allocations required to send a message.
Instead, we now use an enum to indentify the message and use it to
determine how to unmarshall the message on the receiveing end. It
also speeds up event consuption by not requiring a map from string
(proto names) to callbacks.
BenchmarkProtoAny-6 115.9 ns/op 210 B/op 4 allocs/op
BenchmarkProtoEnum-6 58.3 ns/op 2 B/op 1 allocs/op
Updates #4805
PiperOrigin-RevId: 446879057
This is the first set of changes to allow multiple containers in a sandbox.
- Changes to allow kernel.Start() without any tasks.
- New control message to StartContainer() in root namespaces.
- Added new function StartSandbox() to keep the existing behavior separate from
when the multi-containers is enabled.
- Test to verify the new control message with one container.
PiperOrigin-RevId: 446792577
Previously, SO_SNDBUF was effectively a no-op. The stack should make
sure that only SO_SNDBUF bytes are ever in-flight for any given
socket/endpoint.
Fuchsia Bug: https://fxbug.dev/99070
PiperOrigin-RevId: 446792223
The purpose of this change is twofold:
1. Simplify AddInstalledRoute by returning a PacketBuffer slice instead of a
PendingRoute. This obviates PendingRoute.Dequeue and PendingRoute.IsEmpty.
2. Address PacketBuffer lifetime issues. With this change, the routing table
will call PacketBuffer.Clone() if it decides to enqueue the packet. When
AddInstalledRoute is called, the caller will then assume ownership of the
relevant packets and is expected to call PacketBuffer.DecRef() after
forwarding.
Updates #7338.
PiperOrigin-RevId: 446740297
The test needs to wait for CreateEndpoint to return before
cleaning up the stack, otherwise if the netstack is slow to
process the final ACK to the handshake the active side of the
connection can race ahead to the end and start tearing down the
stack.
This results in CreateEndpoint failing with a connection
aborted error.
PiperOrigin-RevId: 446515200
Andrei Vagin
Ayush Ranjan
Konstantin Bogomolov
Ghanan Gowripalan
Fabricio Voznika
Nate Hurley
gVisor bot
Rahat Mahmood
Adin Scannell
Shambhavi Srivastava
Kevin Krakauer
Etienne Perot
Arthur Sfez
Lucas Manning
Nicolas Lacasse
Nayana Bidari
Jamie Liu
Bhasker Hariharan