go
/
gvisor
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
8,556 Commits 2 Branches 96 Tags 81 MiB
Commit Graph

8556 Commits

Author SHA1 Message Date
Anton Zadvorny 734494b6f1 initialize tcp/ip stack only branch 2021-04-12 06:14:34 +03:00
gVisor bot e3461753ee Merge release-20210322.0-56-g192f20788 (automated) 2021-04-08 09:30:59 +00:00
gVisor bot 361a57231e Merge release-20210322.0-55-g0e55b5745 (automated) 2021-04-08 07:55:39 +00:00
Adin Scannell 192f20788b Add internal staging tags to //runsc and //shim binaries. 
PiperOrigin-RevId: 367328273
 2021-04-07 17:13:11 -07:00
Andrei Vagin 0e55b57452 perf/getpid: add a case when syscalls are executed via mov $XXX, %eax; syscall 
This is the most often pattern of calling system calls in real applications.

PiperOrigin-RevId: 367320048
 2021-04-07 16:25:02 -07:00
gVisor bot e22675a6f8 Merge release-20210322.0-54-ge6133abfc (automated) 2021-04-07 22:46:11 +00:00
Tamir Duberstein e6133abfca Remove flock suppression 
PiperOrigin-RevId: 367312275
 2021-04-07 15:41:17 -07:00
gVisor bot 5f79ea8aa0 Merge release-20210322.0-53-gd7fd00bad (automated) 2021-04-06 17:20:52 +00:00
Ghanan Gowripalan d7fd00bad1 Do not perform MLD for certain multicast scopes 
...as per RFC 2710 section 5 page 10.

Test: ipv6_test.TestMLDSkipProtocol
PiperOrigin-RevId: 367031126
 2021-04-06 10:15:46 -07:00
gVisor bot 5951e1a82b Merge release-20210322.0-52-gfb4c700d0 (automated) 2021-04-06 06:52:49 +00:00
Ayush Ranjan fb4c700d06 Update gofer dentry permissions only when needed. 
Without this change, we ask the gofer server to update the permissions
whenever the UID, GID or size is updated via SetStat. Consequently, we don not
generate inotify events when the permissions actually change due to SGID bit
getting cleared.

With this change, we will update the permissions only when needed and generate
inotify events.

PiperOrigin-RevId: 366946842
 2021-04-05 23:48:26 -07:00
gVisor bot 50251104a2 Merge release-20210322.0-51-g56c69fb0e (automated) 2021-04-06 04:58:10 +00:00
Mithun Iyer 56c69fb0e7 Fix listen backlog handling to be in parity with Linux 
- Change the accept queue full condition for a listening endpoint
  to only honor completed (and delivered) connections.
- Use syncookies if the number of incomplete connections is beyond
  listen backlog. This also cleans up the SynThreshold option code
  as that is no longer used with this change.
- Added a new stack option to unconditionally generate syncookies.
  Similar to sysctl -w net.ipv4.tcp_syncookies=2 on Linux.
- Enable keeping of incomplete connections beyond listen backlog.
- Drop incoming SYNs only if the accept queue is filled up.
- Drop incoming ACKs that complete handshakes when accept queue is full
- Enable the stack to accept one more connection than programmed by
  listen backlog.
- Handle backlog argument being zero, negative for listen, as Linux.
- Add syscall and packetimpact tests to reflect the changes above.
- Remove TCPConnectBacklog test which is polling for completed
  connections on the client side which is not reflective of whether
  the accept queue is filled up by the test. The modified syscall test
  in this CL addresses testing of connecting sockets.

Fixes #3153

PiperOrigin-RevId: 366935921
 2021-04-05 21:53:41 -07:00
gVisor bot 3de9e8a7a5 Merge release-20210322.0-50-g7a7fcf2db (automated) 2021-04-06 02:50:48 +00:00
Rahat Mahmood 7a7fcf2dba Report task CPU usage through the cpuacct cgroup controller. 
PiperOrigin-RevId: 366923274
 2021-04-05 19:46:26 -07:00
gVisor bot dae62b6b0a Merge release-20210322.0-49-g63340e613 (automated) 2021-04-06 00:36:13 +00:00
Chong Cai 63340e6138 Add initial verity ioctl syscall tests 
PiperOrigin-RevId: 366907152
 2021-04-05 17:31:48 -07:00
gVisor bot fe9e366220 Merge release-20210322.0-48-g661e5ae7a (automated) 2021-04-06 00:14:11 +00:00
Fabricio Voznika 661e5ae7ae Enable Checkpoint/Restore test with VFS2 
Closes #3373

PiperOrigin-RevId: 366903991
 2021-04-05 17:10:01 -07:00
gVisor bot cfcd9d8d8b Merge release-20210322.0-47-g198e0dcde (automated) 2021-04-06 00:04:34 +00:00
Fabricio Voznika 198e0dcde2 Add fsstress on tmpfs to presubmit 
Updates #5273

PiperOrigin-RevId: 366902314
 2021-04-05 17:00:25 -07:00
gVisor bot ffea7d6cbe Merge release-20210322.0-46-g88f198c2a (automated) 2021-04-05 23:10:22 +00:00
Rahat Mahmood 88f198c2a9 Allow default control values to be set for cgroupfs. 
PiperOrigin-RevId: 366891806
 2021-04-05 16:06:11 -07:00
Ayush Ranjan 2d9095c7a6 Actually don't run unlink_benchmark with TSAN. 
This benchmark currently takes > 15 minutes to run in that case.

PiperOrigin-RevId: 366891726
 2021-04-05 16:01:39 -07:00
gVisor bot af8254b215 Merge release-20210322.0-44-ge7b202364 (automated) 2021-04-05 19:42:41 +00:00
Kevin Krakauer e7b2023647 deflake semaphore test 
There's no reason to actually increment the semaphore, it just introduces the
chance of a race.

PiperOrigin-RevId: 366851795
 2021-04-05 12:37:31 -07:00
gVisor bot 9fb1436a3e Merge release-20210322.0-43-ge21a71bff (automated) 2021-04-05 19:06:01 +00:00
Chong Cai e21a71bff1 Allow user mount for verity fs 
Allow user mounting a verity fs on an existing mount by specifying mount
flags root_hash and lower_path.

PiperOrigin-RevId: 366843846
 2021-04-05 12:01:44 -07:00
Chong Cai 58afd120d3 Set Verity bit in verity_prepare cmd 
This is needed to enable Xattrs features required by verity.

PiperOrigin-RevId: 366843640
 2021-04-05 11:56:59 -07:00
gVisor bot f559eb566c Merge release-20210322.0-41-g3007ae647 (automated) 2021-04-05 18:44:00 +00:00
Fabricio Voznika 3007ae647d Fail tests when container returns non-zero status 
PiperOrigin-RevId: 366839955
 2021-04-05 11:39:53 -07:00
gVisor bot f8cb9b55f4 Merge release-20210322.0-40-g8161ed411 (automated) 2021-04-05 17:03:42 +00:00
Adin Scannell 8161ed4110 Don't run unlink_benchmark with TSAN. 
This benchmark currently takes > 15 minutes to run in that case.

PiperOrigin-RevId: 366817185
 2021-04-05 09:57:35 -07:00
gVisor bot 001577c29b Merge release-20210322.0-39-g9a8692c82 (automated) 2021-04-03 07:22:42 +00:00
Adin Scannell 9a8692c82a Remove eternal and enormous tests. 
PiperOrigin-RevId: 366573366
 2021-04-03 00:18:34 -07:00
gVisor bot 0e1d141ffc Merge release-20210322.0-38-g932c8abd0 (automated) 2021-04-03 04:15:14 +00:00
Rahat Mahmood 932c8abd0f Implement cgroupfs. 
A skeleton implementation of cgroupfs. It supports trivial cpu and
memory controllers with no support for hierarchies.

PiperOrigin-RevId: 366561126
 2021-04-02 21:10:44 -07:00
gVisor bot 3dee9c5734 Merge release-20210322.0-37-ga0c167447 (automated) 2021-04-03 03:06:39 +00:00
gVisor bot a0c1674478 Internal change. 
PiperOrigin-RevId: 366555466
 2021-04-02 20:02:26 -07:00
gVisor bot 851ddb1003 Merge release-20210322.0-36-g491b106d6 (automated) 2021-04-03 02:39:12 +00:00
Rahat Mahmood 491b106d62 Implement the runsc verity-prepare command. 
Implement a new runsc command to set up a sandbox with verityfs and
run the measure tool. This is loosely forked from the do command, and
currently requires the caller to provide the measure tool binary.

PiperOrigin-RevId: 366553769
 2021-04-02 19:34:50 -07:00
gVisor bot d70f6e164f Merge release-20210322.0-35-g1b53550e5 (automated) 2021-04-02 17:46:14 +00:00
Zach Koopmans 1b53550e55 Add vfs1 to go/runsc-benchmarks 
PiperOrigin-RevId: 366470480
 2021-04-02 10:41:23 -07:00
gVisor bot 763255046d Merge release-20210322.0-34-gcc762235c (automated) 2021-04-02 17:02:31 +00:00
gVisor bot cc762235ce Internal change. 
PiperOrigin-RevId: 366462448
 2021-04-02 09:58:19 -07:00
gVisor bot 43ba8af786 Merge release-20210322.0-33-gb2ea37401 (automated) 2021-04-01 22:50:35 +00:00
gVisor bot 5f74a16e9c Merge release-20210322.0-32-g513de4039 (automated) 2021-04-01 22:44:51 +00:00
Bhasker Hariharan b2ea37401e Internal changes 
PiperOrigin-RevId: 366344805
 2021-04-01 15:40:07 -07:00
Adin Scannell 513de4039c Remove invalid dependency. 
PiperOrigin-RevId: 366344222
 2021-04-01 15:34:56 -07:00
gVisor bot 8887dbcc1d Merge release-20210322.0-31-g6c10c772e (automated) 2021-04-01 18:28:09 +00:00