The test is flaky in cooperative S/R mode because TCP timers are not restored
across a S/R. This can cause the TCPLinger2 timer to not fire. This change
disables S/R before setting the TCP_LINGER2 timeout.
PiperOrigin-RevId: 304430536
A socket mount where anonymous sockets will reside is added to the
VirtualFilesystem. Socketfs is built on top of kernfs.
Updates #1476, #1478, #1484, #1485.
PiperOrigin-RevId: 304095251
This feature will match UID and GID of the packet creator, for locally
generated packets. This match is only valid in the OUTPUT and POSTROUTING
chains. Forwarded packets do not have any socket associated with them.
Packets from kernel threads do have a socket, but usually no owner.
It's possible to execute the command that checks user's
$HOME dir before the user is created. Move the code that
creates the user inside exec so it can be serialized.
PiperOrigin-RevId: 302986184
- Fix definitions of Futex* wrappers.
- Correctly handle glibc syscall() (which returns -1 and sets errno instead of
returning the raw syscall return value).
- De-parameterize FutexWaitBitset, which was apparently intended to test with
deadlines of between 0 and 100000 nanoseconds after the Unix epoch, but was
broken due to the preceding two issues.
- Use wall time to measure the durations of tests that are expected to block
(and thus stop accumulating CPU time).
- Require 5s for all tests to improve robustness in the presence of sentry GC.
- Remove FutexContend and FutexContendDeadline; it's unclear what these are
supposed to measure, given that (1) FutexLock is unrealistically inefficient
and (2) the benchmark rewards slow scheduling (since this reduces
contention).
PiperOrigin-RevId: 302925246
In cl/302130790, we started using a temp directory which is provided by bazel.
By default, a test process has enough permissions to open it, but there is not
any guarantee that it still will be able to do this after changing credentials.
PiperOrigin-RevId: 302702337
The root mount is not shared by default, but all other mounts are shared.
So if we create the /tmp mount, this means that we run tests on a shared mount
even if tests run without the --shared option.
PiperOrigin-RevId: 302130790
- When setting up the virtual filesystem, mount a host.filesystem to contain
all files that need to be imported.
- Make read/preadv syscalls to the host in cases where preadv2 may not be
supported yet (likewise for writing).
- Make save/restore functions in kernel/kernel.go return early if vfs2 is
enabled.
PiperOrigin-RevId: 300922353
When the sandbox runs in attached more, e.g. runsc do, runsc run, the
sandbox lifetime is controlled by the parent process. This wasn't working
in all cases because PR_GET_PDEATHSIG doesn't propagate through execve
when the process changes uid/gid. So it was getting dropped when the
sandbox execve's to change to user nobody.
PiperOrigin-RevId: 300601247
Fixed flakes (tested via --runs_per_test=100) and added skips for
not-yet-implemented features. Once submitted, the iptables tests will be
ready to enable in kokoro.
Without this change, the assembly code of this test compiled without
optimizations:
mov -0x150(%rbp),%rax
movl $0x77777777,(%rax)
lea -0x128(%rbp),%rax
with optimizations:
movl $0x77777777,0x0
This code doesn't work properly, because the test changes rax in the segv
handler.
PiperOrigin-RevId: 299896117
Adds an oom_score_adj and oom_score proc file stub. oom_score_adj accepts
writes of values -1000 to 1000 and persists the value with the task. New tasks
inherit the parent's oom_score_adj.
oom_score is a read-only stub that always returns the value '0'.
Issue #202
PiperOrigin-RevId: 299245355
The benchmark_filter options accepts regex-s, but
the gtest-filter option accepts shell-like wildcards.
Fixes#2034
Signed-off-by: Andrei Vagin <avagin@gmail.com>
The error was introduced in the merge of PR #1471.
Some codes are missing when adding bazel select_arch
command to the test/syscall/linux/BUILD file.
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Change-Id: I8cae3f4ae78c2e14671f3ac6e7361dc2806d9305
Dean Deng
Bhasker Hariharan
Eyal Soha
Nayana Bidari
gVisor bot
Kevin Krakauer
Fabricio Voznika
Jamie Liu
Andrei Vagin
Ian Lewis
Haibo Xu
Ting-Yu Wang
Andrei Vagin
Adin Scannell
Bin Lu