netbird/gvisor
0
0
Fork 0
mirror of https://github.com/netbirdio/gvisor.git synced 2026-05-22 17:12:49 -07:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 3ff24b4f2c Require AF_UNIX sockets from the gofer Michael Pratt 2018-09-28 11:02:11 -07:00
  • c17ea8c6e2 Block for link address resolution Sepehr Raissian 2018-09-28 10:59:21 -07:00
  • cf226d48ce Switch to root in userns when CAP_SYS_CHROOT is also missing Fabricio Voznika 2018-09-28 09:43:13 -07:00
  • 6779bd1187 Merge Loader.containerRootTGs and execProcess into a single map Fabricio Voznika 2018-09-27 23:54:13 -07:00
  • 1166c088fc Move common test code to function Fabricio Voznika 2018-09-27 22:52:25 -07:00
  • b709d23987 Forward ioctl(TCSETSF) calls on host ttys to the host kernel. Nicolas Lacasse 2018-09-27 18:15:07 -07:00
  • 491faac03b Implement 'runsc kill --all' Fabricio Voznika 2018-09-27 15:00:03 -07:00
  • 68ac2ad1e1 netstack: make go:linkname work for all architectures Anton Gyllenberg 2018-09-27 12:51:18 -07:00
  • 234f36b6f2 sentry: export cpuTime function. Zhaozhong Ni 2018-09-27 10:41:28 -07:00
  • b514ab0589 Refactor 'runsc boot' to take container ID as argument Fabricio Voznika 2018-09-27 10:25:19 -07:00
  • 6910ff3643 Move uds_test_app to common test_app Fabricio Voznika 2018-09-27 08:57:32 -07:00
  • fca9a390db Return correct parent PID Fabricio Voznika 2018-09-26 21:58:54 -07:00
  • a003e041c8 runsc: fix pid file race condition in exec detach mode. Lantao Liu 2018-09-26 17:40:01 -07:00
  • 539df2940d Use the ICMP target address in responses Tamir Duberstein 2018-09-26 12:39:32 -07:00
  • bee264f0c5 Export ipv6 address helpers Tamir Duberstein 2018-09-26 09:48:29 -07:00
  • d489336784 runsc: All non-root bind mounts should be shared. Nicolas Lacasse 2018-09-24 17:21:16 -07:00
  • 4094480b28 Remove unnecessary defer Ian Gudger 2018-09-21 18:13:38 -07:00
  • 7ce13ebcad Run gofmt -s on everything Ian Gudger 2018-09-21 14:05:46 -07:00
  • 4634cd66ad Extend tcpip.Address.String to ipv6 addresses Tamir Duberstein 2018-09-21 13:57:24 -07:00
  • d260e808f4 The "action" in container.Signal should be "signal". Nicolas Lacasse 2018-09-21 13:53:32 -07:00
  • 95f30ef67b Deflake TestSimpleReceive Tamir Duberstein 2018-09-21 12:32:20 -07:00
  • 7fa57ee579 Export read-only tcpip.Subnet.Mask Tamir Duberstein 2018-09-21 12:06:27 -07:00
  • b4321f4447 runsc: Synchronize container metadata changes with a file lock. Nicolas Lacasse 2018-09-21 11:40:50 -07:00
  • b63c4bfe02 Set Sandbox.Chroot so it gets cleaned up upon destruction Fabricio Voznika 2018-09-20 18:53:02 -07:00
  • 8a938a3f9d runsc: allow runsc wait on a container for multiple times. Lantao Liu 2018-09-20 16:58:36 -07:00
  • cbaec4d614 Wait for all async fs operations to complete before returning from Destroy. Nicolas Lacasse 2018-09-20 14:36:38 -07:00
  • 9464b82a06 runsc: Fix a bug that runsc wait doesn't work after container exits. Lantao Liu 2018-09-20 11:21:59 -07:00
  • ffb5fdd690 runsc: Fix stdin/stdout/stderr in multi-container mode. Kevin Krakauer 2018-09-19 22:19:10 -07:00
  • 915d76aa92 Add container.Destroy urpc method. Nicolas Lacasse 2018-09-19 18:52:53 -07:00
  • b873e388f3 Update gocapability commit to get bug fix Fabricio Voznika 2018-09-19 18:16:18 -07:00
  • 639226c3d9 runsc: Mark container_test flaky. Kevin Krakauer 2018-09-19 18:02:30 -07:00
  • 117ac8bc5b Fix data race on tcp.endpoint.hardError in tcp.(*endpoint).Read Ian Gudger 2018-09-19 17:48:24 -07:00
  • e395273301 Fix sandbox and gofer capabilities Fabricio Voznika 2018-09-19 17:14:20 -07:00
  • 2ad3228cd0 runsc: Don't create __runsc_containers__ unless we are in multi-container mode. Nicolas Lacasse 2018-09-19 16:09:50 -07:00
  • 2e497de2d9 Pass local link address to DeliverNetworkPacket Bert Muthalaly 2018-09-19 13:42:55 -07:00
  • f0a92b6b67 Add docker command line args support for --cpuset-cpus and --cpus Lingfu 2018-09-19 13:34:28 -07:00
  • bd12e95247 Fix RTT estimation when timestamp option is enabled. Bhasker Hariharan 2018-09-19 09:58:10 -07:00
  • 8aec7473a1 Added state machine checks for Container.Status Fabricio Voznika 2018-09-18 19:11:49 -07:00
  • fd222d62ed Short-circuit Readdir calls on overlay files when the dirent is frozen. Nicolas Lacasse 2018-09-18 15:41:13 -07:00
  • 7967d8ecd5 Handle children processes better in tests Fabricio Voznika 2018-09-18 15:20:19 -07:00
  • dd05c96d99 Increase state test timeout Michael Pratt 2018-09-18 14:37:29 -07:00
  • 7e00f37054 Automated rollback of changelist 213307171 Kevin Krakauer 2018-09-18 13:21:13 -07:00
  • ed08597d12 Allow for MSG_CTRUNC in input flags for recv. Brian Geffon 2018-09-18 11:13:27 -07:00
  • da20559137 Provide better message when memfd_create fails with ENOSYS Fabricio Voznika 2018-09-18 02:08:11 -07:00
  • 5d9816be41 Remove memory usage static init Fabricio Voznika 2018-09-17 21:33:51 -07:00
  • 26b08e182c Rename container in test Fabricio Voznika 2018-09-17 21:17:31 -07:00
  • d6409b6564 Prevent TCP connect from picking bound ports Tamir Duberstein 2018-09-17 20:42:48 -07:00
  • bb88c187c5 runsc: Enable waiting on exited processes. Kevin Krakauer 2018-09-17 16:24:05 -07:00
  • ab6fa44588 Allow kernel.(*Task).Block to accept an extract only channel Ian Gudger 2018-09-17 13:35:00 -07:00
  • a452971630 Add empty .s file to allow //go:linkname Tamir Duberstein 2018-09-17 13:05:57 -07:00
  • 23258ca284 Implement packet forwarding to enable NAT Tamir Duberstein 2018-09-17 13:04:38 -07:00
  • d639c3d61b Allow NULL data in mount(2) Michael Pratt 2018-09-17 12:15:35 -07:00
  • 25add7b22b runsc: Fix stdin/out/err in multi-container mode. Kevin Krakauer 2018-09-17 11:30:16 -07:00
  • de5a590ee2 Avoid reuse of pending SignalInfo objects newmanwang 2018-09-14 17:38:16 -07:00
  • 75c66f871b Remove buffer.Prependable.UsedBytes Tamir Duberstein 2018-09-14 16:38:45 -07:00
  • 3aa50f18a4 Reuse readlink parameter, add sockaddr max. Michael Pratt 2018-09-14 15:58:56 -07:00
  • d7a05b4e63 Pass buffer.Prependable by value Tamir Duberstein 2018-09-14 15:22:42 -07:00
  • b84bfa570d Make gVisor hard link check match Linux's. Nicolas Lacasse 2018-09-14 12:28:43 -07:00
  • 0380bcb3a4 Fix interaction between rt_sigtimedwait and ignored signals. Jamie Liu 2018-09-14 11:09:41 -07:00
  • faa34a0738 platform/kvm: Get max vcpu number dynamically by ioctl Chenggang 2018-09-13 21:46:03 -07:00
  • 29a7271f5d Plumb monotonic time to netstack Ian Gudger 2018-09-13 19:11:12 -07:00
  • bde2a91433 runsc: Support container signal/wait. Lantao Liu 2018-09-13 16:36:53 -07:00
  • adf8f33970 Extend memory usage events to report mapped memory usage. Rahat Mahmood 2018-09-13 15:15:33 -07:00
  • 9c6b38e295 Format struct itimerspec Michael Pratt 2018-09-13 14:06:34 -07:00
  • e2d79480f5 initArgs must hold a reference on the Root if it is not nil. Nicolas Lacasse 2018-09-13 09:49:17 -07:00
  • d689f8422f Always pass buffer.VectorisedView by value Tamir Duberstein 2018-09-12 21:57:04 -07:00
  • 5adb3468d4 Add multicast support Tamir Duberstein 2018-09-12 20:38:27 -07:00
  • 9dec7a3db9 compressio: stop worker-pool reference / dependency loop. Zhaozhong Ni 2018-09-12 17:23:56 -07:00
  • 2eff1fdd06 runsc: Add exec flag that specifies where to save the sandbox-internal pid. Kevin Krakauer 2018-09-12 15:22:24 -07:00
  • 0efde2bfbd Remove getdents from filters Michael Pratt 2018-09-12 10:50:22 -07:00
  • cbf3980464 Prevent UDP sockets from binding to bound ports Tamir Duberstein 2018-09-12 09:37:57 -07:00
  • b4aed01bf2 Rollback of changelist 212483372 Michael Pratt 2018-09-11 17:53:48 -07:00
  • 6cc9b311af platform: Pass device fd into platform constructor. Nicolas Lacasse 2018-09-11 13:08:36 -07:00
  • c44bc6612f Allow fstatat back in syscall filters Fabricio Voznika 2018-09-11 11:04:06 -07:00
  • a29c39aa62 Map committed chunks concurrently in FileMem.LoadFrom. Jamie Liu 2018-09-10 15:22:44 -07:00
  • 7e9e6745ca Allow '/dev/zero' to be mapped with unaligned length Fabricio Voznika 2018-09-10 13:23:49 -07:00
  • da9ecb748c Simplify some code in VectorisedView#ToView. Bert Muthalaly 2018-09-10 13:02:43 -07:00
  • e198f9ab02 runsc: Chmod all mounted files to 777 inside chroot. Nicolas Lacasse 2018-09-10 09:59:03 -07:00
  • 0c0c942327 Automated rollback of changelist 212059579 Nicolas Lacasse 2018-09-07 18:22:22 -07:00
  • 7045828a31 Update cleanup TODO Michael Pratt 2018-09-07 18:13:50 -07:00
  • 922d8c3c8c Automated rollback of changelist 211992321 Nicolas Lacasse 2018-09-07 17:55:04 -07:00
  • 9751b800a6 runsc: Support multi-container exec. Nicolas Lacasse 2018-09-07 17:38:34 -07:00
  • cf5006ff24 Disable test until we figure out what's broken Fabricio Voznika 2018-09-07 16:59:33 -07:00
  • 172860a059 Add 'Starting gVisor...' message to syslog Fabricio Voznika 2018-09-07 16:58:19 -07:00
  • 6cfb5cd56d Add additional sanity checks for walk. Adin Scannell 2018-09-07 16:52:02 -07:00
  • 8ce3fbf9f8 Only start signal forwarding after init process is created Fabricio Voznika 2018-09-07 13:38:12 -07:00
  • bc81f3fe4a Remove '--file-access=direct' option Fabricio Voznika 2018-09-07 12:27:44 -07:00
  • f895cb4d8b Use root abstract socket namespace for exec Fabricio Voznika 2018-09-07 10:44:50 -07:00
  • 169e2efc5a Continue handling signals after disabling forwarding Michael Pratt 2018-09-07 10:27:19 -07:00
  • 210c252089 runsc: Run sandbox process inside minimal chroot. Nicolas Lacasse 2018-09-07 10:15:34 -07:00
  • 590d832099 runsc: Dup debug log file to stderr, so sentry panics don't get lost. Nicolas Lacasse 2018-09-07 10:04:11 -07:00
  • 6516b5648b createProcessArgs.RootFromContext should return process Root if it exists. Nicolas Lacasse 2018-09-06 13:46:45 -07:00
  • 4f3053cb4e runsc: do not delete in paused state. Lantao Liu 2018-09-06 11:04:58 -07:00
  • efac28976c Enable network for multi-container Fabricio Voznika 2018-09-06 10:58:58 -07:00
  • d95663a6b9 runsc testing: Move TestMultiContainerSignal to multi_container_test. Kevin Krakauer 2018-09-06 10:40:53 -07:00
  • 8f0b6e7fc0 runsc: Support runsc kill multi-container. Kevin Krakauer 2018-09-05 21:13:46 -07:00
  • 156b49ca85 Fix race condition introduced in 211135505 Tamir Duberstein 2018-09-05 18:58:09 -07:00
  • 5f0002fc83 Use container's capabilities in exec Fabricio Voznika 2018-09-05 18:31:37 -07:00
  • 41b56696c4 Imported FD in exec was leaking Fabricio Voznika 2018-09-05 18:05:59 -07:00
  • 5685d6b5ad Update {LinkEndpoint,NetworkEndpoint}#WritePacket to take a VectorisedView Bert Muthalaly 2018-09-05 17:33:18 -07:00