delta/go-git.git/src/syscall, branch dev.debug github.com: golang/go syscall: update check for UserNS support for centos 7 2017-07-17T18:18:08+00:00 Jess Frazelle me@jessfraz.com 2017-07-17T17:51:37+00:00 0d482b382481734b430621c08cad58e20faf8aa8 Fixes #20796 Fixes #16283 Change-Id: Ib11992fbd2bc1fbb3b14ae5a6bf0da2e4c12f641 Reviewed-on: https://go-review.googlesource.com/49311 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
Fixes #20796
Fixes #16283

Change-Id: Ib11992fbd2bc1fbb3b14ae5a6bf0da2e4c12f641
Reviewed-on: https://go-review.googlesource.com/49311
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
syscall: skip TestUnshare on Linux upon permission error 2017-07-14T21:05:21+00:00 Brad Fitzpatrick bradfitz@golang.org 2017-07-14T19:02:05+00:00 121d076679a376ef5549c858195c5a8357cba36e Fixes #17206 Change-Id: Id0ebc3a55ea1c5f52608decffee04c8398a8774b Reviewed-on: https://go-review.googlesource.com/48571 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> 
Fixes #17206

Change-Id: Id0ebc3a55ea1c5f52608decffee04c8398a8774b
Reviewed-on: https://go-review.googlesource.com/48571
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
syscall: use correct go binary in test 2017-07-12T23:39:39+00:00 Brad Fitzpatrick bradfitz@golang.org 2017-07-12T21:31:30+00:00 75f1de8329e8c0873d24397c29de31cf8f08ede5 Usually this test is skipped (on builders and when not root), so people are unlikely to see this error. Updates #19296 Change-Id: I3acb81260034dad8776c305f83d7cbac4b718e75 Reviewed-on: https://go-review.googlesource.com/48191 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> 
Usually this test is skipped (on builders and when not root), so
people are unlikely to see this error.

Updates #19296

Change-Id: I3acb81260034dad8776c305f83d7cbac4b718e75
Reviewed-on: https://go-review.googlesource.com/48191
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
syscall: add AmbientCaps to linux SysProcAttr 2017-06-28T22:59:47+00:00 Michael Stapelberg stapelberg@google.com 2017-05-17T09:05:32+00:00 8aee0b8b32c103da416369ebd16e2c07ad99badf Fixes #19713 Change-Id: Id1ca61b35bca2a4bea23dd64c7fb001a3a14fd88 Reviewed-on: https://go-review.googlesource.com/43512 Reviewed-by: Ian Lance Taylor <iant@golang.org> 
Fixes #19713

Change-Id: Id1ca61b35bca2a4bea23dd64c7fb001a3a14fd88
Reviewed-on: https://go-review.googlesource.com/43512
Reviewed-by: Ian Lance Taylor <iant@golang.org>
syscall: fix Exec on solaris 2017-06-28T19:02:05+00:00 Shawn Walker-Salas shawn.walker@oracle.com 2017-06-28T17:58:44+00:00 2d1bd1fe9d2c08ecc2ba710fe80e226e80db966f The test added for issue #18146 exposed a long-existing bug in the Solaris port; notably, that syscall.Exec uses RawSyscall -- which is not actually functional for the Solaris port (intentionally) and only exists as a placebo to satisfy build requirements. Call syscall.execve instead for Solaris. Fixes #20832 Change-Id: I327d863f4bbbbbb6e5ecf66b82152c4030825d09 Reviewed-on: https://go-review.googlesource.com/47032 Run-TryBot: Shawn Walker-Salas <shawn.walker@oracle.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 
The test added for issue #18146 exposed a long-existing bug in the
Solaris port; notably, that syscall.Exec uses RawSyscall -- which is not
actually functional for the Solaris port (intentionally) and only exists
as a placebo to satisfy build requirements.

Call syscall.execve instead for Solaris.

Fixes #20832

Change-Id: I327d863f4bbbbbb6e5ecf66b82152c4030825d09
Reviewed-on: https://go-review.googlesource.com/47032
Run-TryBot: Shawn Walker-Salas <shawn.walker@oracle.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
runtime, syscall: workaround for bug in Linux's execve 2017-06-20T23:53:17+00:00 John R. Lenton jlenton@gmail.com 2017-05-20T16:22:36+00:00 91139b87f776a553524b022753981e7909386777 Linux's execve has (at the time of writing, and since v2.6.30) a bug when it ran concurrently with clone, in that it would fail to set up some datastructures if the thread count before and after some steps differed. This is described better and in more detail by Colin King in Launchpad¹ and kernel² bugs. When a program written in Go runtime.Exec's a setuid binary, this issue may cause the resulting process to not have the expected uid. This patch works around the issue by using a mutex to serialize exec and clone. 1. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1672819 2. https://bugzilla.kernel.org/show_bug.cgi?id=195453 Fixes #19546 Change-Id: I126e87d1d9ce3be5ea4ec9c7ffe13f92e087903d Reviewed-on: https://go-review.googlesource.com/43713 Reviewed-by: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
Linux's execve has (at the time of writing, and since v2.6.30) a bug when it ran
concurrently with clone, in that it would fail to set up some datastructures if
the thread count before and after some steps differed. This is described better
and in more detail by Colin King in Launchpad¹ and kernel² bugs. When a program
written in Go runtime.Exec's a setuid binary, this issue may cause the resulting
process to not have the expected uid. This patch works around the issue by using
a mutex to serialize exec and clone.

1. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1672819
2. https://bugzilla.kernel.org/show_bug.cgi?id=195453

Fixes #19546

Change-Id: I126e87d1d9ce3be5ea4ec9c7ffe13f92e087903d
Reviewed-on: https://go-review.googlesource.com/43713
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
syscall: mark forkAndExecInChild1 noinline 2017-06-20T21:54:19+00:00 Austin Clements austin@google.com 2017-06-20T19:59:02+00:00 87adaf4c084e0ceba6444fddaf468165e0201fa1 This certainly won't get inlined right now, but in the spirit of making this more robust, we have to disable inlining because inlining would defeat the purpose of separating forkAndExecInChild1 into a separate function. Updates #20732. Change-Id: I736c3f909cc42c5f5783740c2e19ba4827c7c2ec Reviewed-on: https://go-review.googlesource.com/46174 Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 
This certainly won't get inlined right now, but in the spirit of
making this more robust, we have to disable inlining because inlining
would defeat the purpose of separating forkAndExecInChild1 into a
separate function.

Updates #20732.

Change-Id: I736c3f909cc42c5f5783740c2e19ba4827c7c2ec
Reviewed-on: https://go-review.googlesource.com/46174
Run-TryBot: Austin Clements <austin@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
syscall: use CLONE_VFORK safely 2017-06-20T19:55:45+00:00 Austin Clements austin@google.com 2017-06-20T19:12:12+00:00 67e537541c043c701001f002bed0cda70ce72767 Currently, CLONE_VFORK is used without much regard to the stack. This is dangerous, because anything the child does to the stack is visible to the parent. For example, if the compiler were to reuse named stack slots (which it currently doesn't do), it would be easy for the child running in the same stack frame as the parent to corrupt local variables that the parent then depended on. We're not sure of anything specific going wrong in this code right now, but it is at best a ticking time bomb. CLONE_VFORK can only safely be used if we ensure the child does not execute in any of the active stack frames of the parent. This commit implements this by arranging for the parent to return immediately from the frame the child will operate in, and for the child to never return to the frame the parent will operate in. Fixes #20732. Change-Id: Iad5b4ddc2b994c082bd278bfd52ef53bd38c037f Reviewed-on: https://go-review.googlesource.com/46173 Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> 
Currently, CLONE_VFORK is used without much regard to the stack. This
is dangerous, because anything the child does to the stack is visible
to the parent. For example, if the compiler were to reuse named stack
slots (which it currently doesn't do), it would be easy for the child
running in the same stack frame as the parent to corrupt local
variables that the parent then depended on. We're not sure of anything
specific going wrong in this code right now, but it is at best a
ticking time bomb.

CLONE_VFORK can only safely be used if we ensure the child does not
execute in any of the active stack frames of the parent. This commit
implements this by arranging for the parent to return immediately from
the frame the child will operate in, and for the child to never return
to the frame the parent will operate in.

Fixes #20732.

Change-Id: Iad5b4ddc2b994c082bd278bfd52ef53bd38c037f
Reviewed-on: https://go-review.googlesource.com/46173
Run-TryBot: Austin Clements <austin@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
runtime, syscall: reset signal handlers to default in child 2017-06-14T14:00:56+00:00 Ian Lance Taylor iant@golang.org 2017-06-13T05:36:03+00:00 df0892cbf854e76fae6e875043b05c194e37f52d Block all signals during a fork. In the parent process, after the fork, restore the signal mask. In the child process, reset all currently handled signals to the default handler, and then restore the signal mask. The effect of this is that the child will be operating using the same signal regime as the program it is about to exec, as exec resets all non-ignored signals to the default, and preserves the signal mask. We do this so that in the case of a signal sent to the process group, the child process will not try to run a signal handler while in the precarious state after a fork. Fixes #18600. Change-Id: I9f39aaa3884035908d687ee323c975f349d5faaa Reviewed-on: https://go-review.googlesource.com/45471 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Austin Clements <austin@google.com> 
Block all signals during a fork. In the parent process, after the
fork, restore the signal mask. In the child process, reset all
currently handled signals to the default handler, and then restore the
signal mask.

The effect of this is that the child will be operating using the same
signal regime as the program it is about to exec, as exec resets all
non-ignored signals to the default, and preserves the signal mask.

We do this so that in the case of a signal sent to the process group,
the child process will not try to run a signal handler while in the
precarious state after a fork.

Fixes #18600.

Change-Id: I9f39aaa3884035908d687ee323c975f349d5faaa
Reviewed-on: https://go-review.googlesource.com/45471
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Austin Clements <austin@google.com>
syscall: make windows Exit call runtime.exit 2017-06-08T23:28:28+00:00 Alex Brainman alex.brainman@gmail.com 2017-06-08T05:56:53+00:00 cfae35efa582eedb83f483b52fa35cf1269c562d Both runtime.exit and syscall.Exit call Windows ExitProcess. But recently (CL 34616) runtime.exit was changed to ignore Windows CreateThread errors if ExitProcess is called. This CL adjusts syscall.Exit to do the same. Fixes #18253 (maybe) Change-Id: I6496c31b01e7c7d73b69c0b2ae33ed7fbe06736b Reviewed-on: https://go-review.googlesource.com/45115 TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Rob Pike <r@golang.org> Reviewed-by: Austin Clements <austin@google.com> 
Both runtime.exit and syscall.Exit call Windows ExitProcess.
But recently (CL 34616) runtime.exit was changed to ignore
Windows CreateThread errors if ExitProcess is called.

This CL adjusts syscall.Exit to do the same.

Fixes #18253 (maybe)

Change-Id: I6496c31b01e7c7d73b69c0b2ae33ed7fbe06736b
Reviewed-on: https://go-review.googlesource.com/45115
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Rob Pike <r@golang.org>
Reviewed-by: Austin Clements <austin@google.com>