Comparing changes
Open a pull request
- 13 commits
- 91 files changed
- 8 contributors
Commits on Feb 19, 2025
-
shim: add support for containerd v2 metrics
Add support for v2 containerd metrics in the shim, v2 metrics are only used when runsc is run with --system-cgroup=true. Containerd requires v2 metrics when the host is run with CGroupsV2. This issue was noticed when attempting to gather metrics on AL2023 which defaults to CGroupsV2. Fixes: #11472 Signed-off-by: Champ-Goblem <cameron@northflank.com>
Commits on Feb 25, 2025
-
Merge pull request #11473 from Champ-Goblem:shim-add-cgroup-v2-metric…
…s-support PiperOrigin-RevId: 730560110
Commits on Feb 28, 2025
-
Fix Go workflow with permissions needed to write to PR statuses.
PiperOrigin-RevId: 732128622
-
test: add syscall_test() perf argument
PiperOrigin-RevId: 732194076
Commits on Mar 1, 2025
-
test/runner: do not emit --gtest_filter=main.test
PiperOrigin-RevId: 732286578
-
test/runner: ignore warnings about rlimits being lower than recommended
PiperOrigin-RevId: 732302179
-
gofer: fix ref drop when racily-unlinked synthetic file is invalidated
PiperOrigin-RevId: 732340885
Commits on Mar 3, 2025
-
Fix restore with pending exec session
Exec'd processes cannot be stitched back to the original caller and are killed after restore. So ignore failures to restore host FDs (generally stdio) that belong to them. Fixes #11439 PiperOrigin-RevId: 732972054
-
Update gVisor's containerd quick start.
Adding ctr instructions for an easier verification. PiperOrigin-RevId: 733017114
-
goferfs: Add S/R support for open FDs to deleted files.
This support is only needed when the gofer mount in question is writable. By default, the rootfs has an overlayfs applied, so the gofer lower layer is not writabled. But if you are using --overlay2=none, then this change should allow you to save sandbox with open FDs to deleted files in rootfs. Updates #11425 PiperOrigin-RevId: 733021267
Commits on Mar 4, 2025
-
kvm: enable CPUID faulting on all VCPUs
This feature is controlled by an MSR; MSRs are per-CPU. The Intel SDM doesn't document CPUID faulting, at least as of the Dec 2024 revision; despite the deleted comment in ring0/kernel_amd64.go, there is no Vol. 3 Table 2-43, and every table in Vol. 4 ("Model-Specific Registers") lists bit 31 in MSR_PLATFORM_INFO as "reserved". The only documentation seems to be that cited by Linux's e9ea1e7f53b85 ("x86/arch_prctl: Add ARCH_[GET|SET]_CPUID"): "Intel Virtualization Technology FlexMigration Application Note" 323850-004, 2012. This document positions CPUID faulting as an alternative way to support cross-CPU migration for VMs that don't use VMX; consequently it does not clarify if CPUID faulting is effective in guest ("VMX non-root") mode, or if the CPUID VM exit takes precedence. If the former is the case then CPUID faulting is probably faster than setting app CPUID with KVM_SET_CPUID2, and vice versa. But regardless, this is much simpler. PiperOrigin-RevId: 733113944 -
urpc: Add logging for requests and responses.
This helps debugging `runsc` issues involving RPC overload, and helps connect multiple `runsc` invocations' logs to their corresponding handling in the Sentry. PiperOrigin-RevId: 733123936
-
Fix spec validation for entrypoint.
The OCI spec has entrypoint as the first argument in specs.Process.Args. During testing, we observed inconsistencies in entrypoint resolution: it was resolved during checkpoint but not during restore (or vice versa), leading to spec validation failures. This CL corrects this by comparing the absolute paths of entrypoints in spec validation. PiperOrigin-RevId: 733200146
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff release-20250224.0...release-20250304.0