Skip to content
Container Runtime Sandbox
Branch: master
Clone or download
prattmic and shentubot Forward named pipe creation to the gofer
The backing 9p server must allow named pipe creation, which the runsc
fsgofer currently does not.

There are small changes to the overlay here. GetFile may block when
opening a named pipe, which can cause a deadlock:

1. open(O_RDONLY) -> copyMu.Lock() -> GetFile()
2. open(O_WRONLY) -> copyMu.Lock() -> Deadlock

A named pipe usable for writing must already be on the upper filesystem,
but we are still taking copyMu for write when checking for upper. That
can be changed to a read lock to fix the common case.

However, a named pipe on the lower filesystem would still deadlock in
open(O_WRONLY) when it tries to actually perform copy up (which would
simply return EINVAL). Move the copy up type check before taking copyMu
for write to avoid this.

p9 must be modified, as it was incorrectly removing the file mode when
sending messages on the wire.

PiperOrigin-RevId: 249154033
Change-Id: Id6637130e567b03758130eb6c7cdbc976384b7d6
Latest commit 80cc2c7 May 21, 2019


What is gVisor?

gVisor is a user-space kernel, written in Go, that implements a substantial portion of the Linux system surface. It includes an Open Container Initiative (OCI) runtime called runsc that provides an isolation boundary between the application and the host kernel. The runsc runtime integrates with Docker and Kubernetes, making it simple to run sandboxed containers.

Why does gVisor exist?

Containers are not a sandbox. While containers have revolutionized how we develop, package, and deploy applications, running untrusted or potentially malicious code without additional isolation is not a good idea. The efficiency and performance gains from using a single, shared kernel also mean that container escape is possible with a single vulnerability.

gVisor is a user-space kernel for containers. It limits the host kernel surface accessible to the application while still giving the application access to all the features it expects. Unlike most kernels, gVisor does not assume or require a fixed set of physical resources; instead, it leverages existing host kernel functionality and runs as a normal user-space process. In other words, gVisor implements Linux by way of Linux.

gVisor should not be confused with technologies and tools to harden containers against external threats, provide additional integrity checks, or limit the scope of access for a service. One should always be careful about what data is made available to a container.


User documentation and technical architecture, including quick start guides, can be found at

Installing from source


gVisor currently requires x86_64 Linux to build, though support for other architectures may become available in the future.


Make sure the following dependencies are installed:

Getting the source

Clone the repository:

git clone gvisor
cd gvisor


Build and install the runsc binary:

bazel build runsc
sudo cp ./bazel-bin/runsc/linux_amd64_pure_stripped/runsc /usr/local/bin

If you don't want to install bazel on your system, you can build runsc in a Docker container:

make runsc
sudo cp ./bazel-bin/runsc/linux_amd64_pure_stripped/runsc /usr/local/bin


The test suite can be run with Bazel:

bazel test ...

or in a Docker container:

make unit-tests
make tests

Using remote execution

If you have a Remote Build Execution environment, you can use it to speed up build and test cycles.

You must authenticate with the project first:

gcloud auth application-default login --no-launch-browser

Then invoke bazel with the following flags:


You can also add those flags to your local ~/.bazelrc to avoid needing to specify them each time on the command line.

Community & Governance

The governance model is documented in our community repository.

The gvisor-users mailing list and gvisor-dev mailing list are good starting points for questions and discussion.


Sensitive security-related questions, comments and disclosures can be sent to the gvisor-security mailing list. The full security disclosure policy is defined in the community repository.



You can’t perform that action at this time.