mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-05 15:27:31 +00:00

Author	SHA1	Message	Date
Christian Brauner	0dd2e321c2	api-extension: add missing seccomp_proxy_send_notify_fd extension Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-06 17:33:09 +02:00
Stéphane Graber	2a35d949b8	Merge pull request #3508 from brauner/2020-08-06/fixes seccomp: add seccomp_notify_fd_active api extension	2020-08-06 09:27:31 -04:00
Christian Brauner	ec49d30f57	seccomp: send notify fd as part of the message Since we haven't made this official api yet: YOLO Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-06 15:09:12 +02:00
Christian Brauner	2140576960	seccomp: add seccomp_notify_fd_active api extension which allows to retrieve an active seccomp notifier fd from a running container. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-06 14:40:13 +02:00
Stéphane Graber	05af17d749	Merge pull request #3507 from brauner/2020-08-06/fixes seccomp: don't close the mainloop, simply remove the handler	2020-08-06 08:38:06 -04:00
Christian Brauner	eb551cefed	seccomp: don't close the mainloop, simply remove the handler Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-06 14:14:10 +02:00
Stéphane Graber	c601840017	Merge pull request #3506 from brauner/2020-08-05/safe_native_terminal_allocation macro: define TIOCGPTPEER if missing	2020-08-05 15:14:28 -04:00
Christian Brauner	cfca9ccddc	conf: use openat() instead of open_tree() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-05 20:50:27 +02:00
Christian Brauner	07002a08c1	macro: define TIOCGPTPEER if missing Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-05 16:44:53 +02:00
Stéphane Graber	1f15c1c3a2	Merge pull request #3505 from brauner/2020-08-05/safe_native_terminal_allocation terminal: safely allocate pts devices from inside the container	2020-08-05 10:10:52 -04:00
Christian Brauner	f797f05e6e	terminal: safely allocate pts devices from inside the container This was a year long journey which seems to finally have come to an end. Closes: #1620. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-05 15:16:51 +02:00
Stéphane Graber	2d19c5e172	Merge pull request #3504 from brauner/2020-08-04/fixes conf: ensure that the idmap pointer itself is freed	2020-08-03 20:53:01 -04:00
Christian Brauner	7e62126388	conf: ensure that the idmap pointer itself is freed Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-04 00:05:05 +02:00
Christian Brauner	f3bbb01f8a	Merge pull request #3501 from ffontaine/master syscall: don't fail if __NR_signalfd is not defined	2020-07-28 13:25:48 +02:00
Fabrice Fontaine	3341e204dc	syscall: don't fail if __NR_signalfd is not defined lxc fails to build if __NR_signalfd is not defined since version 4.0.0 and `bed09c9cc0` However, some architectures don't define __NR_signalfd but only __NR_signalfd4. This is the case for example for nios2 or csky: `f9ac84f92f/sysdeps/unix/sysv/linux/nios2/arch-syscall.h` `f9ac84f92f/sysdeps/unix/sysv/linux/csky/arch-syscall.h` Fixes: - http://autobuild.buildroot.org/results/75096a48d2dbda57459523db3ed0952e63f93535 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>	2020-07-28 12:44:43 +02:00
Stéphane Graber	79c66a2af3	Merge pull request #3500 from brauner/2020-07-27/seccomp_notify_cleanup seccomp: add missing header	2020-07-27 12:02:48 -04:00
Christian Brauner	e4353a7fc4	seccomp: add missing header Fixes: https://launchpadlibrarian.net/490341075/buildlog_snap_ubuntu_bionic_amd64_lxd-latest-edge_BUILDING.txt.gz Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-27 17:26:42 +02:00
Stéphane Graber	64cbd48aa3	Merge pull request #3499 from brauner/2020-07-27/seccomp_notify_cleanup seccomp: remove seccomp fd from event loop after task exited	2020-07-27 08:16:30 -04:00
Christian Brauner	b2acb9dce9	seccomp: remove seccomp fd from event loop after task exited Linux v5.8 will land my patch where seccomp notifies when a filter goes unused, i.e. when the last task using a given seccomp filter has exited. This wasn't possible before and so we accumulated file descriptors in the container's event loop whenever we attached to the container. I'm not sure whether the task exiting before we could handle its syscall should cause us to report and error or not. For now, let's simply close the event loop and not report an error. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-27 10:15:20 +02:00
Stéphane Graber	aaab14d098	Merge pull request #3498 from brauner/master selinux: remove security_context_t usage as it's deprecated	2020-07-25 12:49:14 -04:00
Christian Brauner	c18de5225b	selinux: remove security_context_t usage as it's deprecated Link: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1888705 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-25 11:36:46 +02:00
Stéphane Graber	d312ef6849	Merge pull request #3497 from brauner/2020-07-23/fix_snap_compilation autotools: fix Makefile	2020-07-23 12:52:37 -04:00
Stéphane Graber	c10c8a61e6	Merge pull request #3496 from brauner/2020-07-18/mount_pid new mount api support: basics	2020-07-23 10:34:36 -04:00
Christian Brauner	7a7286393a	Makefile: fix Makefile Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:33:33 +02:00
Christian Brauner	18780b9068	log: don't break logging by hiding symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:50 +02:00
Christian Brauner	657256e0b8	attach: use new mount api Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:50 +02:00
Christian Brauner	14df702190	mount_utils: add mount_filesystem() helper that translates between the two mount apis. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:50 +02:00
Christian Brauner	7f88a1a2f6	mount_utils: add mount utils Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:50 +02:00
Christian Brauner	7f1d397bbd	syscalls: add fsmount() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:50 +02:00
Christian Brauner	9edfcaa822	syscalls: add fsconfig() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:50 +02:00
Christian Brauner	749bc40479	syscalls: add fspick() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:50 +02:00
Christian Brauner	49b21cd7d9	syscalls: add fsopen() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-23 10:20:48 +02:00
Stéphane Graber	8bdacc22a4	Merge pull request #3492 from brauner/2020-07-18/visibility_hidden tree-wide: hide unnecessary symbols	2020-07-22 14:39:53 -04:00
Stéphane Graber	07f25184e9	Merge pull request #3495 from siv0/boot_id_remount_apparmor_fix apparmor: Allow ro remount of boot_id	2020-07-22 13:05:49 -04:00
Stoiko Ivanov	3646e8acef	apparmor: Allow ro remount of boot_id The rule added in `863845075d` did not cover all necessary mount calls for /proc/sys/kernel/random/boot_id (in src/lxc/conf.c: lxc_setup_boot_id) - the ro remount is missing. Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>	2020-07-22 14:13:39 +02:00
Christian Brauner	945daa2406	start: simplify gotos Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-22 10:46:05 +02:00
Christian Brauner	59eac805a3	tree-wide: hide further unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 15:44:43 +02:00
Christian Brauner	2284f8a505	storage: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 14:01:31 +02:00
Christian Brauner	d6728cb356	arguments: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 13:45:37 +02:00
Christian Brauner	ebbde1732c	lsm: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 13:43:46 +02:00
Christian Brauner	c332ec90f0	cgroups: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 13:28:08 +02:00
Christian Brauner	78ad1eb09d	uuid: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 13:20:41 +02:00
Christian Brauner	5f1b09866f	utils: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 13:15:25 +02:00
Christian Brauner	cd6b82e44c	terminal: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 12:44:09 +02:00
Christian Brauner	bf1ca416a2	sync: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 12:37:28 +02:00
Christian Brauner	1bf5f8123e	state: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 12:30:53 +02:00
Christian Brauner	8c8cd08712	start: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-21 12:24:45 +02:00
Christian Brauner	f6fea47396	ringbuf: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-20 18:49:55 +02:00
Christian Brauner	0b07c6c162	rexec: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-20 18:46:13 +02:00
Christian Brauner	92a10958c9	process_utils: hide unnecessary symbols Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-20 18:45:02 +02:00

1 2 3 4 5 ...

9454 Commits