mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-02 18:56:26 +00:00

Author	SHA1	Message	Date
Christian Brauner	cc6119a033	network: add netns_getifaddrs() implementation This commit introduces my concept of a network namespace aware getifaddrs(), i.e. netns_getifaddrs(). This presupposes a kernel that carries my IF{L}A_TARGET_NETNSID patches: struct netns_ifaddrs { struct netns_ifaddrs ifa_next; / Can - but shouldn't be - NULL. / char ifa_name; /* This field is not present struct ifaddrs. / int ifa_ifindex; unsigned ifa_flags; / This field is not present struct ifaddrs. / int ifa_mtu; / This field is not present struct ifaddrs. / int ifa_prefixlen; struct sockaddr ifa_addr; struct sockaddr ifa_netmask; union { struct sockaddr ifu_broadaddr; struct sockaddr ifu_dstaddr; } ifa_ifu; / If you don't know what this is for don't touch it. / void ifa_data; }; which is a superset of struct ifaddrs. It contains additional information such as the mtu, ifindex of the interface and the prefix length of the address. Note that the field ordering is different. So don't get any ideas of using memcpy() to copy from an old struct ifaddrs into a struct netns_ifaddrs. int netns_getifaddrs(struct netns_ifaddrs *ifap, __s32 netns_id, bool netnsid_aware) takes a network namespace identifier as argument which identifies the target network namespace. If successfull, i.e. netns_getifaddrs() returns 0, callers should check the bool netnsid_aware return argument. If it is true then RTM_GET{ADDR,LINK} requests are fully netnsid aware. If it is false then they are not and the information returned in struct netns_ifaddrs does not* contain correct information about the target network namespace identified by netnsid. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 21:19:35 +02:00
Stéphane Graber	7e270c97f1	Merge pull request #2639 from brauner/2018-09-23/compiler_based_hardening compiler: compiler based hardening	2018-09-23 20:43:56 +02:00
Stéphane Graber	e854e63b8b	Merge pull request #2642 from brauner/2018-09-23/android compiler: __attribute__((noreturn)) on bionic	2018-09-23 20:43:46 +02:00
Christian Brauner	246736be38	autotools: support -Wstrict-prototypes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 20:22:41 +02:00
Christian Brauner	6ce39620fd	autotools: support -Wcast-align Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 20:22:41 +02:00
Christian Brauner	534aaf45d2	compiler: __attribute__((noreturn)) on bionic Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 20:16:12 +02:00
Stéphane Graber	e006ecbc9d	Merge pull request #2637 from brauner/2018-09-22/bugfixes macro: add STRLITERALLEN() and STRARRAYLEN()	2018-09-23 19:31:05 +02:00
Stéphane Graber	854d13e22e	Merge pull request #2641 from brauner/2018-09-23/cgroup_scoping_fixes cgfsng: copy parent's cpu settings for monitor too	2018-09-23 19:30:21 +02:00
Christian Brauner	f83903274e	cgfsng: copy parent's cpu settings for monitor too Closes https://github.com/lxc/lxd/issues/5060. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 16:26:31 +02:00
Christian Brauner	6333c91505	tree-wide: replace sizeof() with SIZEOF2STRLEN() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 12:56:13 +02:00
Christian Brauner	36dee4a2b6	macro: add STRLITERALLEN() and STRARRAYLEN() sizeof() implementation for string literals and string arrays that makes it behave like strlen() for strings. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 12:56:13 +02:00
Christian Brauner	b857f4be4f	cgfsng: s/__cgfsng_ops__/__cgfsng_ops/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 12:37:43 +02:00
Christian Brauner	181a780fb6	compiler: s/__noreturn__/__noreturn/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 12:37:42 +02:00
Christian Brauner	cab25bd54d	compiler: s/__fallthrough__/__fallthrough/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-23 12:37:41 +02:00
Stéphane Graber	3c97aeb8f0	Merge pull request #2636 from brauner/2018-09-21/fix_implicit_fallthrough autotools: fix check for -Wimplicit-fallthrough	2018-09-23 01:04:51 +02:00
Christian Brauner	62f2b7448d	Merge pull request #2627 from 2xsec/bugfix conf: realpath() uses null as second parameter to prevent buffer overflow	2018-09-22 11:36:16 +02:00
Christian Brauner	23b44c365e	autotools: fix wrong AX_CHECK_COMPILE_FLAG test Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 23:45:33 +02:00
Serge Hallyn	ea0f0c849a	Merge pull request #2606 from brauner/2018-09-09/cgroup_escape cgroups: scoping for cgroup v2	2018-09-21 09:54:25 -05:00
Christian Brauner	d28779d94c	cgfsng: add missing __cgfsng_ops__ attributes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:52:25 +02:00
Christian Brauner	2d172fc734	tests: adapt cgroup tests to new layout Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:52:25 +02:00
Christian Brauner	eeef32bbda	cgfsng: cgfsng_monitor_enter() brauner@wittgenstein\|~ > sudo systemctl status lxc@c1 ● lxc@c1.service - LXC Container: c1 Loaded: loaded (/lib/systemd/system/lxc@.service; disabled; vendor preset: enabled) Active: active (running) since Tue 2018-09-11 10:42:22 CEST; 38s ago Docs: man:lxc-start man:lxc Process: 29855 ExecStart=/usr/bin/lxc-start -n c1 -p /run/lxc/c1.pid (code=exited, status=0/SUCCESS) Tasks: 18 (limit: 4915) Memory: 32.1M CGroup: /system.slice/system-lxc.slice/lxc@c1.service ├─lxc.monitor │ └─c1 │ └─29870 [lxc monitor] /var/lib/lxc c1 └─lxc.payload └─c1 ├─init.scope │ └─29878 /sbin/init └─system.slice ├─console-getty.service │ └─30028 /sbin/agetty -o -p -- \u --noclear --keep-baud console 115200,38400,9600 linux ├─cron.service │ └─30019 /usr/sbin/cron -f ├─dbus.service │ └─30020 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only ├─networkd-dispatcher.service │ └─30016 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers ├─rsyslog.service │ └─30017 /usr/sbin/rsyslogd -n ├─system-container\x2dgetty.slice │ ├─container-getty@0.service │ │ └─30027 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/0 115200,38400,9600 vt220 │ ├─container-getty@1.service │ │ └─30030 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/1 115200,38400,9600 vt220 │ ├─container-getty@2.service │ │ └─30026 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/2 115200,38400,9600 vt220 │ └─container-getty@3.service │ └─30029 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/3 115200,38400,9600 vt220 ├─systemd-journald.service │ └─29976 /lib/systemd/systemd-journald ├─systemd-logind.service │ └─30018 /lib/systemd/systemd-logind ├─systemd-networkd.service │ └─29996 /lib/systemd/systemd-networkd ├─systemd-resolved.service │ └─30014 /lib/systemd/systemd-resolved └─systemd-udevd.service └─29986 /lib/systemd/systemd-udevd Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:52:25 +02:00
Christian Brauner	634ab5ed7d	cgroups: add monitor_enter() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:52:25 +02:00
Christian Brauner	72068e7470	cgfsng: add cgfsng_monitor_create() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:52:25 +02:00
Christian Brauner	6439f06e78	cgroups: add monitor_create() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:52:25 +02:00
Christian Brauner	e09b62f943	cgroups: add monitor_full_path member Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:47:04 +02:00
Christian Brauner	d39e9d8b04	cgroups: add monitor_cgroup member Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:47:04 +02:00
Christian Brauner	bb221ad14f	cgroups: s/base_cgroup/container_base_path/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:47:04 +02:00
Christian Brauner	c72d45f71f	cgroups: add missing string.h include Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:47:04 +02:00
Christian Brauner	eb6971363b	cgroups: s/fullcgpath/container_full_path/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:47:03 +02:00
Christian Brauner	292b3910d5	cgroups: switch to lxc.payload as default pattern Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:47:03 +02:00
Christian Brauner	e8b181f525	cgroup: rename container specific cgroup functions Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 16:47:01 +02:00
Stéphane Graber	e52f28afad	Merge pull request #2635 from brauner/2018-09-21/Wimplicit-fallthrough autotools: add -Wimplicit-fallthrough	2018-09-21 15:54:32 +02:00
Stéphane Graber	7c887243d3	Merge pull request #2630 from brauner/2018-09-20/remove_locking api_extensions: introduce lxc_has_api_extension()	2018-09-21 15:50:35 +02:00
Christian Brauner	cf0fd972be	autotools: add -Wimplicit-fallthrough Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 15:24:14 +02:00
Christian Brauner	aafa5f96f6	api_extensions: introduce lxc_has_api_extension() This is modeled after LXD's API extension checks. This allows API users to query the given LXC instance whether a given API extension is supported. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 15:17:15 +02:00
Stéphane Graber	ef92a78a1f	Merge pull request #2633 from brauner/2018-09-21/cgfsng_ops_attribute cgfsng: mark ops with __cgfsng_ops__ attribute	2018-09-21 15:13:16 +02:00
Stéphane Graber	053f8fb685	Merge pull request #2634 from brauner/2018-09-21/cgroup_relative confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g	2018-09-21 15:13:03 +02:00
Stéphane Graber	0854924119	Merge pull request #2607 from brauner/2018-09-11/sysfs_mixed conf: remove extra MS_BIND with sysfs:mixed	2018-09-21 13:46:00 +02:00
Christian Brauner	fb55e00900	cgfsng: mark ops with __cgfsng_ops__ attribute Helps to easily tell the cgfsng ops functions from helpers. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 13:45:46 +02:00
Christian Brauner	9caee129cd	confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 13:44:53 +02:00
Stéphane Graber	e430137c18	Merge pull request #2608 from brauner/2018-09-11/netns_get_nsid network: add lxc_netns_get_nsid()	2018-09-21 13:44:34 +02:00
Stéphane Graber	2339fce523	Merge pull request #2631 from brauner/2018-09-20/rename_backgrounded start: s/backgrounded/daemonize/g	2018-09-21 13:36:57 +02:00
Christian Brauner	bb955810ef	start: s/backgrounded/daemonize/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-21 12:52:32 +02:00
2xsec	74e7b66219	conf: realpath() uses null as second parameter to prevent buffer overflow Signed-off-by: 2xsec <dh48.jeong@samsung.com>	2018-09-21 11:09:54 +09:00
Cameron Nemo	b19c5d1237	apparmor: account for specified rootfs path (closes #2617 ) Signed-off-by: Cameron Nemo <camerontnorman@gmail.com>	2018-09-20 15:56:05 -07:00
Stéphane Graber	2eea260752	Merge pull request #2626 from brauner/2018-09-20/remove_locking lxccontainer: remove cgroup locking	2018-09-21 00:11:43 +02:00
Christian Brauner	152508ba09	lxccontainer: remove locks from get_cgroup_item() The on-disk config file is not altered and the in-memory config isn't altered so no need for locking. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-20 22:42:55 +02:00
Christian Brauner	03095169ca	lxccontainer: remove locks from set_cgroup_item() The on-disk config file is not altered and the in-memory config isn't altered so no need for locking. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-20 22:41:45 +02:00
Christian Brauner	7fc5ee66fe	Merge pull request #2624 from 2xsec/bugfix af_unix: add function to remove duplicated codes for set sockaddr	2018-09-20 21:55:08 +02:00
2xsec	c62fb5e023	af_unix: add function to remove duplicated codes for set sockaddr Signed-off-by: 2xsec <dh48.jeong@samsung.com>	2018-09-19 20:38:16 +09:00

... 2 3 4 5 6 ...

7872 Commits