mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-16 17:08:24 +00:00

Author	SHA1	Message	Date
Christian Brauner	5a087e056f	cgroups: don't escape if lxc.cgroup.keep is true Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Cc: Felix Abecassis <fabecassis@nvidia.com> Cc: Jonathan Calmels <jcalmels@nvidia.com>	2018-08-27 03:16:41 +02:00
Christian Brauner	bafad46888	lxccontainer: minor fixes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-08-16 00:25:15 +02:00
Christian Brauner	d1bc8d484c	lxccontainer: improve file locking Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-08-15 00:37:05 +02:00
Christian Brauner	ec74f3f859	lxccontainer: fix F_OFD_GETLK checks When we check whether an open file description lock has been taken on a file we need to set the l_pid field to 0 otherwise the kernel will send back EINVAL. Additionally, the kernel will not do pid translation and simply set the l_pid value to -1. Fixes https://discuss.linuxcontainers.org/t/container-deleted-or-stopped-when-lxc-ls-executed-concurrently/2439 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-08-14 13:00:29 +02:00
2xsec	df05fa0f04	fix thread safe issue(localtime => localtime_r) Signed-off-by: 2xsec <dh48.jeong@samsung.com>	2018-08-13 16:53:30 +09:00
Christian Brauner	3e1e9db834	lxccontainer: s/read()/lxc_read_nointr()/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-30 00:16:26 +02:00
Christian Brauner	2a2a676d04	lxccontainer: s/write()/lxc_write_nointr()/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-30 00:16:25 +02:00
Christian Brauner	0ac84f04d1	lxccontainer: s/pipe()/pipe2()/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-30 00:16:17 +02:00
Christian Brauner	9f4866a6f2	lxccontainer: cleanup do_lxcapi_get_interfaces() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-30 00:16:16 +02:00
Christian Brauner	3c1f04cdfa	lxccontainer: s/strtok_r()/lxc_iterate_parts()/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-26 16:38:42 +02:00
Liza Tretyakova	60534030e4	conf, lxccontainer: fix length checks in snprintf Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>	2018-07-22 15:35:21 +02:00
Liza Tretyakova	7a41e8578e	conf, confile, lxccontainer, start: nonfunctional changes Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>	2018-07-22 15:35:21 +02:00
Christian Brauner	1f5a90f946	lxccontainer: reword create_mount_target() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-22 15:35:21 +02:00
Christian Brauner	3340f44172	lxccontainer: do_lxcapi_mount() coding-style Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-22 15:34:06 +02:00
Liza Tretyakova	c6885c3f24	lxccontainer: add handling of file mounts Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>	2018-07-22 15:33:51 +02:00
Liza Tretyakova	d83da817b3	lxccontainer: add the umount API function Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com> [christian@brauner.io: minor coding-style changes] Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-22 15:32:42 +02:00
Liza Tretyakova	29df56cda5	lxccontainer: add container API function and structs for injecting a mount Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>	2018-07-22 15:25:16 +02:00
2xsec	a73846d893	lxccontainer: coding rules Signed-off-by: 2xsec <dh48.jeong@samsung.com>	2018-07-20 23:41:10 +09:00
Christian Brauner	ac2cecc4b8	tree-wide: remove unneeded log prefixes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-03 12:48:13 +02:00
2xsec	6d1400b572	log: change ERROR macro using sterror to SYSERROR Signed-off-by: 2xsec <dh48.jeong@samsung.com>	2018-06-26 17:27:19 +09:00
Donghwa Jeong	cbb9c7c763	secure coding: strcpy => strlcpy Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>	2018-06-18 11:30:41 +09:00
Christian Brauner	dc509bf252	coverity: #1425789 Unchecked return value from library Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-06-15 13:47:20 +02:00
Christian Brauner	02a0e184e6	coverity: #1425837 String not null terminated Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-06-15 12:53:03 +02:00
Christian Brauner	2afdc31ff3	coverity: #1425793 Unchecked return value Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-06-15 12:38:14 +02:00
Christian Brauner	71261a5c3f	coverity: #1425789 Unchecked return value from library Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-06-15 11:39:40 +02:00
Christian Brauner	4250ef64b3	coverity: #1425764 Unchecked return value Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-06-15 11:39:40 +02:00
Christian Brauner	1f080b1d66	coverity: #1425764 Unchecked return value Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-06-14 22:07:56 +02:00
Donghwa Jeong	8f55c74292	coverity: #1425747 Resource leak Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>	2018-06-11 11:24:46 +09:00
Donghwa Jeong	4b696f90fe	coverity: #1425821 Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>	2018-06-08 11:18:25 +09:00
Donghwa Jeong	951665a30e	coverity: #1425779 Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>	2018-06-08 11:12:52 +09:00
Donghwa Jeong	1b611563ca	coverity: #1425777 Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>	2018-06-08 11:11:03 +09:00
Christian Brauner	80308d07b3	start: add reboot macros Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-29 00:48:15 +02:00
Christian Brauner	573ad77fc2	utils: fix task_blocking_signal() Closes #2342. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-26 21:47:46 +02:00
Christian Brauner	923929f612	coverity: #1435805 Logically dead code Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-26 03:21:05 +02:00
Christian Brauner	a579fa51bf	coverity: #1435806 Logically dead code Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-26 03:20:36 +02:00
Christian Brauner	9dd541531f	lxccontainer: fix fd leaks when sending signals Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-25 00:00:50 +02:00
Stéphane Graber	b3365b9346	Merge pull request #2347 from brauner/2018-05-24/seccomp_cleanups seccomp: cleanup	2018-05-24 16:57:13 -04:00
Christian Brauner	eabf1ea9cd	utils: fix task_blocking_signal() sscanf() skips whitespace anyway so don't account for tabs in case the file layout changes. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-24 22:34:20 +02:00
Christian Brauner	7ad3767052	utils: add remove_trailing_newlines() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-24 13:38:08 +02:00
Stéphane Graber	cd7cf94be7	Merge pull request #2338 from brauner/2018-05-17/multi_threaded_logging log: enable per-thread container name prefix	2018-05-23 11:26:43 -04:00
Christian Brauner	c7b1705112	log: enable per-thread container name prefix When using the LXC API multi-thread and users initialize a log: struct lxc_log log; log.name = "my-log"; lxc_log_init(&log); all threads will have the same "my-log" prefix even though thy might call lxc_container_new() in separate threads. There is currently no easy way to handle per-thread container name prefixes. To handle this carry a reference to the name of the container in struct lxc_conf and if no log.name was set, use it by default. This way each thread will get the container it is currently working on as a log-prefix. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Reported-by: duguhaotian <duguhaotian@gmail.com>	2018-05-20 14:05:51 +02:00
Christian Brauner	2202afc960	cgroups: refactor cgroup handling This replaces the constructor implementation of cgroup handling with a simpler, thread-safe on-demand model of cgroup driver initialization. Making the cgroup initialization code run in a constructor means that each time the shared library gets mapped the cgroup parsing code gets run. That's unnecessary overhead. It also feels to me that this is only accidently thread-safe because constructors are only run once. But should threads actually end up manipulating or freeing memory that is file-global to cgfsng.c we'd be screwed. Now, I might be wrong here but the cleaner implementation is to allocate a cgroup driver on demand whenever we need it. Take the chance and rework the cgroup_ops interface to make the functions it wants to have implemented a lot cleaner. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-19 22:33:34 +02:00
Christian Brauner	9de31d5a13	tree-wide: s/strncpy()/strlcpy()/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-11 13:32:01 +02:00
Christian Brauner	2b2655a8c5	coverity: #1425744 Dereference after null check userns_exec_{1,full} are called from functions that might not have a conf. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-10 20:24:49 +02:00
Christian Brauner	cef701ede3	coverity: #1435263 Use after free Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-30 12:18:23 +02:00
Christian Brauner	e62fd16fff	lxccontainer: non-functional changes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-29 16:58:06 +02:00
Christian Brauner	630ac7c61b	lxccontainer: non-functional changes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-29 16:56:58 +02:00
Christian Brauner	9640c6a767	lxccontainer: non-functional changes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-29 16:45:43 +02:00
Christian Brauner	7cea590585	lxccontainer: use thread-safe open() + write() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-29 16:42:44 +02:00
Christian Brauner	d630991d8f	lxccontainer: non-functional changes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-29 15:08:46 +02:00

1 2 3 4 5 ...

528 Commits