]> git.proxmox.com Git - mirror_lxc.git/search
projects / mirror_lxc.git / search
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
tree-wide: use lxc_drop_groups() instead of lxc_setgroups(0, NULL)
2021-02-05 Christian Braunertree-wide: use lxc_drop_groups() instead of lxc_setgroups...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-05 Christian Braunerutils: add lxc_drop_groups()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunercgroups: check for correct error in __cg_unified_attach...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunertree-wide: s/dfd_root_host/dfd_host/g
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunertree-wide: s/mntpt_fd/dfd_mnt/g
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunertree-wide: s/dev_mntpt_fd/dfd_dev/g
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunersyscall_wrappers: fix PROTECT_OPEN_W macro
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunerconf: restricted fd-only lxc_fill_autodev()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunerconf: start stashing dfd to host's / during container...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunerconf: fix lxc_setup_dev_console()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunerutils: add mount_from_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunercgroups: restrict open calls in cgroup_attach_create_leaf()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunercgroups: improve error handling and logging in cgroup_attach...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunercgroups: fix argument vetting in cgroup_attach()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunerattach: fix fallback logic when attaching to cgroups
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunercgroups: switch to fd-based cgroup mounting
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunercgroups: restricted fd-only controller mountpoint creation
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-04 Christian Braunercgroups: fix cgroup mounting
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerutils: harden __safe_mount_beneath_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: refactor transient procfs mounting
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: restrict open call in lxc_mount_rootfs()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: make lxc_create_tmp_proc_mount() static
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: coding style
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerattach: attach to namespaces via pidfds
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: fd-only devtps setup
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: fd-only pivot root
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: restrict open for lxc_mount_rootfs()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: fd-only operations in lxc_setup_dev_symlinks()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: harden open in lxc_fill_autodev()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: restrict open of dev/
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: remove unnecessary syscall
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerrexec: mark all fds as close-on-exec if possible
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunersyscalls: add close_range()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerrexec: check lseek() return value
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunertests: check for NULL in device_add_remove
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: improve parameter vetting
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunertests: support pure unified cgroup layouts in cgpath...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunertest: add logging to device_add_remove
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfreezer: remove lxc_cmd_freeze() and lxc_cmd_unfreeze...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercommands: use __cgroup_unfreeze() directly
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: export __cgroup_unfreeze() for use in commands
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: use lxc_cmd_get_limiting_cgroup2_fd()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercommands: add missing lxc_cmd_get_limiting_cgroup2_fd...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgpath: add logging
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: explicitly close seccomp notifier fd
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: switch back to returning ints
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: check for ENOCGROUP2 explicitly
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: return ENOCGROUP2 from cgroup_attach()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: stricter argument vetting for cgroup_attach()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: move down cgroup_attach()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use correct error checks
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: vet parameters
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: remove unused conf argument
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: rewind() file before polling again
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use cgroup_freeze() and cgroup_unfreeze()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfreezer: make methods return bool
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add cgroup_freeze() and cgroup_unfreeze()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfreezer: use lxc_cmd_notify_state_listeners()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercommands_utils: add lcx_cmd_notify_state_listeners()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: annotate cgroup_get()/cgroup_set()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: move functions after methods
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use cgroup_set()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use correct variable ordering
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add croup_set()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: reorder cgroup_get() arguments
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use cgroup_get()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add cgroup_get()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfile_utils: add lxc_read_try_buf_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunermacro: abuse ENOMEDIUM as ENOCGROUP2
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: switch controller delegation to fd-only operations
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add unified_cgroup_fd() helper
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfile_utils: harden lxc_writeat()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfile_utils: harden lxc_open_dirfd()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunersyscall_wrappers: add PROTECT_OPEN_W_* variants
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunermemory_utils: add close_prot_errno_mov()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: move loading seccomp as late as possible
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: move file descriptor closing into attach_context_con...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: stricter lookup semantics for fdopen_at() calls
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerconfile_utils: use lxc_log_trace()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerconf: use lxc_log_trace()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunercommands_utils: don't leak memory
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: use correct put method
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: prevent UAF
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: file descriptor based fdinfo handling
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerfile_utils: remove O_NOFOLLOW from open_at() defaults
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerlsm: harden read_file_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunertree-wide: extend read_file_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: harden open calls
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunersyscall_wrappers: add PROTECT_LOOKUP, PROTECT_OPEN...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerfile_utils: add open_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunercgroups: initialize variable
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunercgroups: remove pointless NULL checks
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: stash host uid and host gid in attach_context
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: fix error checking for dup2()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: fix logging for stdfd replacement
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: log failues to dup2() with SYSDEBUG()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerutils: use SYSTRACE() when logging stdio permission...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: document attach_context
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: simplify opening of /proc/self
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: move uid and gid handling to get_attach_context()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
next
LXC mirror