]> git.proxmox.com Git - mirror_lxc.git/search
projects / mirror_lxc.git / search
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
conf: restrict open for lxc_mount_rootfs()
2021-02-03 Christian Braunerconf: restrict open for lxc_mount_rootfs()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: fd-only operations in lxc_setup_dev_symlinks()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: harden open in lxc_fill_autodev()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: restrict open of dev/
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerconf: remove unnecessary syscall
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerrexec: mark all fds as close-on-exec if possible
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunersyscalls: add close_range()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunerrexec: check lseek() return value
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-03 Christian Braunertests: check for NULL in device_add_remove
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: improve parameter vetting
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunertests: support pure unified cgroup layouts in cgpath...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunertest: add logging to device_add_remove
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfreezer: remove lxc_cmd_freeze() and lxc_cmd_unfreeze...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercommands: use __cgroup_unfreeze() directly
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: export __cgroup_unfreeze() for use in commands
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: use lxc_cmd_get_limiting_cgroup2_fd()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercommands: add missing lxc_cmd_get_limiting_cgroup2_fd...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgpath: add logging
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: explicitly close seccomp notifier fd
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: switch back to returning ints
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: check for ENOCGROUP2 explicitly
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: return ENOCGROUP2 from cgroup_attach()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: stricter argument vetting for cgroup_attach()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: move down cgroup_attach()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use correct error checks
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: vet parameters
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: remove unused conf argument
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: rewind() file before polling again
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use cgroup_freeze() and cgroup_unfreeze()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfreezer: make methods return bool
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add cgroup_freeze() and cgroup_unfreeze()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfreezer: use lxc_cmd_notify_state_listeners()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercommands_utils: add lcx_cmd_notify_state_listeners()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: annotate cgroup_get()/cgroup_set()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: move functions after methods
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use cgroup_set()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use correct variable ordering
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add croup_set()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: reorder cgroup_get() arguments
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerlxccontainer: use cgroup_get()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add cgroup_get()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfile_utils: add lxc_read_try_buf_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunermacro: abuse ENOMEDIUM as ENOCGROUP2
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: switch controller delegation to fd-only operations
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunercgroups: add unified_cgroup_fd() helper
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfile_utils: harden lxc_writeat()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerfile_utils: harden lxc_open_dirfd()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunersyscall_wrappers: add PROTECT_OPEN_W_* variants
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunermemory_utils: add close_prot_errno_mov()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: move loading seccomp as late as possible
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: move file descriptor closing into attach_context_con...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-02 Christian Braunerattach: stricter lookup semantics for fdopen_at() calls
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerconfile_utils: use lxc_log_trace()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerconf: use lxc_log_trace()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunercommands_utils: don't leak memory
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: use correct put method
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: prevent UAF
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: file descriptor based fdinfo handling
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerfile_utils: remove O_NOFOLLOW from open_at() defaults
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerlsm: harden read_file_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunertree-wide: extend read_file_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: harden open calls
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunersyscall_wrappers: add PROTECT_LOOKUP, PROTECT_OPEN...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerfile_utils: add open_at()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunercgroups: initialize variable
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunercgroups: remove pointless NULL checks
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: stash host uid and host gid in attach_context
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: fix error checking for dup2()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: fix logging for stdfd replacement
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: log failues to dup2() with SYSDEBUG()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerutils: use SYSTRACE() when logging stdio permission...
...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: document attach_context
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: simplify opening of /proc/self
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: move uid and gid handling to get_attach_context()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: initialize init_pid field to -ESRCH
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerattach: unifiy /proc/<init-pid>/status parsing
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-02-01 Christian Braunerfile_utils: add fdopenat()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-31 Christian Braunerlsm/apparmor: cleanup apparmor_process_label_set()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-31 Christian Braunerattach: hardening through use of pidfds
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-31 Christian Braunerattach: file descriptors based LSM handling
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-31 Christian Braunercgroups: align methods
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: use PTR_TO_U64()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunerattach: don't needless check for NULL
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunerlog: add lxc_log_trace() helper
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: use bpf log when logging at trace level
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunerseccomp: use lxc_log_get_level()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunerlog: rework lxc_log_get_level()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: use cleanup macro for consistency
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: vet parameters more strictly
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunerseccomp: use lxc_log_get_fd()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunerlog: add lxc_log_get_fd()
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunerlog: remove pointless inline
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: tweak cgroup initialization
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: use zalloc
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: ensure all memory is zeroed
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: don't initiliaze NULL log
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: coding style fixes
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercroups: improve __do_bpf_program_free
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-30 Christian Braunercgroups: bpf fixes
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
2021-01-29 Christian Braunerattach: init file descriptors to -EBADF
 ...off-by: Christian Brauner <christian.brauner@ubuntu.com>
 commit | commitdiff | tree
next
LXC mirror