]>
2021-02-02 | Christian Brauner | cgroups: remove unused conf argument Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: rewind() file before polling again Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | lxccontainer: use cgroup_freeze() and cgroup_unfreeze() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | freezer: make methods return bool Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: add cgroup_freeze() and cgroup_unfreeze() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | freezer: use lxc_cmd_notify_state_listeners() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | commands_utils: add lcx_cmd_notify_state_listeners() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: annotate cgroup_get()/cgroup_set() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: move functions after methods Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | lxccontainer: use cgroup_set() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | lxccontainer: use correct variable ordering Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: add croup_set() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: reorder cgroup_get() arguments Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | lxccontainer: use cgroup_get() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: add cgroup_get() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | file_utils: add lxc_read_try_buf_at() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | macro: abuse ENOMEDIUM as ENOCGROUP2 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: switch controller delegation to fd-only operations Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | cgroups: add unified_cgroup_fd() helper Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | file_utils: harden lxc_writeat() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | file_utils: harden lxc_open_dirfd() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | syscall_wrappers: add PROTECT_OPEN_W_* variants Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | memory_utils: add close_prot_errno_mov() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | attach: move loading seccomp as late as possible Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | attach: move file descriptor closing into attach_context_con... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-02 | Christian Brauner | attach: stricter lookup semantics for fdopen_at() calls Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | confile_utils: use lxc_log_trace() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | conf: use lxc_log_trace() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | commands_utils: don't leak memory Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: use correct put method Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: prevent UAF Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: file descriptor based fdinfo handling Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | file_utils: remove O_NOFOLLOW from open_at() defaults Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | lsm: harden read_file_at() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | tree-wide: extend read_file_at() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: harden open calls Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | syscall_wrappers: add PROTECT_LOOKUP, PROTECT_OPEN... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | file_utils: add open_at() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | cgroups: initialize variable Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | cgroups: remove pointless NULL checks Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: stash host uid and host gid in attach_context Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: fix error checking for dup2() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: fix logging for stdfd replacement Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: log failues to dup2() with SYSDEBUG() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | utils: use SYSTRACE() when logging stdio permission... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: document attach_context Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: simplify opening of /proc/self Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: move uid and gid handling to get_attach_context() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: initialize init_pid field to -ESRCH Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | attach: unifiy /proc/<init-pid>/status parsing Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-02-01 | Christian Brauner | file_utils: add fdopenat() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-31 | Christian Brauner | lsm/apparmor: cleanup apparmor_process_label_set() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-31 | Christian Brauner | attach: hardening through use of pidfds Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-31 | Christian Brauner | attach: file descriptors based LSM handling Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-31 | Christian Brauner | cgroups: align methods Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: use PTR_TO_U64() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | attach: don't needless check for NULL Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | log: add lxc_log_trace() helper Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: use bpf log when logging at trace level Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | seccomp: use lxc_log_get_level() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | log: rework lxc_log_get_level() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: use cleanup macro for consistency Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: vet parameters more strictly Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | seccomp: use lxc_log_get_fd() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | log: add lxc_log_get_fd() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | log: remove pointless inline Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: tweak cgroup initialization Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: use zalloc Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: ensure all memory is zeroed Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: don't initiliaze NULL log Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: coding style fixes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | croups: improve __do_bpf_program_free Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-30 | Christian Brauner | cgroups: bpf fixes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: init file descriptors to -EBADF Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: move to file descriptor only namespace interactions Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: move to file descriptor-only interactions Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: rework attaching to namespace fds Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: remove unneeded assignment Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: use STDIN_FILENO instead of hard-coding 0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: move new_cwd into tighter scope Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: use dummy macros to make it easier to follow... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: introduce sync_wait_fd() and sync_wake_fd() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | sync: make all sync helpers return bool Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: introduce sync_wait_pid() and sync_wake_pid() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: use sync_wait()/sync_wake() where applicable Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | sync: rename startup synchronization macros Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | sync: export sync_wait() and sync_wake() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: coding style fixes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: rename attach_clone_payload to attach_payload Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: move attach_clone_payload into tighter scope Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: s/close/close_prot_errno_disarm/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | configure: fix static builds with clang-12 and LTO Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: move getcwd() into tighter scope Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: remove obsolete namespace check Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | attach: fix personality handling Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-29 | Christian Brauner | lsm: s/lsm_init/lsm_init_static/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-28 | Christian Brauner | attach: s/lxc_attach_drop_privs/drop_capabilities/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-28 | Christian Brauner | attach: s/lxc_proc_close_ns_fd/close_nsfds/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-28 | Christian Brauner | attach: add get_attach_context_nsfds() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
2021-01-28 | Christian Brauner | attach: move config init into get_attach_context() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> |
commit | commitdiff | tree |
next |