- 12 May, 2018 25 commits
-
-
Christian Brauner authored
This is already done in do_lxcapi_start{l}() so a) no need to do it again here and b) this would close the state socket pair sockets, corrup the fd, and lead to EBADF. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Tycho Andersen authored
The problem here is that lxc-init runs *inside* the container. So if a person has the log file set to /home/$USER/foo, lxc-init ends up making a directory /home/$USER/foo inside the container to put the log file in. What we really want are the logs to be propagated from inside the container to the outside. We accomplish this by passing an fd without O_CLOEXEC, and telling lxc-init to log to that file. Signed-off-by:Tycho Andersen <tycho@tycho.ws>
-
Christian Brauner authored
Use after free Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
There's no need to do string comparisons. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
If they aren't available fallback to BSD flock()s. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Argument cannot be negative Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Unchecked return value Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Resource leak Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Resource leak Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Unchecked return value Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Time of check time of use Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Unchecked return value Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Unused value Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Logically dead code Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
- 29 Apr, 2018 7 commits
-
-
Serj Kalichev authored
Add inline setns() function to tool_utils.h. Without it tool_utils.c can't be build when HAVE_SETNS is unset. Signed-off-by:Serj Kalichev <serj.kalichev@gmail.com>
-
LiFeng authored
Signed-off-by:LiFeng <lifeng68@huawei.com>
-
LiFeng authored
Signed-off-by:LiFeng <lifeng68@huawei.com>
-
Daniel Selifonov authored
Signed-off-by:Daniel Selifonov <ds@thyth.com>
-
Jonathan Calmels authored
Fixes: #2277 Signed-off-by:Jonathan Calmels <jcalmels@nvidia.com>
-
Thomas Petazzoni authored
lxc_monitor.c uses offsetof(), so it should include <stddef.h>. Otherwise the build fails with the musl C library: tools/lxc_monitor.c: In function ‘lxc_abstract_unix_connect’: tools/lxc_monitor.c:324:9: warning: implicit declaration of function ‘offsetof’ [-Wimplicit-function-declaration] offsetof(struct sockaddr_un, sun_path) + len + 1); ^~~~~~~~ tools/lxc_monitor.c:324:18: error: expected expression before ‘struct’ offsetof(struct sockaddr_un, sun_path) + len + 1); ^~~~~~ Signed-off-by:Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-
Kaarle Ritvanen authored
Always use 022 as the umask when creating the rootfs directory and executing the template. A too loose umask may cause security issues. A too strict umask may cause programs to fail inside the container. Signed-off-by:Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
-
- 20 Apr, 2018 8 commits
-
-
Felix Abecassis authored
Signed-off-by:Felix Abecassis <fabecassis@nvidia.com>
-
Christian Brauner authored
LXC generates and loads the seccomp-bpf filter in the host/container which spawn the new container. In other words, userspace N is responsible for generating and loading the seccomp-bpf filter which restricts userspace N + 1. Assume 64bit kernel and 32bit userspace running a 64bit container. In this case the 32-bit x86 userspace is used to create a seccomp-bpf filter for a 64-bit userspace. Unless one explicitly adds the 64-bit ABI to the libseccomp filter, or adjusts the default behavior for "BAD_ARCH", *all* 64-bit x86 syscalls will be blocked. Signed-off-by:
Christian Brauner <christian.brauner@ubuntu.com> Suggested-by:
Paul Moore <paul@paul-moore.com>
-
Christian Brauner authored
Rename "compat_ctx" to "contexts" and "compat_arch" to "architectures". Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Closes #2280. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
This commit deals with different kernel and userspace layouts and nesting. Here are three examples: 1. 64bit kernel and 64bit userspace running 32bit containers 2. 64bit kernel and 32bit userspace running 64bit containers 3. 64bit kernel and 64bit userspace running 32bit containers running 64bit containers Two things to lookout for: 1. The compat arch that is detected might have already been present in the main context. So check that it actually hasn't been and only then add it. 2. The contexts don't need merging if the architectures are the same and also can't be. With these changes I can run all crazy/weird combinations with proper seccomp isolation. Closes #654. Link: https://bugs.chromium.org/p/chromium/issues/detail?id=832366Reported-by:
Chirantan Ekbote <chirantan@chromium.org> Reported-by:
Sonny Rao <sonnyrao@chromium.org> Signed-off-by:
Christian Brauner <christian.brauner@ubuntu.com>
-