Commits · 9752e3a9e73e712fcebee2ec697546fa7b877eec · Chen Yisong / lxc

28 Jun, 2019 2 commits
- Merge pull request #3065 from lifeng68/fix_memory_leak · 9752e3a9
  Christian Brauner authored Jun 28, 2019
```
fix memory leak in do_storage_create
```
  9752e3a9
- fix memory leak in do_storage_create · 8ea91347
  LiFeng authored Jun 27, 2019
```
Signed-off-by: LiFeng <lifeng68@huawei.com>
```
  8ea91347
27 Jun, 2019 2 commits
- Merge pull request #3063 from lifeng68/fix_memory_leak · c121b300
  Christian Brauner authored Jun 27, 2019
```
cgfsng: fix memory leak in lxc_cpumask_to_cpulist
```
  c121b300
- cgfsng: fix memory leak in lxc_cpumask_to_cpulist · 24cac6af
  LiFeng authored Jun 26, 2019
```
Signed-off-by: LiFeng <lifeng68@huawei.com>
```
  24cac6af
20 Jun, 2019 4 commits
- Merge pull request #3056 from brauner/2019-06-20/cpuset · daf6a727
  Stéphane Graber authored Jun 20, 2019
```
cgfsng: write cpuset.mems of correct ancestor
```
  daf6a727
- cgfsng: write cpuset.mems of correct ancestor · f68ea354
  Christian Brauner authored Jun 20, 2019
```
Reported-by: Free Ekanayaka <free.ekanayaka@canonical.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  f68ea354
- Merge pull request #3052 from tanyifeng/fd_leak · 23852ec4
  Christian Brauner authored Jun 20, 2019
```
parse.c: fix fd leak from memfd_create
```
  23852ec4
- parse.c: fix fd leak from memfd_create · 22c8ac96
  t00416110 authored Jun 20, 2019
```
Signed-off-by: t00416110 <tanyifeng1@huawei.com>
```
  22c8ac96
18 Jun, 2019 2 commits
- Merge pull request #3050 from hallyn/pkgconfig · 2fea2116
  Christian Brauner authored Jun 18, 2019
```
lxc.pc.in: add libs.private for static linking
```
  2fea2116
- lxc.pc.in: add libs.private for static linking · a65cce2f
  Serge Hallyn authored Jun 17, 2019
```
None of them seem to support pkg-config themselves, else we could add
them to Requires.private.
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
```
  a65cce2f
16 Jun, 2019 1 commit
- Merge pull request #3047 from Rachid-Koucha/patch-11 · 52ac245b
  Christian Brauner authored Jun 16, 2019
```
Fixed file descriptor leak for network namespace
```
  52ac245b
15 Jun, 2019 2 commits

Fixed file descriptor leak for network namespace · aa0c0e7b

authored Jun 15, 2019

In privileged mode, the container startup looses a file descriptor for "handler->nsfd[LX_NS_NET]". At line 1782, we preserve the namespaces file descriptor (in privileged mode, the network namespace is also preserved) :
	for (i = 0; i < LXC_NS_MAX; i++)
		if (handler->ns_on_clone_flags & ns_info[i].clone_flag)
			INFO("Cloned %s", ns_info[i].flag_name);

	if (!lxc_try_preserve_namespaces(handler, handler->ns_on_clone_flags, handler->pid)) {
		ERROR("Failed to preserve cloned namespaces for lxc.hook.stop");
		goto out_delete_net;
	}

Then at line 1830, we preserve one more time the network namespace :
		ret = lxc_try_preserve_ns(handler->pid, "net");
		if (ret < 0) {
			if (ret != -EOPNOTSUPP) {
				SYSERROR("Failed to preserve net namespace");
				goto out_delete_net;
			}
The latter overwrites the file descriptor already stored in handler->nsfd[LXC_NS_NET] at line 1786.

So, this fix checks that the entry is not already filled.
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>

aa0c0e7b

Merge pull request #3045 from hallyn/2019-06-13/openssl · 3d43f611
Serge Hallyn authored Jun 14, 2019
```
[RFC\ Switch from gnutls to openssl for sha1
```
3d43f611

14 Jun, 2019 3 commits

Merge pull request #3046 from brauner/lxc/master · bd6c1ff6
Stéphane Graber authored Jun 14, 2019
```
network: fix lxc_netdev_rename_by_index()
```
bd6c1ff6

network: fix lxc_netdev_rename_by_index() · 90d79629

authored Jun 14, 2019

Return an error code when the name is invalid instead of pretending that things
are fine.

Closes #3044.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

90d79629

Switch from gnutls to openssl for sha1 · fa2bb6ba

authored Jun 14, 2019

The reason for this is because openssl can be statically linked
against, gnutls cannot.
Signed-off-by: Serge Hallyn <shallyn@cisco.com>

fa2bb6ba

13 Jun, 2019 2 commits
- Merge pull request #3042 from tenforward/japanese · f00010ff
  Christian Brauner authored Jun 13, 2019
```
doc: add a note about shared ns + LSMs to Japanese doc
```
  f00010ff
- doc: add a note about shared ns + LSMs to Japanese doc · 3c452dec
  KATOH Yasufumi authored Jun 13, 2019
```
Update for commit 8de90384Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
```
  3c452dec
12 Jun, 2019 4 commits

Merge pull request #3041 from brauner/2019-06-12/seccomp_notify_fixes · 23b50e75
Stéphane Graber authored Jun 12, 2019
```
seccomp: do not set SECCOMP_FILTER_FLAG_NEW_LISTENER
```
23b50e75
Merge pull request #3040 from Rachid-Koucha/patch-11 · 29597423
Christian Brauner authored Jun 12, 2019
```
Centralize hook names
```
29597423

seccomp: do not set SECCOMP_FILTER_FLAG_NEW_LISTENER · f73adb35

authored Jun 12, 2019

Do not set SECCOMP_FILTER_FLAG_NEW_LISTENER as seccomp attribute.
Prior to libseccomp merging support for SECCOMP_RET_USER_NOTIF there was a
libseccomp specific attribute that needed to be set before
SECCOMP_RET_USER_NOTIF could be used. This has been removed.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

f73adb35

Centralize hook names · 3ea957c6

authored Jun 12, 2019

The hook string names must not be repeated in the source code to facilitate future changes
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>

3ea957c6

11 Jun, 2019 13 commits
- Merge pull request #3039 from brauner/master · 16512e0c
  Stéphane Graber authored Jun 11, 2019
```
seccomp: add ifdefine for SECCOMP_FILTER_FLAG_NEW_LISTENER
```
  16512e0c
- seccomp: add ifdefine for SECCOMP_FILTER_FLAG_NEW_LISTENER · fe02f63c
  Christian Brauner authored Jun 12, 2019
```
So that we can deal with older kernels.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  fe02f63c
- Merge pull request #3038 from brauner/master · b322965e
  Stéphane Graber authored Jun 11, 2019
```
seccomp: s/SCMP_FLTATR_NEW_LISTENER/SECCOMP_FILTER_FLAG_NEW_LISTENER/g
```
  b322965e
- seccomp: s/SCMP_FLTATR_NEW_LISTENER/SECCOMP_FILTER_FLAG_NEW_LISTENER/g · 2e5bcac3
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  2e5bcac3
- Merge pull request #3037 from brauner/master · 76b65b40
  Stéphane Graber authored Jun 11, 2019
```
seccomp: align with upstream libseccomp
```
  76b65b40
- seccomp: s/HAVE_DECL_SECCOMP_NOTIF_GET_FD/HAVE_DECL_SECCOMP_NOTIFY_FD/g · d7d2d2d9
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  d7d2d2d9
- seccomp: /sseccomp_notif_free/seccomp_notify_free/g · 99656206
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  99656206
- seccomp: s/seccomp_notif_alloc/seccomp_notify_alloc/g · 1f51fc70
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  1f51fc70
- seccomp: s/seccomp_notif_id_valid/seccomp_notify_id_valid/g · 72b101ae
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  72b101ae
- seccomp: s/seccomp_notif_send_resp/seccomp_notify_respond/g · 3c216fe2
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  3c216fe2
- seccomp: s/seccomp_notif_receive/seccomp_notify_receive/g · e3998402
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  e3998402
- seccomp: s/seccomp_notif_get_fd/seccomp_notify_fd/g · da9c8317
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  da9c8317
- seccomp: s/SCMP_ACT_USER_NOTIF/SCMP_ACT_NOTIFY/g · 02ca9d75
  Christian Brauner authored Jun 11, 2019
```
Align with upstream libseccomp.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  02ca9d75
07 Jun, 2019 1 commit
- Merge pull request #3032 from promlow/lxcbasename_fix · e9ab177d
  Christian Brauner authored Jun 07, 2019
```
proposed fix for #2892 - fix lxcbasename in lxc/lxccontainer.c
```
  e9ab177d
06 Jun, 2019 1 commit
- Merge pull request #3034 from brauner/2019-06-05/boot_id · 20a64b0b
  Stéphane Graber authored Jun 06, 2019
```
start: generate new boot id on container start
```
  20a64b0b
05 Jun, 2019 3 commits
- start: generate new boot id on container start · 20502652
  Christian Brauner authored Jun 05, 2019
```
Closes #3027.

BugLink: https://bugs.launchpad.net/bugs/1831258
Cc: Dimitri John Ledkov <xnox@ubuntu.com>
Cc: Scott Moser <smoser@ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  20502652
- proposed fix for #2892 - fix lxcbasename in lxc/lxccontainer.c · 85e02f56
  Paul Romlow authored Jun 05, 2019
```
Signed-off-by: Paul Romlow <paul@romlow.com>
```
  85e02f56
- Merge pull request #3029 from brauner/2019-06-05/fix_offline_cpus · 1d51e3de
  Stéphane Graber authored Jun 05, 2019
```
cgroups: prevent segfault
```
  1d51e3de