[lxc-devel] [lxc/lxc] 65b530: lxc: support CLONE_INTO_CGROUP
Christian Brauner
noreply at github.com
Sat Jul 18 11:07:06 UTC 2020
Branch: refs/heads/stable-4.0
Home: https://github.com/lxc/lxc
Commit: 65b53096c90b494eb68d17659973cecc276ef789
https://github.com/lxc/lxc/commit/65b53096c90b494eb68d17659973cecc276ef789
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/cgroups/cgroup.h
M src/lxc/process_utils.c
M src/lxc/process_utils.h
M src/lxc/start.c
M src/lxc/start.h
Log Message:
-----------
lxc: support CLONE_INTO_CGROUP
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 0e609c17896c135a882a405c4f33fa9a10051837
https://github.com/lxc/lxc/commit/0e609c17896c135a882a405c4f33fa9a10051837
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: initialize cgroup_fd
Fixes: Coverity 1465045.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 8eb14fa00c8cf316886fd3ffd7b2f24636fb25d1
https://github.com/lxc/lxc/commit/8eb14fa00c8cf316886fd3ffd7b2f24636fb25d1
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/start.h
Log Message:
-----------
start: use __aligned_u64
Closes: Coverity 1465044.
Closes: Coverity 1465046.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 3e0175ef7c3fc1b478aca4227ed6f486a8fd104a
https://github.com/lxc/lxc/commit/3e0175ef7c3fc1b478aca4227ed6f486a8fd104a
Author: Alexander Livenets <a.livenets at gmail.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
attach: set no_new_privs flag after LSM label
In `start.c:1284`, no_new_privs flag is set after LSM label is set.
Also, in `lxc.container.conf` documentation it is written that:
```
Note that PR_SET_NO_NEW_PRIVS is applied after the container has
changed into its intended AppArmor profile or SElinux context.
```
This commit fixes the behavior of `lxc_attach` by moving
`PR_SET_NO_NEW_PRIVS` set logic after LSM for the process is configured;
Closes #3393
Signed-off-by: Alexander Livenets <a.livenets at gmail.com>
Commit: 2e8b5275531d1c3cb820d4fae169ec7af4f3ae22
https://github.com/lxc/lxc/commit/2e8b5275531d1c3cb820d4fae169ec7af4f3ae22
Author: Johannes Kastl <kastl at b1-systems.de>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M templates/lxc-download.in
Log Message:
-----------
templates/lxc-download.in: fix wrong if condition (use the result of the gpg command, not the result when executing the result of the gpg command)
Signed-off-by: Johannes Kastl <kastl at b1-systems.de>
Commit: 0404298b33fb3c35dd094d93aca087c976420b6a
https://github.com/lxc/lxc/commit/0404298b33fb3c35dd094d93aca087c976420b6a
Author: Johannes Kastl <kastl at b1-systems.de>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M templates/lxc-download.in
Log Message:
-----------
templates/lxc-download.in: make shellcheck happy
Signed-off-by: Johannes Kastl <kastl at b1-systems.de>
Commit: 04f72d91687fc3c0917b07019c6d8e6abfd50c2d
https://github.com/lxc/lxc/commit/04f72d91687fc3c0917b07019c6d8e6abfd50c2d
Author: Johannes Kastl <kastl at b1-systems.de>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M templates/lxc-download.in
Log Message:
-----------
templates/lxc-download.in: use GPG option --receive-keys instead of --recv-keys
Signed-off-by: Johannes Kastl <kastl at b1-systems.de>
Commit: c27f081bd11d125a7b6bc32495d64bfc9b457041
https://github.com/lxc/lxc/commit/c27f081bd11d125a7b6bc32495d64bfc9b457041
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/cgroups/cgroup2_devices.c
M src/lxc/conf.h
Log Message:
-----------
cgroups: update terminology
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 59410099422f775ee5eb9a41c8f6baec9e7e71c6
https://github.com/lxc/lxc/commit/59410099422f775ee5eb9a41c8f6baec9e7e71c6
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cgroups/cgroup2_devices.c
Log Message:
-----------
cgroups: update terminology II
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4bc51378189aa626f585a7b3db93d5c45bc88cf4
https://github.com/lxc/lxc/commit/4bc51378189aa626f585a7b3db93d5c45bc88cf4
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M config/templates/common.conf.in
M config/templates/common.seccomp
M doc/examples/Makefile.am
M doc/examples/seccomp-v1.conf
R doc/examples/seccomp-v2-blacklist.conf
A doc/examples/seccomp-v2-denylist.conf
M doc/examples/seccomp-v2.conf
M doc/ja/lxc.container.conf.sgml.in
M doc/ko/lxc.container.conf.sgml.in
M doc/lxc.container.conf.sgml.in
M src/lxc/cgroups/cgroup2_devices.c
M src/lxc/seccomp.c
M src/lxc/string_utils.h
Log Message:
-----------
seccomp: support allowlist/denylist in profiles
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f3783d061302cbe9ef320a0ea1e72f6bbfc2b4f5
https://github.com/lxc/lxc/commit/f3783d061302cbe9ef320a0ea1e72f6bbfc2b4f5
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgroups: use empty {} to initialize struct
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 00a476d2668ed13df0b28d3d80a50a37fd874a09
https://github.com/lxc/lxc/commit/00a476d2668ed13df0b28d3d80a50a37fd874a09
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cgroups/cgroup2_devices.c
Log Message:
-----------
cgroup2_devices: fix access rule parsing
Closes: #3473.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f19295e886360b2169c3eac2bd6fe5863b613e31
https://github.com/lxc/lxc/commit/f19295e886360b2169c3eac2bd6fe5863b613e31
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M doc/api-extensions.md
M src/lxc/api_extensions.h
Log Message:
-----------
api-extensions: add seccomp_allow_deny_syntax extension
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 3b5796aa9525aeec547a7ef2196f3681adc172ad
https://github.com/lxc/lxc/commit/3b5796aa9525aeec547a7ef2196f3681adc172ad
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/cgroups/cgroup2_devices.c
Log Message:
-----------
cgroups: fix bpf device program generation
Closes: #3473.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: af5c95175e2242019d187156de4ecfb49c863351
https://github.com/lxc/lxc/commit/af5c95175e2242019d187156de4ecfb49c863351
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cgroups/cgroup2_devices.c
Log Message:
-----------
cgroups: handle empty bpf log buffer
Link: https://launchpadlibrarian.net/487274879/buildlog_ubuntu-eoan-amd64.lxc_1:4.0.3+master~20200705-1541-0ubuntu1~eoan_BUILDING.txt.gz
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 2be8b3653664c40a55c357733946dcee2b8c3dfc
https://github.com/lxc/lxc/commit/2be8b3653664c40a55c357733946dcee2b8c3dfc
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/include/openpty.c
M src/include/openpty.h
M src/lxc/attach.c
M src/lxc/commands.c
M src/lxc/commands.h
M src/lxc/conf.c
M src/lxc/lxccontainer.c
M src/lxc/lxccontainer.h
M src/lxc/start.c
M src/lxc/terminal.c
M src/lxc/terminal.h
M src/tests/console.c
Log Message:
-----------
tree-wide: s/ptmx/ptx/g
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: eed7e91793782a1444994e2de305f1eedc60b4ec
https://github.com/lxc/lxc/commit/eed7e91793782a1444994e2de305f1eedc60b4ec
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
M doc/ko/lxc.container.conf.sgml.in
M doc/lxc.container.conf.sgml.in
M src/include/openpty.c
M src/include/openpty.h
M src/lxc/attach.c
M src/lxc/conf.c
M src/lxc/criu.c
M src/lxc/start.c
M src/lxc/terminal.c
M src/lxc/terminal.h
Log Message:
-----------
tree-wide: s/pts/pty/g
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: ed6bc5f9c2c7ec45032e540f93bfa5b4d725022a
https://github.com/lxc/lxc/commit/ed6bc5f9c2c7ec45032e540f93bfa5b4d725022a
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/include/openpty.c
Log Message:
-----------
openpty: fix faulty rename
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 40d5ef1e1267505a7eca673cfaa49af301337906
https://github.com/lxc/lxc/commit/40d5ef1e1267505a7eca673cfaa49af301337906
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M configure.ac
M src/include/openpty.c
M src/include/openpty.h
M src/lxc/Makefile.am
M src/lxc/conf.c
M src/lxc/terminal.c
Log Message:
-----------
openpty: improve implementation and handling of platforms without it
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 90c94e7925411e35ef2cbe099ad72f06450d9f5e
https://github.com/lxc/lxc/commit/90c94e7925411e35ef2cbe099ad72f06450d9f5e
Author: Ruben Jenster <r.jenster at drachenfels.de>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/cmd/lxc-checkconfig.in
Log Message:
-----------
checkconfig: Show LXC version in output.
Signed-off-by: Ruben Jenster <r.jenster at drachenfels.de>
Commit: f518238a759bd55c9a01472251dc7c791759d735
https://github.com/lxc/lxc/commit/f518238a759bd55c9a01472251dc7c791759d735
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
A COPYING
Log Message:
-----------
autotools: include COPYING file
Closes: #3484.
Suggested-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4b37c92c7e80272c764a472662b4e74ab86210fd
https://github.com/lxc/lxc/commit/4b37c92c7e80272c764a472662b4e74ab86210fd
Author: Sam Boyles <sam.boyles42 at gmail.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/network.c
Log Message:
-----------
Improve efficiency of lxc_ifname_alnum_case_sensitive
To detect if a newly generated interface name is a duplicate of an existing interface lxc_ifname_alnum_case_sensitive() currently gets a list of all interfaces using netns_getifaddrs(). When the system has a small number of interfaces this works fine, however when there are thousands or tens of thousands of interfaces this quickly becomes less than optimal.
As we only need to check if an interface name exists, and do not need the detailed information about the interfaces provided by netns_getifaddrs(), we can instead use the if_nametoindex() function, which is much more efficient.
Signed-off-by: Sam Boyles <sam.boyles at alliedtelesis.co.nz>
Commit: 525f5e4c1904fa265c2548f3985cc100bef52fc7
https://github.com/lxc/lxc/commit/525f5e4c1904fa265c2548f3985cc100bef52fc7
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/network.c
Log Message:
-----------
network: remove unused variable
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 0c3978618b525f13d9b1e1d1bfb4324669171462
https://github.com/lxc/lxc/commit/0c3978618b525f13d9b1e1d1bfb4324669171462
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/cmd/lxc_user_nic.c
M src/lxc/compiler.h
M src/lxc/nl.c
M src/lxc/nl.h
M src/lxc/rtnl.c
M src/lxc/rtnl.h
Log Message:
-----------
compiler: add and use __hidden visbility
Closes: #3485.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 931eca75a308a0f58cbefc98ad08bdad1ce15090
https://github.com/lxc/lxc/commit/931eca75a308a0f58cbefc98ad08bdad1ce15090
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/string_utils.h
M src/tests/Makefile.am
Log Message:
-----------
string_utils: make all helpers hidden
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 09b5e84b9c4d07de3082336c71582f6085d44add
https://github.com/lxc/lxc/commit/09b5e84b9c4d07de3082336c71582f6085d44add
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/af_unix.h
Log Message:
-----------
af_unix: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 60fd6174db0d3f32a10215741686b9e45931c1d3
https://github.com/lxc/lxc/commit/60fd6174db0d3f32a10215741686b9e45931c1d3
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/attach.h
Log Message:
-----------
attach: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: fe880ab271ae30436d41cb5c704c557f6d946774
https://github.com/lxc/lxc/commit/fe880ab271ae30436d41cb5c704c557f6d946774
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/caps.h
Log Message:
-----------
caps: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 16c032c57c3860523048e242249279cb4fbea273
https://github.com/lxc/lxc/commit/16c032c57c3860523048e242249279cb4fbea273
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/commands.h
M src/tests/Makefile.am
Log Message:
-----------
commands: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: e0f15d2511d96bf28b63561922f4d7a4369d48c7
https://github.com/lxc/lxc/commit/e0f15d2511d96bf28b63561922f4d7a4369d48c7
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/commands_utils.h
M src/tests/Makefile.am
Log Message:
-----------
commands_utils: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: a841643962a81ccf73db2a956f26136a5e8c7c65
https://github.com/lxc/lxc/commit/a841643962a81ccf73db2a956f26136a5e8c7c65
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/conf.h
M src/lxc/error.c
M src/lxc/file_utils.c
M src/lxc/initutils.c
Log Message:
-----------
conf: hide unnecessary symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: a8450455ca65105b548f172ed90aaf7fd4275b07
https://github.com/lxc/lxc/commit/a8450455ca65105b548f172ed90aaf7fd4275b07
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/Makefile.am
Log Message:
-----------
Makefile.am: Fix typo
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 32d8c541dcdf6e7434a1eeae25aebf0c1d96ce50
https://github.com/lxc/lxc/commit/32d8c541dcdf6e7434a1eeae25aebf0c1d96ce50
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-07-18 (Sat, 18 Jul 2020)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: check correct flags when receiving network devices
This was introduced by faulty conflict resolution during cherry-picking.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Compare: https://github.com/lxc/lxc/compare/3a7f78f9203a...32d8c541dcdf
More information about the lxc-devel
mailing list