[lxc-devel] [lxc/lxc] b2acb9: seccomp: remove seccomp fd from event loop after t...

Stéphane Graber noreply at github.com
Mon Jul 27 12:16:48 UTC 2020


  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: b2acb9dce972ed52905903e325896b8a11b6799a
      https://github.com/lxc/lxc/commit/b2acb9dce972ed52905903e325896b8a11b6799a
  Author: Christian Brauner <christian.brauner at ubuntu.com>
  Date:   2020-07-27 (Mon, 27 Jul 2020)

  Changed paths:
    M src/lxc/seccomp.c

  Log Message:
  -----------
  seccomp: remove seccomp fd from event loop after task exited

Linux v5.8 will land my patch where seccomp notifies when a filter goes unused,
i.e. when the last task using a given seccomp filter has exited. This wasn't
possible before and so we accumulated file descriptors in the container's event
loop whenever we attached to the container.
I'm not sure whether the task exiting before we could handle its syscall should
cause us to report and error or not. For now, let's simply close the event loop
and not report an error.

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>


  Commit: 64cbd48aa3d6e5de28b729966890ca7cd6574e97
      https://github.com/lxc/lxc/commit/64cbd48aa3d6e5de28b729966890ca7cd6574e97
  Author: Stéphane Graber <stgraber at stgraber.org>
  Date:   2020-07-27 (Mon, 27 Jul 2020)

  Changed paths:
    M src/lxc/seccomp.c

  Log Message:
  -----------
  Merge pull request #3499 from brauner/2020-07-27/seccomp_notify_cleanup

seccomp: remove seccomp fd from event loop after task exited


Compare: https://github.com/lxc/lxc/compare/aaab14d098c2...64cbd48aa3d6


More information about the lxc-devel mailing list