projects
/
project
/
procd.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
jail: don't assume positive return value of creat
[project/procd.git]
/
jail
/
2023-01-16
Daniel Golle
jail: don't assume positive return value of creat
tree
|
commitdiff
2023-01-16
Daniel Golle
jail: fs: don't overwrite existing mount target
tree
|
commitdiff
2022-11-10
Yuteng Zhong
jail: ignore missing .dynamic sect
tree
|
commitdiff
2022-11-10
Philipp Meier
jail: correctly check for null pointer
tree
|
commitdiff
2022-07-17
Christian Marangi
jail: fix various ignoring return value compilation...
tree
|
commitdiff
2022-07-17
Christian Marangi
jail: add WARNING macro to log non critical warning...
tree
|
commitdiff
2022-04-13
Daniel Golle
jail: include necessary files for per-netns netifd...
tree
|
commitdiff
2022-01-11
Roman Azarenko
procd: jail/cgroups: correctly enable "rdma" when requested
tree
|
commitdiff
2021-12-20
Daniel Golle
remove ujail-console
tree
|
commitdiff
2021-12-11
Daniel Golle
jail: make sure jailed process is terminated
tree
|
commitdiff
2021-11-11
Daniel Golle
jail: allow passing environment variable to procd jaile...
tree
|
commitdiff
2021-11-01
Hauke Mehrtens
jail: elf: Remove MIPS 64 warning
tree
|
commitdiff
2021-11-01
Hauke Mehrtens
jail: elf: Use 64 bit variables for elf offsets
tree
|
commitdiff
2021-10-22
Hauke Mehrtens
jail: Fix build with glibc
tree
|
commitdiff
2021-10-17
Daniel Golle
jail: netifd: check target netns fd before using it
tree
|
commitdiff
2021-10-17
Daniel Golle
jail: netifd: fix error handling issue reported by...
tree
|
commitdiff
2021-10-17
Daniel Golle
jail: netifd: code cosmetics
tree
|
commitdiff
2021-10-12
Daniel Golle
jail: make use of per-container netifd via ubus
tree
|
commitdiff
2021-10-12
Daniel Golle
jail: netifd: generate netifd uci config and mount it
tree
|
commitdiff
2021-10-12
Daniel Golle
jail: fs: add support for asymmetric mount bind
tree
|
commitdiff
2021-09-15
Daniel Golle
jail: start ubus and netifd instances for container...
tree
|
commitdiff
2021-09-15
Daniel Golle
Revert "jail: do not hack /etc/resolv.conf on container...
tree
|
commitdiff
2021-09-15
Daniel Golle
jail: prepare for adding process to existing namespace
tree
|
commitdiff
2021-08-30
Daniel Golle
jail: actually check calloc return value
tree
|
commitdiff
2021-08-24
Daniel Golle
jail: protect against strcat buffer overflows
tree
|
commitdiff
2021-08-24
Daniel Golle
jail: preload: avoid NULL-dereference in case things...
tree
|
commitdiff
2021-08-24
Daniel Golle
jail: use portable sizeof(void *)
tree
|
commitdiff
2021-08-24
Daniel Golle
jail: check return value when opening console
tree
|
commitdiff
2021-08-24
Daniel Golle
jail: return to hook callback instead of just calling it
tree
|
commitdiff
2021-08-24
Daniel Golle
jail: devices: create parent folder when creating devices
tree
|
commitdiff
2021-08-14
Daniel Golle
ujail-console: add missing error handling discovered...
tree
|
commitdiff
2021-08-14
Daniel Golle
jail: fix several issues discovered by Coverity
tree
|
commitdiff
2021-08-04
Daniel Golle
jail: cgroups-bpf: fix compile with musl 1.2
tree
|
commitdiff
2021-08-04
Daniel Golle
jail: don't ignore return value of write()
tree
|
commitdiff
2021-08-04
Daniel Golle
jail: cgroups: replace wrongly used assert()
tree
|
commitdiff
2021-08-04
Daniel Golle
jail: ignore return value when creating default /dev...
tree
|
commitdiff
2021-08-04
Daniel Golle
jail: don't ignore return value of seteuid()
tree
|
commitdiff
2021-08-04
Daniel Golle
jail: cgroups-bpf: don't use sys/reg.h when building...
tree
|
commitdiff
2021-07-18
Daniel Golle
jail: refactor directory handling for rootfs and overlaydir
tree
|
commitdiff
2021-07-17
Daniel Golle
jail: make use of realpath() for rootfs and overlaydir
tree
|
commitdiff
2021-07-15
Daniel Golle
jail: open() extroot folder before mounting
tree
|
commitdiff
2021-07-15
Daniel Golle
jail: allow rootfs to be a symbolic link
tree
|
commitdiff
2021-07-15
Daniel Golle
jail: increase max additional env records to 64
tree
|
commitdiff
2021-07-15
Daniel Golle
jail: do not hack /etc/resolv.conf on container rootfs
tree
|
commitdiff
2021-07-10
Daniel Golle
jail: add support for cgroup devices as in OCI run...
tree
|
commitdiff
2021-03-19
Daniel Golle
jail/seccomp: add support for aarch64
tree
|
commitdiff
2021-03-02
Rosen Penev
procd: fix compilation with newer musl
tree
|
commitdiff
2021-02-02
Daniel Golle
jail: cgroups: fix uninitialized variable
tree
|
commitdiff
2021-02-02
Daniel Golle
jail: only output BPF instr. table header if debugging
tree
|
commitdiff
2021-02-02
Daniel Golle
jail: remove duplicate check for hook file permissions
tree
|
commitdiff
2020-12-12
Daniel Golle
treewide: replace local mkdir_p implementations
tree
|
commitdiff
2020-12-09
Daniel Golle
jail: remove unreachable code
tree
|
commitdiff
2020-12-01
Daniel Golle
jail: improve seccomp log output
tree
|
commitdiff
2020-11-30
Daniel Golle
jail: seccomp: improve code readability
tree
|
commitdiff
2020-11-30
Daniel Golle
jail: always call cgroups_free()
tree
|
commitdiff
2020-11-30
Daniel Golle
jail: improve seccomp BPF generator
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: properly initialize timens_fd
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: enter existing cgroups namespace if given
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: don't attempt to mount /sys with noatime
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: fix typo in usage output
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: seteuid before clone(CLONE_NEWUSER)
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: don't fail if can't mount-bind /etc/resolv.conf
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: don't use NULL arguments for mount syscall
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: relax /etc/resolv.conf creation
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: fix and simplify userns uid/gid maps from OCI
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: fix segfault on missing name and refactor
tree
|
commitdiff
2020-11-27
Daniel Golle
jail: leak less memory
tree
|
commitdiff
2020-11-22
Daniel Golle
jail: add 'debug' extern variable to preload_seccomp
tree
|
commitdiff
2020-11-21
Daniel Golle
jail: cgroup hack: rewrite cgroup -> cgroup2
tree
|
commitdiff
2020-11-21
Daniel Golle
seccomp: silence 'unknown syscall' warnings
tree
|
commitdiff
2020-11-15
Daniel Golle
seccomp: switch to new OCI compliant parser
tree
|
commitdiff
2020-11-15
Daniel Golle
seccomp: specifying architectures is optional
tree
|
commitdiff
2020-11-07
Daniel Golle
jail: fix capabilities
tree
|
commitdiff
2020-10-28
Daniel Golle
jail: don't fail if maskedPath cannot be found
tree
|
commitdiff
2020-10-28
Daniel Golle
jail: add support for absolute root path in OCI spec
tree
|
commitdiff
2020-10-28
Daniel Golle
jail: relax seccomp unknown syscall handling
tree
|
commitdiff
2020-10-28
Daniel Golle
jail: handle mount propagation flags
tree
|
commitdiff
2020-10-28
Daniel Golle
jail: add option for pidfile
tree
|
commitdiff
2020-10-28
Daniel Golle
jail: guard boolean blobmsg attributes
tree
|
commitdiff
2020-10-23
Daniel Golle
ujail: elf: work around GCC bug on MIPS64
tree
|
commitdiff
2020-10-22
Daniel Golle
jail: mount more stuff read-only
tree
|
commitdiff
2020-10-21
Daniel Golle
jail: capabilities: apply in two phases
tree
|
commitdiff
2020-10-19
Daniel Golle
jail: nuke old capabilities code in favour of reusing...
tree
|
commitdiff
2020-10-19
Daniel Golle
jail: adapt to new ubus socket path
tree
|
commitdiff
2020-08-13
Daniel Golle
cgroups: memory controller fixes
tree
|
commitdiff
2020-08-13
Daniel Golle
cgroups: restrict allowed keys in 'unified' section
tree
|
commitdiff
2020-08-06
Daniel Golle
jail: fix freeing cgroups avl
tree
|
commitdiff
2020-08-06
Daniel Golle
jail: only free cgroups if they were allocated
tree
|
commitdiff
2020-08-06
Daniel Golle
jail: parse OCI cgroups resources
tree
|
commitdiff
2020-08-06
Daniel Golle
jail: make use of BLOBMSG_CAST_INT64 for OCI rlimits
tree
|
commitdiff
2020-08-06
Daniel Golle
jail: use pidns semantics also for timens
tree
|
commitdiff
2020-07-29
Daniel Golle
jail: add 'kill' method to container.%s object
tree
|
commitdiff
2020-07-28
Daniel Golle
jail: add some remaining OCI features
tree
|
commitdiff
2020-07-25
Daniel Golle
jail: serialize hook execution
tree
|
commitdiff
2020-07-25
Daniel Golle
jail: fix build on glibc and uclibc
tree
|
commitdiff
2020-07-21
Daniel Golle
jail: add support for referencing existing namespaces
tree
|
commitdiff
2020-07-20
Rosen Penev
jail: fix wrong format for 32-bit
tree
|
commitdiff
2020-07-20
Daniel Golle
jail: re-implement /proc/sys/net read-write in netns...
tree
|
commitdiff
2020-07-20
Daniel Golle
jail: refactor default mounts into new structure
tree
|
commitdiff
2020-07-20
Daniel Golle
jail: actually apply filesystem-specific mount options
tree
|
commitdiff
next