This is an automated email from the ASF dual-hosted git repository.
gilbert pushed a change to branch 1.5.x
in repository https://gitbox.apache.org/repos/asf/mesos.git.
from 3b0a04c Added MESOS-9533 to 1.5.3 CHANGELOG.
new 5165885 Added Linux memfd support.
new 5abf4a0 Made the code more robust related to sendfile.
new 5334e14 Added a test to test memfd file clone.
new b6b6513 Cloned a sealed file of launcher binary.
new b121bbb Cleaned up command executor redundant command string.
new d07fbdf Added `--enable-launcher-sealing` compiler flag.
new 5e4bb80 Enabled launcher sealing depending on corresponding compiler
flag.
new eeec1cc Fixed `ROOT_PidNamespace` test after enabling launcher
sealing.
new 7a75370 Secured mesos executor binary using memfd.
The 9 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
configure.ac | 31 +++++
src/Makefile.am | 11 ++
src/launcher/executor.cpp | 28 ++--
src/linux/memfd.cpp | 147 +++++++++++++++++++++
.../provisioner/utils.hpp => linux/memfd.hpp} | 20 +--
src/slave/constants.hpp | 3 +
src/slave/containerizer/mesos/containerizer.cpp | 57 +++++++-
src/slave/containerizer/mesos/containerizer.hpp | 30 ++++-
src/slave/containerizer/mesos/launch.cpp | 16 ++-
src/slave/slave.cpp | 6 -
src/tests/containerizer/isolator_tests.cpp | 2 +-
...ities_test_helper.hpp => linux_memfd_tests.cpp} | 50 +++----
12 files changed, 343 insertions(+), 58 deletions(-)
create mode 100644 src/linux/memfd.cpp
copy src/{slave/containerizer/mesos/provisioner/utils.hpp => linux/memfd.hpp}
(71%)
copy src/tests/containerizer/{capabilities_test_helper.hpp =>
linux_memfd_tests.cpp} (54%)
