This is an automated email from the ASF dual-hosted git repository.
gilbert pushed a change to branch 1.4.x
in repository https://gitbox.apache.org/repos/asf/mesos.git.
from 2522bfe Added MESOS-9533 to 1.4.3 CHANGELOG.
new 86c7119 Added Linux memfd support.
new 6397991 Made the code more robust related to sendfile.
new 66dfd97 Added a test to test memfd file clone.
new b337b97 Cloned a sealed file of launcher binary.
new 2f88993 Cleaned up command executor redundant command string.
new 4b737b4 Added --disable-libtool-wrapper configuration to Mesos.
new a1a1443 Added `--enable-launcher-sealing` compiler flag.
new 6663c06 Enabled launcher sealing depending on corresponding compiler
flag.
new a9b2e2b Fixed `ROOT_PidNamespace` test after enabling launcher
sealing.
new e6ccd0e Secured mesos executor binary using memfd.
The 10 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
configure.ac | 44 ++++++
src/Makefile.am | 21 ++-
src/launcher/executor.cpp | 28 ++--
src/linux/memfd.cpp | 147 +++++++++++++++++++++
.../provisioner/utils.hpp => linux/memfd.hpp} | 20 +--
src/slave/constants.hpp | 7 +
src/slave/containerizer/mesos/containerizer.cpp | 57 +++++++-
src/slave/containerizer/mesos/containerizer.hpp | 30 ++++-
src/slave/containerizer/mesos/launch.cpp | 16 ++-
src/slave/slave.cpp | 6 -
src/tests/containerizer/isolator_tests.cpp | 2 +-
...ities_test_helper.hpp => linux_memfd_tests.cpp} | 50 +++----
12 files changed, 369 insertions(+), 59 deletions(-)
create mode 100644 src/linux/memfd.cpp
copy src/{slave/containerizer/mesos/provisioner/utils.hpp => linux/memfd.hpp}
(71%)
copy src/tests/containerizer/{capabilities_test_helper.hpp =>
linux_memfd_tests.cpp} (54%)
