Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 3c981fcb784a8130570948bf8c78e69a1b1afdd4
https://github.com/lxc/lxc/commit/3c981fcb784a8130570948bf8c78e69a1b1afdd4
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/tests/device_add_remove.c
Log Message:
-----------
tests: check for NULL in device_add_remove
Fixes: Coverity 1472768
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: 6b69d7f8cf73911213cc145efe6a79aff9977f58
https://github.com/lxc/lxc/commit/6b69d7f8cf73911213cc145efe6a79aff9977f58
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/rexec.c
Log Message:
-----------
rexec: check lseek() return value
Not really needed buy ok.
Fixes: Coverity: 1472769
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: e8aaef81592f4399b2cd6431476abe264d967394
https://github.com/lxc/lxc/commit/e8aaef81592f4399b2cd6431476abe264d967394
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M configure.ac
M src/lxc/syscall_numbers.h
M src/lxc/syscall_wrappers.h
Log Message:
-----------
syscalls: add close_range()
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: 531d36ad009325b74a105d9d6956e320f37b2937
https://github.com/lxc/lxc/commit/531d36ad009325b74a105d9d6956e320f37b2937
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/macro.h
M src/lxc/rexec.c
Log Message:
-----------
rexec: mark all fds as close-on-exec if possible
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: fdf7314dc4104f7422c7a5f3db3f571e04e6bf8c
https://github.com/lxc/lxc/commit/fdf7314dc4104f7422c7a5f3db3f571e04e6bf8c
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: remove unnecessary syscall
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: ce011f53d8d80986a875dda5109394b2d1678e35
https://github.com/lxc/lxc/commit/ce011f53d8d80986a875dda5109394b2d1678e35
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: restrict open of dev/
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: 814983287ea58b20429341f3dbfc5bc9777bd930
https://github.com/lxc/lxc/commit/814983287ea58b20429341f3dbfc5bc9777bd930
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/conf.c
M src/lxc/syscall_wrappers.h
Log Message:
-----------
conf: harden open in lxc_fill_autodev()
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: 79019997c82c4a2337b0120b4bc8a0da950deb0e
https://github.com/lxc/lxc/commit/79019997c82c4a2337b0120b4bc8a0da950deb0e
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: fd-only operations in lxc_setup_dev_symlinks()
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: 99ca563299f82cf0fb9e8e592fd8a96cf785bc4a
https://github.com/lxc/lxc/commit/99ca563299f82cf0fb9e8e592fd8a96cf785bc4a
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/conf.c
M src/lxc/syscall_wrappers.h
Log Message:
-----------
conf: restrict open for lxc_mount_rootfs()
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: 7f50ec8bd0d4d686ed3a346358d402ef4d5f7cfb
https://github.com/lxc/lxc/commit/7f50ec8bd0d4d686ed3a346358d402ef4d5f7cfb
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: fd-only pivot root
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: a26822c5d28d20c8b0c8d26c2312628b40ce6c0d
https://github.com/lxc/lxc/commit/a26822c5d28d20c8b0c8d26c2312628b40ce6c0d
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: fd-only devtps setup
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
Commit: f8dcf07fd3caafbfa98ec95d14c84aeb90c41ef8
https://github.com/lxc/lxc/commit/f8dcf07fd3caafbfa98ec95d14c84aeb90c41ef8
Author: Stéphane Graber <stgra...@ubuntu.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M configure.ac
M src/lxc/conf.c
M src/lxc/macro.h
M src/lxc/rexec.c
M src/lxc/syscall_numbers.h
M src/lxc/syscall_wrappers.h
M src/tests/device_add_remove.c
Log Message:
-----------
Merge pull request #3648 from brauner/2021-02-03/fixes
conf: open hardening & fd-only operations
Compare: https://github.com/lxc/lxc/compare/b5e75029967a...f8dcf07fd3ca
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
