Hi zhangq95,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v4.17-rc3]
[cannot apply to cgroup/for-next next-20180504]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
Hi zhangq95,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on linus/master]
[also build test ERROR on v4.17-rc3]
[cannot apply to cgroup/for-next]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://gith
Hi zhangq95,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on linus/master]
[also build test ERROR on v4.17-rc3]
[cannot apply to cgroup/for-next]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://gith
On Fri, May 04, 2018 at 10:28:20PM +0800, zhangq95 wrote:
> When I run "cat /proc/stat" in a container, container will access
> host's file directly which is a security risk.
Why is this a "security risk"? What can be learned there that is
somehow "bad"?
thanks,
greg k-h
On Fri, May 04, 2018 at 10:28:20PM +0800, zhangq95 wrote:
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index 5e10aae..ba969af 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -3404,11 +3404,19 @@ static void __sched notrace __schedule(bool preempt)
> struct rq
When I run "cat /proc/stat" in a container, container will access
host's file directly which is a security risk. LXCFS is a good way
to strengthen the isolation among containers. However, I can not
get a container's correct status because LXCFS just transfer host's
status to container. So I track s
6 matches
Mail list logo