Robert Swiecki
e98dc415fc
Switch C++ standard to C++14 - it'll allow to use new features, like std::quoted
2022-08-09 11:34:18 +02:00
Robert Swiecki
4128a7cbd9
mnt: remove unnecessary quote in a debug message
2022-08-09 11:32:49 +02:00
Robert Swiecki
38fcf4f752
subproc: type + const string& in the iterator
2022-08-09 10:44:25 +02:00
Robert Swiecki
8e3ca99c3f
cpu/subproc: better debugging strings
2022-08-09 00:03:20 +02:00
Robert Swiecki
0d292e7be7
cpu: even better LOG_Ds
2022-08-06 09:20:11 +02:00
Robert Swiecki
a33f3a81ca
cpu: Add more debugging messages
2022-08-05 08:43:39 +02:00
Robert Swiecki
9aee3dd831
Make logs more efficient by avoiding argument evaluation for LOG* if
...
it's not needed at the current level
2022-08-05 08:42:37 +02:00
Robert Swiecki
856cb0f2ec
When setting CPU affinity, take into consideration the current CPU
...
affinity set. Use only CPU numbers, which exist in the current affinity
set. Maybe fixes https://github.com/google/nsjail/issues/200
2022-08-04 19:22:33 +02:00
Robert Swiecki
57ed22dfdf
make indent
2022-06-11 12:08:50 +02:00
robertswiecki
d88be25986
Merge pull request #197 from pks-t/pks-forward-signals
...
Optionally forward fatal signals
2022-06-11 12:08:21 +02:00
Patrick Steinhardt
df21a972b6
nsjail: Optionally forward fatal signals
...
Currently, we always kill children by sending them a SIGKILL signal in
case we've got a fatal signal. This is rather inflexible and forbids
some usecases where e.g. child process listen for specific signals to
shut down gracefully.
Add a new command configuration `--forward_signals` that allows the user
to opt-in to forwarding fatal signals to the child process.
2022-06-05 19:38:32 +02:00
Patrick Steinhardt
a517934aba
subproc: Allow killing subprocesses with different signal
...
`subproc::killAndReapAll()` is always killing the child process with the
SIGKILL signal. We're about to make this configurable though so that we
may optionally forward signals received by nsjail to the child process.
Add a new parameter to `killAndReapAll()` to prepare for this change.
2022-06-05 19:36:50 +02:00
Robert Swiecki
6483728e24
config: better config parsing debugging
2022-03-15 00:44:33 +01:00
robertswiecki
e678c25b32
Merge pull request #193 from 243f6a8885a308d313198a2e037/fix/20220223_typo_siutime
...
subproc.cc: fix typo: SiUime -> SiUtime
2022-02-26 19:51:23 +01:00
243f6a8885a308d313198a2e037
472932c6f0
subproc.cc: fix typo: SiUime -> SiUtime
2022-02-23 14:41:23 +09:00
Robert Swiecki
91d5c9871a
log.h: no need to use __PRETTY_FUNCTION__ as it makes it harder to read log messages, just __FUNCTION__ should be 'good enough' for debugging
2022-02-18 20:26:52 +01:00
Robert Swiecki
02458084fe
contain: call prctl(PR_SET_TSC) under x86/x86-64 only
2022-02-18 16:12:27 +01:00
robertswiecki
8e4cc83eb2
Merge pull request #192 from mkow/mkow/disable-tsc-docs
...
Add more docs for disable_tsc + update README
2022-02-18 01:28:39 +01:00
Michał Kowalczyk
e9d00e3d7e
README.md: Update usage to the current version
2022-02-18 00:42:34 +01:00
Michał Kowalczyk
f4abf7b726
config: Add more docs for disable_tsc
2022-02-18 00:33:52 +01:00
Robert Swiecki
cdf8e8f14c
config: info about prctl(PR_SET_TSC, PR_TSC_ENABLE) being intel-only
2022-02-18 00:15:12 +01:00
robertswiecki
328ae491a7
Merge pull request #191 from mkow/mkow/add-disable-tsc
...
Add `disable_tsc` option
2022-02-18 00:10:49 +01:00
Michał Kowalczyk
16b4416d75
Add disable_tsc
option
...
Implemented via prctl(PR_SET_TSC, PR_TSC_SIGSEGV, ...).
2022-02-17 23:53:13 +01:00
Robert Swiecki
999d4631f3
mnt: better error messages with mandatory mount points
2022-02-10 09:51:13 +01:00
Robert Swiecki
9b73eaa289
subproc: print correct si fields for SIGCHLD
2022-02-08 12:17:59 +01:00
Robert Swiecki
3c03973f1f
configs/*: use KILL_PROCESS instead of KILL(_THREAD) when posssible
2022-02-07 17:23:31 +01:00
Robert Swiecki
6a99755e43
configs/imagemagick-convert: missing quote
2022-02-07 01:08:35 +01:00
Robert Swiecki
dccf911fd2
log: use TEMP_FAILURE_RETRY instead of fallback to dprintf
2021-11-24 22:25:57 +01:00
Robert Swiecki
aa0becd547
make indent
2021-11-12 20:24:33 +01:00
ndrewh
b248125c5f
Fix compile using FROM ubuntu:20.04
...
Remove clone_args members that are only present in 5.5+ and 5.7+
2021-11-08 11:52:23 +01:00
Philip
bf93e8a25d
cgroup2: use cgroup_mem_swap_max and cgroup_mem_memsw_max
2021-11-01 10:28:41 +01:00
Philip
5a8ad82311
cgroup2: support cgroup_mem_memsw_max
2021-11-01 10:28:41 +01:00
robertswiecki
cf4cfd5499
Merge pull request #185 from flaryer/fix-memsw
...
Fix mem clean in finishFromParent
2021-10-18 15:50:56 +02:00
flaeyer
26869e8956
fix mem clean in finishFromParent
2021-10-14 12:12:46 +08:00
Wiktor Garbacz
5b82f51b8a
Fix whitespace in kafel
2021-10-11 16:20:09 +02:00
Wiktor Garbacz
acf3bf8de5
Fix build
2021-10-11 16:11:50 +02:00
Wiktor Garbacz
a21bb242b1
Update kafel for RISC-V support
2021-10-11 15:49:16 +02:00
Johan Kartiwa
29a556068a
Add support for setting cgroup memory.memsw.limit_in_bytes
2021-10-11 15:46:36 +02:00
James Kay
e09610e789
Allow mount options to contain colons.
...
This is particularly important for overlayfs, which allows multiple
layers to be given to `lowerdir` separated by colons: see
<https://www.kernel.org/doc/Documentation/filesystems/overlayfs.txt >,
section ‘Multiple lower layers’.
2021-10-11 15:46:16 +02:00
Robert Swiecki
246d4721b1
macros: make NS_VALSTR_STRUCT accept unsigned/64-bit vals
2021-09-30 16:44:48 +02:00
Robert Swiecki
2b6a093e09
configs/firefox-with-net-wayland.cfg: retain original WAYLAND_DISPLAY value
2021-09-29 09:48:11 +02:00
robertswiecki
3932b67781
Merge pull request #182 from ccstolley/fix_rlimitas_default
...
The default rlimit_as value is 4096, not 512.
2021-09-14 20:31:59 +02:00
Colin Stolley
8a1f3b5f4d
The default rlimit_as value is 4096, not 512.
...
In 9b8d91bd7f
the default for rlimit_as
was increased to 4096 MB, but old default remained in the man page,
readme, etc. This patch corrects those spots with the right value.
2021-09-14 11:57:30 -05:00
Robert Swiecki
4909f45fe0
configs: firefox+wayland example
2021-08-11 00:31:31 +02:00
Robert Swiecki
d6b9357e6b
config.proto: renumerate fields
2021-08-10 19:17:33 +02:00
Robert Swiecki
8ce33a17ec
configs/imagemagick: alternative file conversion command
2021-08-10 17:46:44 +02:00
Wiktor Garbacz
8e13a76b99
Fix duplicate field number
2021-08-04 10:25:38 +02:00
Wiktor Garbacz
95e112cf41
Fix formatting
2021-08-03 17:46:08 +02:00
Wiktor Garbacz
4136dd50d8
Merge branch 'use_switchroot'
2021-08-03 17:44:57 +02:00
Wiktor Garbacz
87af69bea4
Update kafel - x86 build fixes
2021-08-02 19:45:32 +02:00