57 Commits

Author	SHA1	Message	Date
Robert Swiecki	3edc8bf4a7	Move PID ns to a separate module	2016-05-13 17:07:44 +02:00
Jagger	d78e141f70	Use a subprocess to setup unshare mount /proc	2016-05-12 22:25:48 +02:00
Robert Swiecki	0f8fbf7ad9	Use dummy init with -Me	2016-05-11 16:20:05 +02:00
Robert Swiecki	5e0b5d92b8	Use %td instead of %tx for syscall number	2016-05-10 15:47:13 +02:00
Robert Swiecki	0493176513	Syscall printing	2016-05-10 15:45:48 +02:00
Jagger	4a5a796d26	Make it compile (de-facto) with clang	2016-05-09 23:16:26 +02:00
Jagger	95217d6d55	Restarts with interruptible syscalls	2016-05-09 23:11:18 +02:00
Robert Swiecki	6e25d47eba	Cover interruptible syscalls with TEMP_FAILURE_RETRY	2016-05-09 15:16:26 +02:00
Jagger	c77d2097ff	Print hex always as 0x	2016-05-08 04:00:33 +02:00
Jagger	994af12692	Indent	2016-05-08 03:36:31 +02:00
Jagger	d5162548b3	Print seccomp-bpf arguments in an organized way	2016-05-08 03:36:16 +02:00
Jagger	73c847fc98	Print /proc/<pid>/syscall upon SIGSYS	2016-05-08 03:09:43 +02:00
Jagger	590899b7b8	Make -Me work again	2016-05-05 05:44:12 +02:00
Jagger	2603deb84c	No need to set return value with timeouts	2016-05-05 05:39:57 +02:00
Jagger	5bbfd06dcc	Return 0 only of child returned 0	2016-05-05 05:12:06 +02:00
Jagger	87f1883c69	wait4 instead of waitpid	2016-05-05 05:07:21 +02:00
Jagger	070939e18a	Better check for SIGSYS	2016-05-05 05:04:01 +02:00
Jagger	de9ff2382e	Report seccomp violations	2016-05-05 01:58:26 +02:00
Robert Swiecki	88e81e3e4b	No need to read from pipefd at the end of subproc	2016-04-25 16:06:19 +02:00
Jagger	8371afabb9	read() -> utilReadFromFd()	2016-04-25 02:01:26 +02:00
Jagger	57a523dd08	Use defer {} instead of DEFER()	2016-04-23 04:22:31 +02:00
Robert Swiecki	f17c13645c	Remove old log semantics	2016-03-15 20:45:20 +01:00
Robert Swiecki	3bc8cce90e	No need to redirect log fd anymore	2016-03-15 20:42:03 +01:00
Jagger	4ae2c027ac	Cleaner impl. of DEFER	2016-03-10 22:56:26 +01:00
Jagger	aff93f9d71	Unnecessary __block	2016-03-09 23:48:07 +01:00
Robert Swiecki	dcf446d7f3	More defer-ization	2016-03-08 18:37:07 +01:00
Robert Swiecki	eb52ab9a2b	Move contain fnctions into contain.c	2016-03-08 15:57:09 +01:00
Jagger	1f4983290e	Var types	2016-03-04 01:39:21 +01:00
Robert Swiecki	9cc41e820f	Separate uts.* module	2016-03-03 16:09:25 +01:00
Robert Swiecki	2652872fac	CLONE_NEWUSER routines in a separate module	2016-03-03 15:54:15 +01:00
Robert Swiecki	2c1ff531e3	Clearer naming of net functions	2016-03-03 15:43:40 +01:00
Robert Swiecki	e02d4e4edf	Separate mount.c module	2016-03-03 15:37:04 +01:00
Robert Swiecki	62eda3c738	Add child only after successful clone()	2016-02-29 16:09:08 +01:00
Jagger	43983cbb17	Add --iface_lo_up	2016-02-29 00:14:36 +01:00
Jagger	8dad34ae4a	Set-up parent in a separate function	2016-02-28 23:23:24 +01:00
Jagger	9a7b8550a6	Return early in case of problems with set-up of the child from parent	2016-02-28 16:43:35 +01:00
Jagger	d8007e15ad	Correct write() check	2016-02-28 16:38:10 +01:00
Jagger	8d641169e3	Initialize user/group maps from the parent process	2016-02-28 02:34:43 +01:00
Jagger	ad4b0105a7	No need to add (default:none) in cmdline	2016-02-28 01:52:09 +01:00
Robert Swiecki	aebc3dba41	Env variables (setting/clearing)	2016-01-26 17:42:10 +01:00
Jagger	a225069b4d	Use %#x instead of %u	2016-01-22 00:50:45 +01:00
Jagger	24af1c6d98	Introduce util.c	2016-01-17 04:14:09 +01:00
Jagger	2765e58c4e	Use TAILQ instead of LIST to insert new mount entries at the end	2016-01-09 16:09:05 +01:00
Robert Swiecki	88e796e004	Set a separate session/process_group	2015-11-24 18:34:05 +01:00
Robert Swiecki	da133a6d11	Correctly cast arguments to syscall()	2015-11-19 15:04:41 +01:00
Jagger	500e3efbaf	Move LOG_I earlier in subproc.c	2015-10-17 19:11:48 +02:00
Jagger	cbb64d571d	Make --disable_proc work	2015-08-15 20:48:48 +02:00
Jagger	da4fc22eab	indent 100	2015-08-15 20:10:07 +02:00
Jagger	701825970a	Implementation of MODE_STANDALONE_EXECVE	2015-08-15 16:02:38 +02:00
Jagger	5dc0fe193a	Better logging for clone failure	2015-08-12 04:32:34 +02:00