Robert Swiecki
|
9414b1a635
|
subproc: print different message if /proc/pid/syscall contains 3 entries only
|
2017-05-08 15:24:03 +02:00 |
|
Robert Swiecki
|
341832d755
|
Duplicate logging fd, so it can be used from child process
|
2017-02-11 20:33:54 +01:00 |
|
Robert Swiecki
|
f990955d9e
|
seccomp syscall printing: various formats of /proc/<pid>/syscall
|
2017-01-18 22:32:27 +01:00 |
|
Robert Swiecki
|
ae9c1bad9a
|
subproc: logging
|
2016-11-20 23:55:44 +01:00 |
|
Robert Swiecki
|
78ccfa863a
|
setjmp/longjmp: don't use stack-based jmp_buf, use TLS one
|
2016-11-03 03:53:52 +01:00 |
|
Robert Swiecki
|
d0a3edd67f
|
log: don't print function name with INFO logs
|
2016-10-17 15:49:20 +02:00 |
|
Robert Swiecki
|
b1ca8dd1b5
|
subproc: comments
|
2016-10-17 15:47:50 +02:00 |
|
Robert Swiecki
|
c3462e2529
|
Typo: subproccloneFunc -> subprocCloneFunc
|
2016-10-15 02:58:42 +02:00 |
|
Robert Swiecki
|
2a8faeba7a
|
Make use of subprocClone, plus remove use of syscall(__NR_getpid)
|
2016-10-15 02:42:01 +02:00 |
|
Robert Swiecki
|
fe7fe8591f
|
Use common subprocSystem for executing commands
|
2016-10-12 02:01:12 +02:00 |
|
Jagger
|
ee7de33531
|
Use O_CLOEXEC when possible to avoid leaking FDs
|
2016-09-10 03:20:32 +02:00 |
|
Robert Swiecki
|
1dc33c7bcf
|
Remove defer{} calls
|
2016-07-29 15:38:22 +02:00 |
|
Robert Swiecki
|
432c82bb34
|
Make it a bit more standards friendly
|
2016-07-21 15:48:47 +02:00 |
|
Jagger
|
e981cbc730
|
Init cgroups with -Me
|
2016-06-19 19:36:56 +02:00 |
|
Jagger
|
ac06ff56c9
|
Remove cgroup before reporting process being finished
|
2016-06-19 16:02:00 +02:00 |
|
Jagger
|
827e1a4e7d
|
Init cgroups from parent
|
2016-06-19 15:50:25 +02:00 |
|
Jagger
|
a1f0ec7925
|
Support for CLONE_NEWCGROUP
|
2016-06-19 11:55:55 +02:00 |
|
Jagger
|
d4912847ed
|
Make it compile with clang
|
2016-06-12 13:07:40 +02:00 |
|
Robert Swiecki
|
3edc8bf4a7
|
Move PID ns to a separate module
|
2016-05-13 17:07:44 +02:00 |
|
Jagger
|
d78e141f70
|
Use a subprocess to setup unshare mount /proc
|
2016-05-12 22:25:48 +02:00 |
|
Robert Swiecki
|
0f8fbf7ad9
|
Use dummy init with -Me
|
2016-05-11 16:20:05 +02:00 |
|
Robert Swiecki
|
5e0b5d92b8
|
Use %td instead of %tx for syscall number
|
2016-05-10 15:47:13 +02:00 |
|
Robert Swiecki
|
0493176513
|
Syscall printing
|
2016-05-10 15:45:48 +02:00 |
|
Jagger
|
4a5a796d26
|
Make it compile (de-facto) with clang
|
2016-05-09 23:16:26 +02:00 |
|
Jagger
|
95217d6d55
|
Restarts with interruptible syscalls
|
2016-05-09 23:11:18 +02:00 |
|
Robert Swiecki
|
6e25d47eba
|
Cover interruptible syscalls with TEMP_FAILURE_RETRY
|
2016-05-09 15:16:26 +02:00 |
|
Jagger
|
c77d2097ff
|
Print hex always as 0x
|
2016-05-08 04:00:33 +02:00 |
|
Jagger
|
994af12692
|
Indent
|
2016-05-08 03:36:31 +02:00 |
|
Jagger
|
d5162548b3
|
Print seccomp-bpf arguments in an organized way
|
2016-05-08 03:36:16 +02:00 |
|
Jagger
|
73c847fc98
|
Print /proc/<pid>/syscall upon SIGSYS
|
2016-05-08 03:09:43 +02:00 |
|
Jagger
|
590899b7b8
|
Make -Me work again
|
2016-05-05 05:44:12 +02:00 |
|
Jagger
|
2603deb84c
|
No need to set return value with timeouts
|
2016-05-05 05:39:57 +02:00 |
|
Jagger
|
5bbfd06dcc
|
Return 0 only of child returned 0
|
2016-05-05 05:12:06 +02:00 |
|
Jagger
|
87f1883c69
|
wait4 instead of waitpid
|
2016-05-05 05:07:21 +02:00 |
|
Jagger
|
070939e18a
|
Better check for SIGSYS
|
2016-05-05 05:04:01 +02:00 |
|
Jagger
|
de9ff2382e
|
Report seccomp violations
|
2016-05-05 01:58:26 +02:00 |
|
Robert Swiecki
|
88e81e3e4b
|
No need to read from pipefd at the end of subproc
|
2016-04-25 16:06:19 +02:00 |
|
Jagger
|
8371afabb9
|
read() -> utilReadFromFd()
|
2016-04-25 02:01:26 +02:00 |
|
Jagger
|
57a523dd08
|
Use defer {} instead of DEFER()
|
2016-04-23 04:22:31 +02:00 |
|
Robert Swiecki
|
f17c13645c
|
Remove old log semantics
|
2016-03-15 20:45:20 +01:00 |
|
Robert Swiecki
|
3bc8cce90e
|
No need to redirect log fd anymore
|
2016-03-15 20:42:03 +01:00 |
|
Jagger
|
4ae2c027ac
|
Cleaner impl. of DEFER
|
2016-03-10 22:56:26 +01:00 |
|
Jagger
|
aff93f9d71
|
Unnecessary __block
|
2016-03-09 23:48:07 +01:00 |
|
Robert Swiecki
|
dcf446d7f3
|
More defer-ization
|
2016-03-08 18:37:07 +01:00 |
|
Robert Swiecki
|
eb52ab9a2b
|
Move contain fnctions into contain.c
|
2016-03-08 15:57:09 +01:00 |
|
Jagger
|
1f4983290e
|
Var types
|
2016-03-04 01:39:21 +01:00 |
|
Robert Swiecki
|
9cc41e820f
|
Separate uts.* module
|
2016-03-03 16:09:25 +01:00 |
|
Robert Swiecki
|
2652872fac
|
CLONE_NEWUSER routines in a separate module
|
2016-03-03 15:54:15 +01:00 |
|
Robert Swiecki
|
2c1ff531e3
|
Clearer naming of net functions
|
2016-03-03 15:43:40 +01:00 |
|
Robert Swiecki
|
e02d4e4edf
|
Separate mount.c module
|
2016-03-03 15:37:04 +01:00 |
|