Commit Graph

138 Commits

Author SHA1 Message Date
Wolfgang Bumiller
6651043d52 KEEP_CAPS: switch to secure bits
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-15 10:28:58 +02:00
Wolfgang Bumiller
738dbfbe69 set SECBIT_KEEP_CAPS
That's the one we actually want instead of PR_SET_KEEPCAPS

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-15 09:05:59 +02:00
Wolfgang Bumiller
7ca1a14c8c cleanup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-15 08:57:50 +02:00
Wolfgang Bumiller
a563caf224 use tokio::main macro
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-13 10:27:28 +02:00
Wolfgang Bumiller
d0e7b466bf quotactl syscall numbers
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:39:43 +02:00
Wolfgang Bumiller
a0d68fed38 more quota stuff
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:36:37 +02:00
Wolfgang Bumiller
b1fbde1b92 quotaon wip
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:27:51 +02:00
Wolfgang Bumiller
d55a8fc671 update .gitignore
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:23:19 +02:00
Wolfgang Bumiller
3e69a521d8 some quotactl preparation
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:23:02 +02:00
Wolfgang Bumiller
7970b0ea8d some more syscall argument helpers
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:21:41 +02:00
Wolfgang Bumiller
9be25f820f cleanup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:03:08 +02:00
Wolfgang Bumiller
f4b5a72f90 use arch based syscall translation
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-12 10:02:16 +02:00
Wolfgang Bumiller
942f3c7316 formatting fixup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-11 14:32:13 +02:00
Wolfgang Bumiller
00c473c087 debian: compat: 11
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-11 13:49:25 +02:00
Wolfgang Bumiller
6ab9819ec1 remove verbose output
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-11 13:29:53 +02:00
Wolfgang Bumiller
42f2575678 apparmor support
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-11 11:33:31 +02:00
Wolfgang Bumiller
f6a483ad15 add syscall table for x86_64 and x86
Signed-off-by: Wolfgang Bumiller <w.bumiller@errno.eu>
2019-07-10 17:23:14 +02:00
Wolfgang Bumiller
641af2dd6a debian/ import
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-10 15:00:54 +02:00
Wolfgang Bumiller
3be1f04cb6 fill mknod whitelist
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-10 12:06:27 +02:00
Wolfgang Bumiller
bff40ab9c0 streamline UserCap::apply
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-10 11:58:13 +02:00
Wolfgang Bumiller
e5360c92f0 more comments
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-10 11:37:22 +02:00
Wolfgang Bumiller
512f780a8c handle capabilities and permission checks for mknod
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-10 11:35:58 +02:00
Wolfgang Bumiller
3bb4df0ba5 WIP
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-09 16:14:15 +02:00
Wolfgang Bumiller
275009ec68 Some CStr related changes
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-09 14:56:51 +02:00
Wolfgang Bumiller
61bfa35549 working on forking
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-09 14:34:10 +02:00
Wolfgang Bumiller
937921aae6 working on argument passing
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-09 14:04:26 +02:00
Wolfgang Bumiller
34f32e25a1 cleanup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-09 13:32:18 +02:00
Wolfgang Bumiller
c95be5f6b5 working on receiving data for the syscalls
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-09 12:53:04 +02:00
Wolfgang Bumiller
41214ae25f receive fds in the proxy message buffer
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-09 11:40:08 +02:00
Wolfgang Bumiller
0e2d0fa2ab handle send/recv in proxy msg impl
it also handles what parts to send etc. so this makes more
sense

Signed-off-by: Wolfgang Bumiller <wry.git@bumiller.com>
2019-07-08 22:09:05 +02:00
Wolfgang Bumiller
e420f6f97f Whole bunch of async code and preparation to fork.
The GenericStream should not be necessary once tokio-fs is
updated to futures@0.3

tools.rs needs to be split up...

Signed-off-by: Wolfgang Bumiller <wry.git@bumiller.com>
2019-07-08 18:55:20 +02:00
Wolfgang Bumiller
41ff6d289c query seccomp sizes only once
Signed-off-by: Wolfgang Bumiller <w.bumiller@errno.eu>
2019-07-07 18:24:52 +02:00
Wolfgang Bumiller
a0c504f8fd use Arc<> for clients
so we can handle multipl requests by the same client in
parallel futures

Signed-off-by: Wolfgang Bumiller <w.bumiller@errno.eu>
2019-07-07 18:24:26 +02:00
Wolfgang Bumiller
d4f9eb8d79 let SeqPacketSocket methods take immutable self
since we can share the socket across threads and still get
full packets sent and received as a whole

Signed-off-by: Wolfgang Bumiller <w.bumiller@errno.eu>
2019-07-07 17:29:10 +02:00
Wolfgang Bumiller
571dbe0396 switch to vectored I/O
Signed-off-by: Wolfgang Bumiller <w.bumiller@errno.eu>
2019-07-07 13:47:48 +02:00
Wolfgang Bumiller
52f50bd443 formatting fixup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-05 16:14:44 +02:00
Wolfgang Bumiller
294a012831 Cargo.toml: we don't need the compat layer...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-05 16:11:07 +02:00
Wolfgang Bumiller
9cffeac4d3 import
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-05 16:08:18 +02:00