Wiktor Garbacz
127176d72f
Bulk IWYU and build_cleaner fixes
...
PiperOrigin-RevId: 559733768
Change-Id: Ia38f4c176e9f0abbfdb3a8f1109f482d8870eb0f
2023-08-24 06:23:36 -07:00
Wiktor Garbacz
4890c86cec
Mark GetNamespaceDescription const
...
PiperOrigin-RevId: 554460753
Change-Id: I3304fb7d19f93750b1d74aeb1b8213af2f0fea85
2023-08-07 06:48:11 -07:00
Wiktor Garbacz
3f9e9a2b25
Make Namespace copyable, movable and copy/move assignable
...
There is no strong reason why this shouln't be the case.
Some future refactorings will depend on this.
PiperOrigin-RevId: 553456024
Change-Id: I452a2804c59ed006326ab37cbe0dec80f53cd714
2023-08-03 06:21:13 -07:00
Wiktor Garbacz
fc8a2340c7
Rename GetCloneFlags
...
PiperOrigin-RevId: 553448623
Change-Id: Ia49b16dd4b8795ba95bab8a8ea0c7ffc50bba628
2023-08-03 05:42:29 -07:00
Wiktor Garbacz
b50bc23138
Remove no longer needed friend declaration
...
Drive-by dependencies cleanup
PiperOrigin-RevId: 518551045
Change-Id: I132dfc42945f500e8efec58a4d58d3bee4d1f191
2023-03-22 06:27:21 -07:00
Wiktor Garbacz
34b2f6bc90
Remove AllowUnsafeKeepCapabilities()
...
PiperOrigin-RevId: 506586347
Change-Id: I859a1f695ffbcf3b982a26df425c6b4e03c62da1
2023-02-02 04:47:02 -08:00
Wiktor Garbacz
2f64d3d925
stack_trace: pass fd to sandboxee's memory instead of using process_vm_readv
...
Libunwind sandbox no longer needs to join sandboxee's userns.
This cleans up a lot of special handling for the libunwind sandbox.
PiperOrigin-RevId: 503140778
Change-Id: I020ea3adda05ae6ff74137b668a5fa7509c138f8
2023-01-19 05:44:50 -08:00
Wiktor Garbacz
20edaae54f
Add an option to allow mount propagation
...
PiperOrigin-RevId: 433211924
Change-Id: I653f000d44de10b668b375fd2dfff3c668cbf673
2022-03-08 08:01:19 -08:00
Christian Blichmann
d451478e26
Change license link to HTTPS URL
...
PiperOrigin-RevId: 424811734
Change-Id: If5ea692edc56ddc9c99fd478673df41c0246e9cc
2022-01-28 01:39:09 -08:00
Christian Blichmann
441201884a
Update license header with recommended best practices
...
PiperOrigin-RevId: 290250533
Change-Id: Ic34b253446463cf971a055b70a242df93a598ee3
2020-01-17 05:05:29 -08:00
Wiktor Garbacz
8a7d0d1cb3
Use a nested userns&mntns to pre-pivot_root
...
This addresses a latency issue - chroot_fs_refs called inside pivot_root
in the kernel can take several milliseconds on machines with many threads
running.
This might not always reduce latency for custom forkservers, as additional
fork can be more costly than pivot_root.
PiperOrigin-RevId: 281306284
Change-Id: If503ac76a70e5438e94caf708d79cb0219c66def
2019-11-19 09:02:28 -08:00
Wiktor Garbacz
605d402121
Use new function naming
...
PiperOrigin-RevId: 253191002
Change-Id: If00c0effb925b3e294593f272447cd8386228bac
2019-06-14 02:09:07 -07:00
Christian Blichmann
f04be9276f
Formatting fixes and include file hygiene.
...
PiperOrigin-RevId: 240346890
Change-Id: I1a9617f10a62a848b6314a6196512e016ae02643
2019-03-26 07:54:21 -07:00
Wiktor Garbacz
2e9f50a68f
Rename deathrattle_fatalmsg proto
...
PiperOrigin-RevId: 239377742
Change-Id: I169407087f5e6f3275e282a51232bb6eea330e49
2019-03-20 05:19:55 -07:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release.
...
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57
Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00