| Commit message (Expand) | Author | Age | Files | Lines |
* | seccomp: Adjust list of allowed syscalls for armv6l, armv7l | Stefano Brivio | 2022-02-26 | 1 | -3/+5 |
* | passt: Don't warn on failed madvise() | Stefano Brivio | 2022-02-26 | 1 | -2/+1 |
* | passt: Explicitly check return value of chdir() | Stefano Brivio | 2022-02-25 | 1 | -1/+3 |
* | passt: Drop PASST_LEGACY_NO_OPTIONS sections | Stefano Brivio | 2022-02-22 | 1 | -2/+0 |
* | pasta: By default, quit if filesystem-bound net namespace goes away | Stefano Brivio | 2022-02-21 | 1 | -1/+6 |
* | Makefile, conf, passt: Drop passt4netns references, explicit argc check | Stefano Brivio | 2022-02-21 | 1 | -2/+7 |
* | passt: Make process not dumpable after sandboxing | Stefano Brivio | 2022-02-21 | 1 | -0/+2 |
* | passt, pasta: Namespace-based sandboxing, defer seccomp policy application | Stefano Brivio | 2022-02-21 | 1 | -47/+79 |
* | passt, tap: Daemonise once socket is ready without waiting for connection | Stefano Brivio | 2022-01-28 | 1 | -2/+4 |
* | seccomp: Add a number of alternate and per-arch syscalls | Stefano Brivio | 2022-01-26 | 1 | -5/+9 |
* | Makefile, seccomp: Fix build for i386, ppc64, ppc64le | Stefano Brivio | 2022-01-26 | 1 | -1/+1 |
* | passt: Drop <linux/ipv6.h> include, carry own ipv6hdr and opt_hdr definitions | Stefano Brivio | 2022-01-26 | 1 | -1/+0 |
* | seccomp: Add newfstatat to list of allowed syscalls | Stefano Brivio | 2021-10-21 | 1 | -1/+1 |
* | passt: Fork into background also if not running from a terminal | Stefano Brivio | 2021-10-21 | 1 | -1/+1 |
* | passt: Add cppcheck target, test, and address resulting warnings | Stefano Brivio | 2021-10-21 | 1 | -3/+1 |
* | passt: Fix build with gcc 7, use std=c99, enable some more Clang checkers | Stefano Brivio | 2021-10-21 | 1 | -18/+15 |
* | passt: Address gcc 11 warnings | Stefano Brivio | 2021-10-20 | 1 | -4/+9 |
* | passt: Include linux/seccomp.h and linux/audit.h instead of seccomp.h | Stefano Brivio | 2021-10-19 | 1 | -1/+2 |
* | passt: Add clock_gettime to list of allowed syscalls | Stefano Brivio | 2021-10-16 | 1 | -0/+1 |
* | passt: Static builds: don't redefine __vsyslog(), skip getpwnam() and initgro... | Stefano Brivio | 2021-10-16 | 1 | -5/+10 |
* | passt: Check if a PID file was actually requested before creating it | Stefano Brivio | 2021-10-15 | 1 | -1/+1 |
* | passt: Don't refuse to run if UID is 0 in non-init namespace | Stefano Brivio | 2021-10-14 | 1 | -1/+14 |
* | conf: Add -P, --pid, to specify a file where own PID is written to | Stefano Brivio | 2021-10-14 | 1 | -1/+24 |
* | passt: Warn if we're running as root, abort if we can't change to nobody:nobody | Stefano Brivio | 2021-10-14 | 1 | -0/+29 |
* | passt: Drop all capabilities that we might have, except for CAP_NET_BIND_SERVICE | Stefano Brivio | 2021-10-14 | 1 | -0/+18 |
* | passt, pasta: Completely avoid dynamic memory allocation | Stefano Brivio | 2021-10-14 | 1 | -8/+8 |
* | passt, pasta: Add seccomp support | Stefano Brivio | 2021-10-14 | 1 | -0/+36 |
* | conf, tap: Split netlink and pasta functions, allow interface configuration | Stefano Brivio | 2021-10-14 | 1 | -181/+2 |
* | pasta: Add second waitid() in pasta_child_handler() | Stefano Brivio | 2021-10-07 | 1 | -0/+1 |
* | pasta: Allow specifying paths and names of namespaces | Giuseppe Scrivano | 2021-10-07 | 1 | -20/+39 |
* | passt: Shrink binary size by dropping static initialisers | Stefano Brivio | 2021-10-05 | 1 | -2/+6 |
* | tcp, tap: Turn tcp_probe_mem() into sock_probe_mem(), use for AF_UNIX socket too | Stefano Brivio | 2021-10-05 | 1 | -0/+1 |
* | passt: Add handler for optional deferred tasks | Stefano Brivio | 2021-10-05 | 1 | -20/+26 |
* | passt: Actually initialise timers for protocol handlers | Stefano Brivio | 2021-09-27 | 1 | -2/+16 |
* | passt: Align pkt_buf to PAGE_SIZE (start and size), try to fit in huge pages | Stefano Brivio | 2021-09-27 | 1 | -2/+6 |
* | pasta: Clean up namespace processes on exit, reap zombies from clone() | Stefano Brivio | 2021-09-15 | 1 | -9/+83 |
* | pasta: Set ping_group_range upon namespace creation | Stefano Brivio | 2021-09-09 | 1 | -0/+4 |
* | passt: Add epoll event indication and passt/pasta mode in socket debug message | Stefano Brivio | 2021-09-09 | 1 | -1/+3 |
* | pasta: If a new namespace is created, wait for it to be ready before proceeding | Stefano Brivio | 2021-09-01 | 1 | -1/+15 |
* | passt, pasta: Introduce command-line options and port re-mapping | Stefano Brivio | 2021-09-01 | 1 | -423/+101 |
* | tcp: Introduce scatter-gather IO path from socket to tap | Stefano Brivio | 2021-07-26 | 1 | -0/+1 |
* | tcp, udp: Allow binding ports in init namespace to both tap and loopback | Stefano Brivio | 2021-07-26 | 1 | -0/+15 |
* | tcp, udp: Split IPv4 and IPv6 bound port sets | Stefano Brivio | 2021-07-21 | 1 | -15/+31 |
* | udp: Introduce recvmmsg()/sendmmsg(), zero-copy path from socket | Stefano Brivio | 2021-07-21 | 1 | -0/+14 |
* | passt: Add PASTA mode, major rework | Stefano Brivio | 2021-07-17 | 1 | -439/+108 |
* | passt: When probing for an existing instance, also accept ENOENT on connect() | Stefano Brivio | 2021-05-23 | 1 | -1/+1 |
* | util: On -DDEBUG, log to stderr with timestamps | Stefano Brivio | 2021-05-21 | 1 | -1/+1 |
* | passt: Also log to stderr, don't fork to background if not interactive | Stefano Brivio | 2021-05-21 | 1 | -2/+2 |
* | passt: Add support for multiple instances in different network namespaces | Stefano Brivio | 2021-05-21 | 1 | -13/+33 |
* | tcp: Actually enforce MAX_CONNS limit | Stefano Brivio | 2021-05-21 | 1 | -1/+1 |