Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
vendor: Update vendoring for libcontainer.
This includes fix for CVE-2019-19921 3291d66b rootfs: do not permit /proc mounts to non-directories 55f8c254 temporarily disable CRIU tests 5c20ea14 fix merging kata-containers#2177 and kata-containers#2169 8541d9cf Fix race checking for process exit and waiting for exec fifo 52951a7c Fix race in tty integration test with slow startup 8ddd8920 libcontainer: add method to get cgroup config from cgroup Manager cd7c59d0 libcontainer: export createCgroupConfig ec49f98d fs2: support legacy device spec (to pass CI) 88e8350d cgroup2: split fs2 from fs 41a20b58 Expose network interfaces via runc events 48b055c4 Makefile: allow overriding `docker` command 42690e68 Make event types public faf1e44e cgroup2: ebpf: increase RLIM_MEMLOCK to avoid BPF_PROG_LOAD error ccd4436f .travis.yml: add Fedora 31 vagrant box (for cgroup2) faf673ee cgroup2: port over eBPF device controller from crun 74a3fe5d cgroup2: do not parse /proc/cgroups 9c81440f cgroup2: allow mounting /sys/fs/cgroup in UserNS without unsharing CgroupNS 13919f5d Remove the static_build build tag. dbd771e4 cgroup2: implement `runc ps` 9996cf7d README.md: clarify cgroup2 support is not ready for production d918e7f4 cpuset_v2: skip Apply when no limit is specified 033936ef io_v2.go: remove blkio v1 code a610a848 criu: Ensure other users cannot read c/r files b28f58f3 Set unified mountpoint in find mnt func f017e0f9 checkpoint: Set descriptors.json file mode to 0600 4be50fe3 SECURITY: Add Security Policy 2111613c VERSION: back to development 28e58a0f Support different field counts of cpuaact.stats e63b797f Handle ENODEV when accessing the freezer.state file 5e0e67d7 fix permission denied 056909bd Adds note about user ns for rootless containers Fixes kata-containers#719 Signed-off-by: Archana Shinde <[email protected]>
- Loading branch information
