colin/passt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • cbc84df47f siphash: Use specific structure for internal state David Gibson 2023-09-28 11:20:59 +10:00
  • fcec3f6f9d siphash: Use more hygienic state initialiser David Gibson 2023-09-28 11:20:58 +10:00
  • 5cc843521d siphash: Fix bug in state initialisation David Gibson 2023-09-28 11:20:57 +10:00
  • 831067f483 siphash: Clean up hash finalisation with posthash_final() function David Gibson 2023-09-28 11:20:56 +10:00
  • 7a3153cbfb siphash: Add siphash_feed() helper David Gibson 2023-09-28 11:20:55 +10:00
  • f7b2be2d21 siphash: Make sip round calculations an inline function rather than macro David Gibson 2023-09-28 11:20:54 +10:00
  • ca6e94702c siphash: Make siphash functions consistently return 64-bit results David Gibson 2023-09-28 11:20:53 +10:00
  • c1d2a070f2 util: Consolidate and improve workarounds for clang-tidy issue 58992 David Gibson 2023-09-21 14:49:39 +10:00
  • 5b6c68c2e4 Avoid shadowing index(3) David Gibson 2023-09-21 14:49:38 +10:00
  • 9178a9e346 tcp: Always send an ACK segment once the handshake is completed Stefano Brivio 2023-09-22 23:48:06 +02:00
  • c09069211a dhcp: Actually note down the length of options received by the client Stefano Brivio 2023-09-21 18:42:45 +02:00
  • 8b8537d301 dhcpv6: Properly separate domain names in search list Stefano Brivio 2023-09-20 16:39:11 +02:00
  • 05627dc512 util: Fix licensing information display in --version Stefano Brivio 2023-09-08 17:34:27 +02:00
  • 46f915ddee tcp: Correct handling of FIN,ACK followed by SYN David Gibson 2023-09-08 11:49:53 +10:00
  • b3f2210b05 tcp: Consolidate paths where we initiate reset on tap interface David Gibson 2023-09-08 11:49:52 +10:00
  • f984003fdf tcp: Correctly handle RST followed rapidly by SYN David Gibson 2023-09-08 11:49:51 +10:00
  • 60d3915ea3 tcp: Return consumed packet count from tcp_data_from_tap() David Gibson 2023-09-08 11:49:50 +10:00
  • 5fb376de6e tcp: Never hash match closed connections David Gibson 2023-09-08 11:49:49 +10:00
  • 805dd109a4 tcp: Remove some redundant packet_get() operations David Gibson 2023-09-08 11:49:48 +10:00
  • 7b56117dae udp, tap: Correctly advance through packets in udp_tap_handler() David Gibson 2023-09-08 11:49:47 +10:00
  • 043a70b885 tcp, tap: Correctly advance through packets in tcp_tap_handler() David Gibson 2023-09-08 11:49:46 +10:00
  • ee58f37db0 test: Add Podman system test with bats for pasta Stefano Brivio 2023-08-23 15:51:49 +02:00
  • 1f24d3efb4 dhcp: support BOOTP clients Stas Sergeev 2023-08-29 14:14:06 +05:00
  • d8c4f23ecd tap: fix uses of l3_len in tap4_handler() Stas Sergeev 2023-08-29 21:44:06 +05:00
  • a405d0c026 fedora: Replace pasta hard links by separate builds Stefano Brivio 2023-09-07 01:57:00 +02:00
  • 63a8302961 apparmor: Add pasta's own profile Stefano Brivio 2023-09-06 22:55:22 +02:00
  • abf5ef6c22 apparmor: Allow pasta to remount /proc, access entries under its own copy Stefano Brivio 2023-09-06 21:46:14 +02:00
  • e2ad420fa2 apparmor: Allow read-only access to uid_map Stefano Brivio 2023-09-06 21:09:47 +02:00
  • b686afa23e apparmor: Explicitly pass options we use while remounting root filesystem Stefano Brivio 2023-09-06 20:54:52 +02:00
  • 6d3e426d2f apparmor: Use abstractions/nameservice to deal with symlinked resolv.conf Stefano Brivio 2023-09-06 20:39:12 +02:00
  • a7e4bfb857 pasta: Strip RTA_PREFSRC when copying routes to the namespace David Gibson 2023-08-23 17:03:38 +10:00
  • 5e4f7b92b0 netlink: Set IFA_ADDRESS, not just IFA_LOCAL, while adding IPv4 addresses Stefano Brivio 2023-08-23 09:34:44 +02:00
  • 69303cafbe tcp: Remove broken pressure calculations for tcp_defer_handler() David Gibson 2023-08-22 15:30:00 +10:00
  • eb8fbdbfd0 inany: Add missing double include guard to inany.h David Gibson 2023-08-22 15:29:59 +10:00
  • b60fa33eea tcp: Move in_epoll flag out of common connection structure David Gibson 2023-08-22 15:29:58 +10:00
  • 955dd3251c tcp, udp: Don't pre-fill IPv4 destination address in headers David Gibson 2023-08-22 15:29:57 +10:00
  • 5bf200ae8a tcp, udp: Don't include destination address in partially precomputed csums David Gibson 2023-08-22 15:29:56 +10:00
  • 8aa32009ed tcp: Consistent usage of ports in tcp_seq_init() David Gibson 2023-08-22 15:29:55 +10:00
  • bccfbff193 tcp: More precise terms for addresses and ports David Gibson 2023-08-22 15:29:54 +10:00
  • cee4a2da48 tap: Pass source address to protocol handler functions David Gibson 2023-08-22 15:29:53 +10:00
  • 673bde1f21 tap: Don't clobber source address in tap6_handler() David Gibson 2023-08-22 15:29:52 +10:00
  • 0af928eaa0 selinux: Fix domain transitions for typical commands pasta might run Stefano Brivio 2023-08-16 07:20:30 +02:00
  • 30817fdd4e selinux: Allow pasta_t to read nsfs entries Stefano Brivio 2023-08-15 19:56:15 +02:00
  • 977652155d selinux: Add rules for sysctl and /proc/net accesses Stefano Brivio 2023-08-15 19:50:48 +02:00
  • 56b8633a6b selinux: Update policy to fix user/group settings Stefano Brivio 2023-08-15 19:37:46 +02:00
  • 62059058cf selinux: Fix user namespace creation after breaking kernel change Stefano Brivio 2023-08-15 18:53:48 +02:00
  • 0c42326204 selinux: Use explicit paths for binaries in file context Stefano Brivio 2023-08-15 18:34:45 +02:00
  • 479a9e1b4d fedora: Install pasta as hard link to ensure SELinux file context match Stefano Brivio 2023-08-15 18:22:02 +02:00
  • 5f1fcfffe4 tap: Fix format specifier in tap4_is_fragment() warning Stefano Brivio 2023-08-16 08:20:17 +02:00
  • da0aeb9080 netlink: Don't propagate host address expiry to the container David Gibson 2023-08-15 13:51:29 +10:00
  • b4f8ffd5c4 netlink: Correctly calculate attribute length for address messages David Gibson 2023-08-15 13:51:28 +10:00
  • 4b9f4c2513 netlink: Remove redundant check on nlmsg_type David Gibson 2023-08-15 13:51:27 +10:00
  • 5ed4e034b2 conf: Demote overlapping port ranges error to a warning David Gibson 2023-08-11 17:36:00 +10:00
  • ae5f6c8e1b epoll: Use different epoll types for passt and pasta tap fds David Gibson 2023-08-11 15:12:29 +10:00
  • eda4f1997e epoll: Split listening Unix domain socket into its own type David Gibson 2023-08-11 15:12:28 +10:00
  • 485b5fb8f9 epoll: Split handling of listening TCP sockets into their own handler David Gibson 2023-08-11 15:12:27 +10:00
  • e6f81e5578 epoll: Split handling of TCP timerfds into its own handler function David Gibson 2023-08-11 15:12:26 +10:00
  • 8271a2ed57 epoll: Tiny cleanup to udp_sock_handler() David Gibson 2023-08-11 15:12:25 +10:00
  • 05f606ab0b epoll: Split handling of ICMP and ICMPv6 sockets David Gibson 2023-08-11 15:12:24 +10:00
  • d850caab66 epoll: Fold sock_handler into general switch on epoll event fd David Gibson 2023-08-11 15:12:23 +10:00
  • 6a6735ece4 epoll: Always use epoll_ref for the epoll data variable David Gibson 2023-08-11 15:12:22 +10:00
  • 3401644453 epoll: Generalize epoll_ref to cover things other than sockets David Gibson 2023-08-11 15:12:21 +10:00
  • e26282b67d tap: Fold reset handling into tap_handler_passt() David Gibson 2023-08-11 15:12:20 +10:00
  • 0d870c5da6 tap: Fold reset handling into tap_handler_pasta() David Gibson 2023-08-11 15:12:19 +10:00
  • 548e05f76a tap: Clean up behaviour for errors on listening Unix socket David Gibson 2023-08-11 15:12:18 +10:00
  • 28877b0fcd tap: Clean up tap reset path David Gibson 2023-08-11 15:12:17 +10:00
  • b2bea0047d tap: fix seq->p.count limit Laurent Vivier 2023-08-09 11:23:42 +02:00
  • 02b30e7871 netlink: Propagate errors for "dup" operations David Gibson 2023-08-03 17:19:56 +10:00
  • 5103811e2d netlink: Propagate errors for "dump" operations David Gibson 2023-08-03 17:19:55 +10:00
  • 4d6e9d0816 netlink: Always process all responses to a netlink request David Gibson 2023-08-03 17:19:54 +10:00
  • 8de9805224 netlink: Propagate errors for "set" operations David Gibson 2023-08-03 17:19:53 +10:00
  • a309318275 netlink: Add nl_foreach_oftype to filter response message types David Gibson 2023-08-03 17:19:52 +10:00
  • 99ddd7ce83 netlink: Split nl_req() to allow processing multiple response datagrams David Gibson 2023-08-03 17:19:51 +10:00
  • 8ec757d003 netlink: Clearer reasoning about the netlink response buffer size David Gibson 2023-08-03 17:19:50 +10:00
  • 9d4ab98d53 netlink: Add nl_do() helper for simple operations with error checking David Gibson 2023-08-03 17:19:49 +10:00
  • 282581ba84 netlink: Fill in netlink header fields from nl_req() David Gibson 2023-08-03 17:19:48 +10:00
  • f62600b2df netlink: Treat send() or recv() errors as fatal David Gibson 2023-08-03 17:19:47 +10:00
  • 0a568c847d netlink: Start sequence number from 1 instead of 0 David Gibson 2023-08-03 17:19:46 +10:00
  • dee7594180 netlink: Make nl_*_dup() use a separate datagram for each request David Gibson 2023-08-03 17:19:45 +10:00
  • 576df71e8b netlink: Explicitly pass netlink sockets to operations David Gibson 2023-08-03 17:19:44 +10:00
  • cfe7509e5c netlink: Use struct in_addr for IPv4 addresses, not bare uint32_t David Gibson 2023-08-03 17:19:43 +10:00
  • 257a6b0b7e netlink: Split nl_route() into separate operation functions David Gibson 2023-08-03 17:19:42 +10:00
  • eff3bcb245 netlink: Split nl_addr() into separate operation functions David Gibson 2023-08-03 17:19:41 +10:00
  • e96182e9c2 netlink: Split up functionality of nl_link() David Gibson 2023-08-03 17:19:40 +10:00
  • 0cf7bf31f6 tap: Remove unnecessary global tun_ns_fd David Gibson 2023-08-02 13:15:42 +10:00
  • 7bc9b66fc2 tap: More detailed error reporting in tap_ns_tun() David Gibson 2023-08-02 13:15:41 +10:00
  • 6920adda0d util: Make ns_enter() a void function and report setns() errors David Gibson 2023-08-02 13:15:40 +10:00
  • b15ce5b6ce Use static assertion to verify that union epoll_ref is the right size David Gibson 2023-08-01 13:36:47 +10:00
  • 8218d99013 Use C11 anonymous members to make poll refs less verbose to use David Gibson 2023-08-01 13:36:46 +10:00
  • 649068a287 Allow C11 code, not just C99 code David Gibson 2023-08-01 13:36:45 +10:00
  • 023d684420 Revert "MAKE: Fix parallel builds; .o files; .gitignore; new makedocs" Stefano Brivio 2023-07-10 06:33:44 +02:00
  • cc2a6bec3c MAKE: Fix parallel builds; .o files; .gitignore; new makedocs KuhnChris 2023-06-28 16:07:28 +02:00
  • e01759e2fa tap: Explicitly drop IPv4 fragments, and give a warning David Gibson 2023-07-05 14:35:16 +10:00
  • 4c98d3be80 conf: Correct length checking of interface names in conf_ports() David Gibson 2023-06-28 15:11:15 +10:00
  • c4017cc4a1 conf: Fix size checking of -I interface name David Gibson 2023-06-28 15:11:14 +10:00
  • 289301b39c netlink: Use correct interface index in NL_SET mode David Gibson 2023-06-27 20:22:33 +10:00
  • 32660cea04 pasta: include errno in error message Paul Holzinger 2023-06-23 12:23:50 +02:00
  • 594dce66d3 isolation: keep CAP_SYS_PTRACE when required Paul Holzinger 2023-06-23 10:25:32 +02:00
  • 5b646b9b10 conf: Accept -a and -g without --config-net in pasta mode Stefano Brivio 2023-06-23 09:52:36 +02:00
  • d034fb698f conf: Make -a/--address really imply --no-copy-addrs Stefano Brivio 2023-06-22 15:46:41 +02:00