github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-05-17 07:41:14 +00:00
Code Issues Projects Releases Wiki Activity
2,487 Commits 1 Branch 32 Tags
2ae5b63d023717fb1791a9d5caa4ef87cbdad81c
Commit Graph

35 Commits

Author SHA1 Message Date
Thomas Gazagnaire
2ae5b63d02 miragesdk: add mimimal tests for the SDK 
Very minimal so far, but the plan is to add much more of them.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 15:41:23 +02:00
Thomas Gazagnaire
94c437cf87 miragesdk: add a dev-clean target 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 14:28:19 +02:00
Thomas Gazagnaire
5b3f80a104 miragesdk: fix dev target 
Paths have changed since 47b9f08b16

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 14:27:38 +02:00
Thomas Gazagnaire
47b9f08b16 miragesdk: move files around 
The new hiearchy is:
- pkg/{init,mirage-compile}: additional Moby packages
- src/sdk -> the begining of the MirageOS SDK for Moby
- src/dhcp-client -> the code for the MirageOS dhcp-client service

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 13:39:20 +02:00
Thomas Gazagnaire
2497528665 miragesdk: first cut of a MirageSDK 
Today the SDK only contains helper code to create secure Moby services based on
MirageOS. Today the SDK only defines the architecture and the communication
pipes between the privileged service and the calf; the proper communication
API will be specified after we have a few more use-cases.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 12:34:48 +02:00
Thomas Gazagnaire
e18e7ebeb8 miragesdk: minor cleanups 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 12:34:41 +02:00
Anil Madhavapeddy
16b09454a5 Merge pull request #1407 from avsm/miragesdk-readme 
miragesdk: more tweaks to README markdown
 2017-03-28 22:20:18 +01:00
Justin Cormack
38327f2cb2 Merge pull request #1373 from avsm/okernel 
kernel: add build config for the experimental "split kernel"
 2017-03-28 23:11:12 +02:00
Anil Madhavapeddy
738683af14 miragesdk: more tweaks to README markdown 
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 22:07:15 +01:00
Anil Madhavapeddy
b198765bc7 projects: remove double word typo in README.md 
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 19:13:17 +01:00
Anil Madhavapeddy
018d82f70a miragesdk: add a README explaining the background of the project 
Also link it to the roadmap and why-dhcp docs, and include review
comments from @yomimono

Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 19:13:17 +01:00
Anil Madhavapeddy
306aa1781d okernel: Make README more Markdown friendly 
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 14:32:06 +01:00
Anil Madhavapeddy
85b37697ac kernel: add build config for the experimental "split kernel" 
The aim of the split kernel is to introduce a level of intra-kernel
protection into the kernel so that, amongst other things, it can
offer lifetime guarantees over kernel code and data integrity.

These patches only wire in the kernel build from a 4.11-rc3 snapshot.
The userspace tools will follow shortly.  Instructions came via
https://github.com/linux-okernel/linux-okernel (linux-okernel branch)
and via @edwards-n and @t-koulouris.

The build can be done via `cd projects/okernel && make`.

Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 14:32:06 +01:00
Thomas Gazagnaire
4e04b01928 miragesdk: re-org source code 
Split the bits which can be re-used in other services (e.g. init dance
and the server-side of the control path). `main.ml` now only contains what
is specific to the DHCP logic (+ the /caf directory).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 14:42:02 +02:00
Thomas Gazagnaire
2ed0f4438b miragesdk: update TODO list 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:11:17 +02:00
Thomas Gazagnaire
b5daec4831 miragesdk: use a custom BPF filter to allow the calf to get a DHCP lease 
Plus a few more minor improvements:

- compile with jbuilder.
- start working on the control path.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:55 +02:00
Thomas Gazagnaire
549fdeb743 miragesdk: add strace in the init image 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Thomas Gazagnaire
844ec5a578 miragesdk: remove dhccpd in the init container 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Thomas Gazagnaire
c67e74c35a miragesdk: fork pkg/init to experiment with removal of dhcpcd 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Mindy Preston
ec87a338db more documentation on why & what we're doing with dhcp 
Signed-off-by: Mindy Preston <mindy.preston@docker.com>
 2017-03-27 11:55:51 -05:00
Rolf Neugebauer
30914750df Rename .yaml to .yml 
docker-compose and other utilities use the .yml extension.
For consistency rename all .yaml to .yml

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-03-27 09:53:26 +02:00
Riyaz Faizullabhoy
3039ebd5d5 wireguard: more details in roadmap 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-22 14:18:42 -07:00
Justin Cormack
87836853da Merge pull request #1353 from tych0/selinux 
projects: add selinux project
 2017-03-21 18:43:18 +00:00
Tycho Andersen
d69c69c90a selinux: include libselinux-utils as well 
This adds things like getenforce and setenforce.

Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-03-21 12:11:00 -06:00
Tycho Andersen
348e83f3e4 selinux: add readme 
Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-03-21 12:08:14 -06:00
Tycho Andersen
31b0c2a9b6 projects: add selinux project 
Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-03-21 11:42:11 -06:00
Riyaz Faizullabhoy
7b65b444e2 wireguard: include Dockerfile and kernel debug config for build 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-21 09:59:40 -07:00
Thomas Gazagnaire
a584eece13 mirageSDK: rename README.md into roadmap.md 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-20 15:00:47 +01:00
Justin Cormack
60a896f7b5 Initial overview of the okernel project 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-03-19 14:22:53 +00:00
Justin Cormack
6278914990 fix typo security->secure 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-03-19 13:50:21 +00:00
Justin Cormack
ffe89b1911 Add Summary page for projects 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-03-19 11:56:42 +00:00
Justin Cormack
c437bf77d6 Merge pull request #1322 from samoht/mirage 
[RFC] Very early draft of using a MirageOS unikernel as a system container
 2017-03-17 21:56:56 +00:00
Thomas Gazagnaire
e8b343a333 Restructure the mirage/dhcp container into the new project structure 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-17 17:43:20 +01:00
Riyaz Faizullabhoy
c4f7fd646a project: KSPP 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-17 16:39:46 +00:00
Riyaz Faizullabhoy
f4d122948a Keep WireGuard configuration local to projects subdir 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-17 15:49:22 +00:00