github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-11-02 21:52:09 +00:00
Code Issues Projects Releases Wiki Activity
2,472 Commits 1 Branch 31 Tags
c06454273b7c91a3b4ffff0ce19796daac3638fc
Commit Graph

34 Commits

Author SHA1 Message Date
Thomas Gazagnaire
c06454273b miragesdk: add a dev-clean target 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 14:28:19 +02:00
Thomas Gazagnaire
ec988eb93b miragesdk: fix dev target 
Paths have changed since 47b9f08b16

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 14:27:38 +02:00
Thomas Gazagnaire
7d08325c7a miragesdk: move files around 
The new hiearchy is:
- pkg/{init,mirage-compile}: additional Moby packages
- src/sdk -> the begining of the MirageOS SDK for Moby
- src/dhcp-client -> the code for the MirageOS dhcp-client service

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 13:39:20 +02:00
Thomas Gazagnaire
d008e859c6 miragesdk: first cut of a MirageSDK 
Today the SDK only contains helper code to create secure Moby services based on
MirageOS. Today the SDK only defines the architecture and the communication
pipes between the privileged service and the calf; the proper communication
API will be specified after we have a few more use-cases.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 12:34:48 +02:00
Thomas Gazagnaire
13d110e2c7 miragesdk: minor cleanups 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 12:34:41 +02:00
Anil Madhavapeddy
df33c8a4d3 Merge pull request #1407 from avsm/miragesdk-readme 
miragesdk: more tweaks to README markdown
 2017-03-28 22:20:18 +01:00
Justin Cormack
e85b432f19 Merge pull request #1373 from avsm/okernel 
kernel: add build config for the experimental "split kernel"
 2017-03-28 23:11:12 +02:00
Anil Madhavapeddy
5c9d5315e5 miragesdk: more tweaks to README markdown 
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 22:07:15 +01:00
Anil Madhavapeddy
3de5c415ef projects: remove double word typo in README.md 
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 19:13:17 +01:00
Anil Madhavapeddy
ab72dbb0e4 miragesdk: add a README explaining the background of the project 
Also link it to the roadmap and why-dhcp docs, and include review
comments from @yomimono

Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 19:13:17 +01:00
Anil Madhavapeddy
c3d4049180 okernel: Make README more Markdown friendly 
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 14:32:06 +01:00
Anil Madhavapeddy
bb49cab9c2 kernel: add build config for the experimental "split kernel" 
The aim of the split kernel is to introduce a level of intra-kernel
protection into the kernel so that, amongst other things, it can
offer lifetime guarantees over kernel code and data integrity.

These patches only wire in the kernel build from a 4.11-rc3 snapshot.
The userspace tools will follow shortly.  Instructions came via
https://github.com/linux-okernel/linux-okernel (linux-okernel branch)
and via @edwards-n and @t-koulouris.

The build can be done via `cd projects/okernel && make`.

Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 14:32:06 +01:00
Thomas Gazagnaire
56085a3e6c miragesdk: re-org source code 
Split the bits which can be re-used in other services (e.g. init dance
and the server-side of the control path). `main.ml` now only contains what
is specific to the DHCP logic (+ the /caf directory).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 14:42:02 +02:00
Thomas Gazagnaire
7fa21377b5 miragesdk: update TODO list 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:11:17 +02:00
Thomas Gazagnaire
1bee082c6c miragesdk: use a custom BPF filter to allow the calf to get a DHCP lease 
Plus a few more minor improvements:

- compile with jbuilder.
- start working on the control path.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:55 +02:00
Thomas Gazagnaire
b0f758a20d miragesdk: add strace in the init image 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Thomas Gazagnaire
18635ed2e1 miragesdk: remove dhccpd in the init container 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Thomas Gazagnaire
ebdf371421 miragesdk: fork pkg/init to experiment with removal of dhcpcd 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Mindy Preston
46e650ede4 more documentation on why & what we're doing with dhcp 
Signed-off-by: Mindy Preston <mindy.preston@docker.com>
 2017-03-27 11:55:51 -05:00
Rolf Neugebauer
e9fbe43b34 Rename .yaml to .yml 
docker-compose and other utilities use the .yml extension.
For consistency rename all .yaml to .yml

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-03-27 09:53:26 +02:00
Riyaz Faizullabhoy
60816eaa48 wireguard: more details in roadmap 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-22 14:18:42 -07:00
Justin Cormack
7c4768bb54 Merge pull request #1353 from tych0/selinux 
projects: add selinux project
 2017-03-21 18:43:18 +00:00
Tycho Andersen
7c873da17b selinux: include libselinux-utils as well 
This adds things like getenforce and setenforce.

Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-03-21 12:11:00 -06:00
Tycho Andersen
ae423e428b selinux: add readme 
Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-03-21 12:08:14 -06:00
Tycho Andersen
a8bab0bddb projects: add selinux project 
Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-03-21 11:42:11 -06:00
Riyaz Faizullabhoy
cc7d80be13 wireguard: include Dockerfile and kernel debug config for build 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-21 09:59:40 -07:00
Thomas Gazagnaire
ad357c21b8 mirageSDK: rename README.md into roadmap.md 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-20 15:00:47 +01:00
Justin Cormack
569652fd36 Initial overview of the okernel project 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-03-19 14:22:53 +00:00
Justin Cormack
9854394dda fix typo security->secure 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-03-19 13:50:21 +00:00
Justin Cormack
ecea479443 Add Summary page for projects 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-03-19 11:56:42 +00:00
Justin Cormack
f4bf27e044 Merge pull request #1322 from samoht/mirage 
[RFC] Very early draft of using a MirageOS unikernel as a system container
 2017-03-17 21:56:56 +00:00
Thomas Gazagnaire
30be4647ad Restructure the mirage/dhcp container into the new project structure 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-17 17:43:20 +01:00
Riyaz Faizullabhoy
4caa2d24b4 project: KSPP 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-17 16:39:46 +00:00
Riyaz Faizullabhoy
8b8a544ce8 Keep WireGuard configuration local to projects subdir 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-03-17 15:49:22 +00:00