Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-next-pull-request' into staging
This misc series of changes:
- Improves documentation of SSH fingerprint checking
- Fixes SHA256 fingerprints with non-blockdev usage
- Blocks the clone3, setns, unshare & execveat syscalls
with seccomp
- Blocks process spawning via clone syscall, but allows
threads, with seccomp
- Takes over seccomp maintainer role
- Expands firmware descriptor spec to allow flash
without NVRAM
# gpg: Signature made Thu 17 Feb 2022 11:57:13 GMT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/misc-next-pull-request:
docs: expand firmware descriptor to allow flash without NVRAM
MAINTAINERS: take over seccomp from Eduardo Otubo
seccomp: block setns, unshare and execveat syscalls
seccomp: block use of clone3 syscall
seccomp: fix blocking of process spawning
seccomp: add unit test for seccomp filtering
seccomp: allow action to be customized per syscall
block: print the server key type and fingerprint on failure
block: support sha256 fingerprint with pre-blockdev options
block: better document SSH host key fingerprint checking
Signed-off-by: 
Peter Maydell <peter.maydell@linaro.org>
No related branches found
No related tags found
Showing
- MAINTAINERS 3 additions, 2 deletionsMAINTAINERS
- block/ssh.c 35 additions, 7 deletionsblock/ssh.c
- docs/interop/firmware.json 46 additions, 8 deletionsdocs/interop/firmware.json
- docs/system/qemu-block-drivers.rst.inc 26 additions, 4 deletionsdocs/system/qemu-block-drivers.rst.inc
- softmmu/qemu-seccomp.c 216 additions, 66 deletionssoftmmu/qemu-seccomp.c
- tests/unit/meson.build 4 additions, 0 deletionstests/unit/meson.build
- tests/unit/test-seccomp.c 269 additions, 0 deletionstests/unit/test-seccomp.c
Loading
Please register or sign in to comment