platform_external_minijail/examples, branch master Unnamed repository; edit this file 'description' to name the repository. Add scaffolding to support SECCOMP_RET_LOG. 2019-06-18T19:14:15+00:00 Jorge Lucangeli Obes jorgelo@google.com 2019-06-10T20:17:03+00:00 e1a868923c2daf9a7ed3b9300f5e18ca295bf0e8 This CL adds some scaffolding to support SECCOMP_RET_LOG. It replaces individual logging options in syscall_filter.h with a filter options struct. Going forward, we'll have the following combinations: * If tsync is not requested and logging is not requested, kill with SECCOMP_RET_KILL. * If tsync is requested and logging is not requested, kill with SECCOMP_RET_TRAP. * If logging is requested and SECCOMP_RET_LOG is not available, use existing logging mechanism (which implies blocking with RET_TRAP). * If logging is requested and SECCOMP_RET_LOG is available, use SECCOMP_RET_LOG. Feature detection is done by reading $ cat /proc/sys/kernel/seccomp/actions_avail kill_process kill_thread trap errno trace log allow Note that there is a slight change: before, while we didn't officially support -L in production settings, it wasn't completely unsafe to do so. SECCOMP_RET_LOG, on the other hand, is completely unsafe so it should be properly compile-time restricted to debug builds. The next CL will implement the above. A follow up CL after the next one will introduce SECCOMP_RET_KILL_PROCESS. Bug: chromium:934859 Test: Existing unit tests. Change-Id: I83c1c0adbc983f2be39003d55b0314761e8de657 
This CL adds some scaffolding to support SECCOMP_RET_LOG.
It replaces individual logging options in syscall_filter.h with a
filter options struct.

Going forward, we'll have the following combinations:
* If tsync is not requested and logging is not requested,
kill with SECCOMP_RET_KILL.
* If tsync is requested and logging is not requested,
kill with SECCOMP_RET_TRAP.
* If logging is requested and SECCOMP_RET_LOG is not available,
use existing logging mechanism (which implies blocking with RET_TRAP).
* If logging is requested and SECCOMP_RET_LOG is available,
use SECCOMP_RET_LOG.

Feature detection is done by reading
$ cat /proc/sys/kernel/seccomp/actions_avail
kill_process kill_thread trap errno trace log allow

Note that there is a slight change: before, while we didn't officially
support -L in production settings, it wasn't completely unsafe to do
so. SECCOMP_RET_LOG, on the other hand, is completely unsafe so it
should be properly compile-time restricted to debug builds.

The next CL will implement the above. A follow up CL after the next one
will introduce SECCOMP_RET_KILL_PROCESS.

Bug: chromium:934859
Test: Existing unit tests.

Change-Id: I83c1c0adbc983f2be39003d55b0314761e8de657
Add sample policy for cat(1). 2019-03-18T15:44:26+00:00 Jorge Lucangeli Obes jorgelo@google.com 2017-03-22T14:08:50+00:00 1a9e9101a215eba4071e9058540926b08451210c This is one of the smallest working examples of seccomp being used on a "real world" executable. Bug: None Test: As root: minijail0 -S cat.policy -- /bin/cat <file>. Test: As regular user: Test: ./minijail0 -n -S examples/cat.policy -- /bin/cat /proc/self/status Change-Id: I521be5d97828f98482282e7996803ffead265bcf 
This is one of the smallest working examples of seccomp being used on a
"real world" executable.

Bug: None
Test: As root: minijail0 -S cat.policy -- /bin/cat <file>.
Test: As regular user:
Test: ./minijail0 -n -S examples/cat.policy -- /bin/cat /proc/self/status

Change-Id: I521be5d97828f98482282e7996803ffead265bcf
util: add an ARRAY_SIZE helper. 2017-01-19T16:20:32+00:00 Mike Frysinger vapier@google.com 2017-01-18T00:29:00+00:00 404d2bb02680f9f433dbe9c71f87bf1f003bf495 Bug: None Test: `make tests` pass Change-Id: Iecd2015b7ff96cdd78ff61c905ad065e272c2885 
Bug: None
Test: `make tests` pass
Change-Id: Iecd2015b7ff96cdd78ff61c905ad065e272c2885
Add libminijail test executable. 2016-02-03T23:04:12+00:00 Jorge Lucangeli Obes jorgelo@google.com 2016-02-03T23:00:42+00:00 ac9e342ef745e9057edc4e1b02a52d8943ea608a This is useful to test basic Minijail functionality and will be used by future Autotest tests. The code is currently very similar to 'drop_privs.cpp', but I expect that to change in the future. Bug: 25368607 Change-Id: I4db3359b07c3b37fa4ac9e24598a5d21623383d5 
This is useful to test basic Minijail functionality and will be used by
future Autotest tests. The code is currently very similar to
'drop_privs.cpp', but I expect that to change in the future.

Bug: 25368607
Change-Id: I4db3359b07c3b37fa4ac9e24598a5d21623383d5
Add syscall logging support for x86_64 architectures on Android. 2016-01-25T23:11:29+00:00 Jorge Lucangeli Obes jorgelo@google.com 2016-01-25T23:07:30+00:00 b98ad29bc07149cc8ffa29b986c7bc4339c9ad82 Bug: 26776934 Change-Id: I54d62bb74e4359beca4852484a77a3a007f17c42 
Bug: 26776934
Change-Id: I54d62bb74e4359beca4852484a77a3a007f17c42
Track rename from base/ to android-base/. 2015-12-08T16:54:43+00:00 Elliott Hughes enh@google.com 2015-12-08T16:54:43+00:00 ce7e7c349d84f9eb5059ebe8a3914117f8b59f2b Change-Id: If3a83674cf10a370610069612903190992f29830 
Change-Id: If3a83674cf10a370610069612903190992f29830
Add short libminijail example. 2015-12-05T02:02:24+00:00 Jorge Lucangeli Obes jorgelo@google.com 2015-12-04T22:44:53+00:00 6f967c545e8383ebe1f9331e0208468bff883f2e Now that the filesystem on the emulators can be remounted RW, having an executable that can be compiled and pushed to the system to test functionality is very convenient. Bug: None Change-Id: I72f64ffe137cf5b24c1c74204986817a5929825d 
Now that the filesystem on the emulators can be remounted RW,
having an executable that can be compiled and pushed to the system
to test functionality is very convenient.

Bug: None
Change-Id: I72f64ffe137cf5b24c1c74204986817a5929825d