| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| | |
mainline-release
Change-Id: I7d42ea9a9a13a6e98078a29ea1be6c55713a2ca3
|
| |\
| | |
| | |
| | |
| | |
| | | |
a8a2f8b68e am: 13c257bca9
Change-Id: I99438b51e27733421847deec026b057e2288a4e9
|
| | |\
| | | |
| | | |
| | | | |
Change-Id: I8b6325faf1c5cda76ba1fc15777dd1bbbd25e633
|
| | | |\
| | | | |
| | | | |
| | | | | |
Change-Id: I6072fee2699f0a84fe5cba6bf3cb74b4b29bd485
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Modules contributing mainline modules (APK/APEX) should set
min_sdk_version as well as apex_available.
For now setting min_sdk_version doesn't change build outputs.
But build-time checks will be added soon.
Bug: 152655956
Test: m
Merged-In: I212003d617a04b1cf42c4f5a119708f01401caa3
Change-Id: I212003d617a04b1cf42c4f5a119708f01401caa3
(cherry picked from commit 42b623b81b8f19a2e90543c59e9b5b6fdec4dd60)
|
|\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
mainline-release
Change-Id: I6a0675cc573bb56797f3151b3a8c550c4bd667c0
|
|/| | | |
| |/ / /
| | | |
| | | | |
Change-Id: I7684e59bbab75da4fd80f6a0e74fe51059c90199
|
|/| | |
| |/ /
| | |
| | | |
Change-Id: I1e274eac8587def4f04e55d458b4cd2631601d4a
|
|/| |
| |/
| |
| | |
Change-Id: Ia96c2a542dc6e631d0ee93776051c982393702ad
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The marked library(ies) were available to the APEXes via the
hand-written whitelist in build/soong/apex/apex.go. Trying to remove the
whitelist by adding apex_available property to the Android.bp of the
libraries.
Exempt-From-Owner-Approval: cherry-pick from AOSP
Bug: 150999716
Test: m
Merged-In: Iddee254c1570bcd0fc9068c970ebee27a85903f2
(cherry picked from commit e3a5cae1bf7d26d7c598e3ff23008963208e9bd3)
Change-Id: Iddee254c1570bcd0fc9068c970ebee27a85903f2
|
|\
| |
| |
| |
| |
| | |
38e5dea8f4
Change-Id: Ic444d70bb071db4663ae831ef51821243fd9fcfb
|
| |\
| | |
| | |
| | | |
Change-Id: If1dfdb79cca1c0df74b1041ea352a79ba9506b6d
|
| | |\
| | | |
| | | |
| | | | |
Change-Id: Ibb065bf19cff7f6f7d6ca2b36df074f098473c01
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Bug: b/149981813
Change-Id: If598b139c621a5c5279e50588b6924c4b09c688c
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
am: bc484f2d51
Change-Id: I37b56fe3deaa810aa3908cb7b2859172c6fbe663
|
| |\| |
| | | |
| | | |
| | | | |
Change-Id: I2e36eb1b66d2bac3391d65efc5b7f0135ff276db
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: Ie99a16362ceb119f7c764822d960dd9c5a157505
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add the --add-suppl-group command line option to manually control
the supplementary groups vector of the jailed program.
Can be used multiple times to add several groups.
Test: make tests
Test: `minijail0 -u 1 -g 2 --add-suppl-group 3 --add-suppl-group irc /usr/bin/id`
returns:
"uid=1(daemon) gid=2(bin) groups=2(bin),3(sys),39(irc)"
Change-Id: I49ce8c095888c743cd7ed55b3ebf4f54f896c9ac
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
5e4bdfb4b6 am: 5680073158
Change-Id: I7e953a2ba92c2f03e306ad3368f226e35cb5d8e9
|
| |\| |
| | | |
| | | |
| | | |
| | | |
| | | | |
5e4bdfb4b6
Change-Id: I2281c29fa5521e447dd8f0519842bc467a8014be
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: I96e8a13cb256131424400b72180b8f60c21463e3
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Recent changes in crosvm:
https://chromium.googlesource.com/chromiumos/platform/crosvm/+/a2d845a569494a3924e587b7d63487832cf55ab8
use minijail as a separate dependency.
This allows us to use the current minijail in AOSP to build crosvm
in the Android source tree.
Change-Id: I15cc9b3e408deec1b34ff387a2c27fd3ac1cd243
|
|\| | |
| | | |
| | | |
| | | | |
Change-Id: If7710b12285a330b6ead7daa8b76d2376a808f89
|
| |\| |
| | | |
| | | |
| | | | |
Change-Id: I0e845f62eac284e1a2c54965bd43b2fef998f252
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: I7a3df1c757e958d038aab6cea6e3c0687f9075cb
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When dump_constants is compiled for newer AMD processors it can end up using a
bextr instruction that may not be present on other makes/models of processors.
The act of calling std::cout on a numeric type ends up in
num_put<,>::do_put() which does:
const unsigned __nbuf = (numeric_limits<unsigned long>::digits / 3)
+ ((numeric_limits<unsigned long>::digits % 3) != 0)
+ ((__iob.flags() & ios_base::showbase) != 0) + 1;
ios_base::showbase is 0x0200, so the bit test against showbase results
in:
bextr $0x109,0x8(%rdx),%r12d
which says to extract 1 bit from bit offset 9. A workaround is to
use to_string() to avoid passing numeric types to cout. This alternative
is straightforward and the implementation is simpler (to_string() does
not have formatting nor locale options), though it doesn't prevent
the problem from occurring again in the future (e.g., when the source or
compiler changes).
Bug: None
Test: `make tests`. Ran dump_constants on arm32, arm64, and x64 in
CrOS build environment.
Change-Id: Ic16574141f6c935bff958e5d1f27c81994a993ab
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
am: e40282680a
Change-Id: Ia88f46b12c90a9e2f24d1c701ed1509afafef25e
|
| |\| |
| | | |
| | | |
| | | | |
Change-Id: Idc4e831bdb1c4893322b78257672653fd0933b49
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: I74da83a5da4190d9f21370e07638c7cf88e4c8dd
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This expands support for passing an environment for the child process
also for the LD_PRELOAD case. The code now constructs the enviroment
for the child in a separate environment array for both code paths.
This also avoids messing with the parent's environment, which may have
unintended side effects.
BUG=chromium:1050997
TEST=New unit tests.
Change-Id: Ib05cad1d1ebe6e10d429501c8e467c3a53632753
|
|\| | |
| | | |
| | | |
| | | | |
Change-Id: I0e25c88f813c63e3f2529e1eb8129d2a1c1ec7eb
|
| |\| |
| | | |
| | | |
| | | | |
Change-Id: Iacf6ae8059e1f71efdba8c14a2ccef041aaab475
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: I482eaf9c4000ce4dac5f542f2afb32df355d1628
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The best I could come up with for allowing compile_seccomp_policy
to be an executable script installed via setup.py.
Originally I cooked up a trick where setup.py also had:
data_files=[('minijail', ['constants.json'])],
and compile_seccomp_policy.py used:
constants_file = 'constants.json'
if pkg_resources.resource_exists(__name__, constants_file):
constants_file = pkg_resources.resource_filename(__name__, constants_file)
so that a package can ship with a constants.json and auotmatically use
it. This works when installed as a 'dist-package' egg, but CrOS installs
as a 'site-package' where this trick don't work (constants.json ends up in
another location under /usr, not to mention being stored with a board) and it
complicates the dependency story for the Makefile so I punted.
For both 'dist-package' and 'site-package' the plain "import XXX" form doesn't work
for files located in the same directory (results in a ModuleNotFoundError error),
so I've added a "from minijail import XXX" fallback so new & original cases both
work okay.
Bug: None
Test: `make tests`. Ran 'python3 setup.py install --record files.txt'
and verified the stubs in /usr/local/bin could be used to launch the 3
scripts without import errors.
Change-Id: I61fe0b624960c89fd715c1c60213edc2b736ad1c
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
505ac7d1f1 am: 1c45fffb20
Change-Id: Id94a41d0e52c5dce0d83ff453264125d6d95f917
|
| |\| |
| | | |
| | | |
| | | |
| | | |
| | | | |
505ac7d1f1
Change-Id: If68a780b3d4e0340f3b22b49effd12a6f4d45d32
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: Ibc4cbbd6feceb0f4886505699f96d70fc3a1286b
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, the code was tracking resources like file descriptors in
local variables, which could leak when exiting via error paths.
Improve this by introducing a struct to hold state. With this in
place, we can also break out the code to grab file descriptors to pass
back to the caller into a wrapper function, thus simplifying
minijail_run_internal. Furthermore, additional resources (such as
allocated child environments, which are subject of a subsequent code
change) can now be added in a straightforward way.
No (intended) functional changes.
BUG=chromium:1050997
TEST=Builds and passes unit tests and security.Minijail* tast tests.
Change-Id: Ic80cbc92c428b3d0346768cd594e98faf7cc60a2
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
c6dc29781f am: ea5bcde008
Change-Id: Ie46b8304bc4601cdd40c651673973c93e2f75f43
|
| |\| |
| | | |
| | | |
| | | | |
Change-Id: Id38dc9da035ab7b1ff3cddfabb4fb46f2e8b7bfb
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: I4a3711aac8a8eb511b8ca52872986603b6e2eb0a
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We have a decent number of situations where people want access to
some /dev nodes, but are unable to bind specific nodes/dirs because
the names are dynamic/flexible, or are hotplugged (and mignt not
exist at startup). The current solution for them is to copy the
full command line that minimalistic-mountns uses but drop the /dev
related settings.
Lets create a minimalistic-mountns-nodev profile that is equivalent
to minimalistic-mountns but doesn't set up /dev at all. This lets
callers -b/dev or do whatever else they like instead.
Bug: None
Test: `make check` passes
Test: `minijail0 --profile=minimalistic-mountns-nodev /bin/ls -l /dev/` works
Change-Id: I4b8b2a9e5cfaa84d5911b91bb46349b51c5589a6
|
|\| | |
| | | |
| | | |
| | | | |
Change-Id: I471525b20a6bf2e5e7cbfd1a2f043dd72b909603
|
| |\| |
| | | |
| | | |
| | | | |
Change-Id: I27f993bd649844dc2640c33022fd22b009acbbad
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: Id20e515c7e4cf28cadc3c283abca8514e92df47e
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When using -k and entering an existing namespace (-V), we don't want to
create yet another namespace. This is implicit behaviour that can be
confusing.
Bug: chromium:1038925
Test: tast run <IP> security.Minijail* passes on eve.
Change-Id: I27a4d0c1b83645295c8d36473fcb860da041c8bf
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
8ebeec2853
Change-Id: Ie168fc04da5a66f257d66259d9a51ca681f6b763
|
| |\| |
| | | |
| | | |
| | | | |
Change-Id: I9fb2a32281e4be456bd843e8004ba21719ead72c
|
| | |\|
| | | |
| | | |
| | | | |
Change-Id: I6412fc3347c6eefc97fd66759f2e9ab7cdb68f8a
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This change makes dump_constants a static binary. This should have no
effect on the size of the final image since it will only be used at
build time to generate constants.json.
Bug: None
Test: make check
Test: make constants.json
Change-Id: Iff1f6b7f9dcc43fac075c534ac008bed428fe0e8
|