tequilaOS/platform_bionic

Fork 0

Commit graph

Author	SHA1	Message	Date
Steve Muckle	aa3f96c9c4	Create global seccomp policy. Enabling seccomp across all processes, rather than just zygote, is useful for auditing the syscall usage of AOSP. Create a global seccomp policy that can optionally be enabled by init. Bug: 37960259 Test: confirm global seccomp by removing finit_module from policy and observing modprobe fail, confirm regular seccomp unchanged by comparing length of installed bpf Change-Id: Iac53a42fa26a80b05126f262dd9525f4f66df558	2017-07-21 20:30:21 -07:00

Author

SHA1

Message

Date

Steve Muckle

aa3f96c9c4

Create global seccomp policy.

Enabling seccomp across all processes, rather than just zygote, is
useful for auditing the syscall usage of AOSP. Create a global seccomp
policy that can optionally be enabled by init.

Bug: 37960259
Test: confirm global seccomp by removing finit_module from policy and
      observing modprobe fail, confirm regular seccomp unchanged by
      comparing length of installed bpf
Change-Id: Iac53a42fa26a80b05126f262dd9525f4f66df558

2017-07-21 20:30:21 -07:00

1 commit