tequilaOS/platform_bionic
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
23152 commits 1 branch 0 tags 80 MiB
Commit graph

5 commits

Author SHA1 Message Date
Steve Muckle
aa3f96c9c4 Create global seccomp policy. 
Enabling seccomp across all processes, rather than just zygote, is
useful for auditing the syscall usage of AOSP. Create a global seccomp
policy that can optionally be enabled by init.

Bug: 37960259
Test: confirm global seccomp by removing finit_module from policy and
      observing modprobe fail, confirm regular seccomp unchanged by
      comparing length of installed bpf
Change-Id: Iac53a42fa26a80b05126f262dd9525f4f66df558
 2017-07-21 20:30:21 -07:00
Paul Lawrence
89fa81fda3 Support all architectures in seccomp 
Test: Make sure arm, x86, x86_64, mips, mips64 emulators boot
      Make sure sailfish still boots
      Ran CTS test from
      https://android-review.googlesource.com/#/c/348671/3 and it passed
      The instructions for how to run mips emulators above worked, but
      the CTS tests did not seem to actually run.

Change-Id: Iddee5acdb19ed32c7bd4657573313ca439cf6a49
 2017-03-13 18:26:50 +00:00
Paul Lawrence
dfe8434a62 Move seccomp policy to bionic 
Test: Built and checked booted
Change-Id: Iaec1265fe5a55c4df90ab9e45b010ef36faf6bba
 2017-02-27 12:42:39 -08:00
Paul Lawrence
98a53b7c74 Revert "Move seccomp policy to bionic" 
This reverts commit 06a32206c5.

Reverting build-breaking change

Change-Id: Ib3698bca8f905033a9c7f22bc2fa9f7e7bf75873
 2017-02-27 16:36:18 +00:00
Paul Lawrence
06a32206c5 Move seccomp policy to bionic 
Test: Built and checked booted

Change-Id: If777eed75d5280c7a390399261e97125c04767b2
 2017-02-24 12:52:19 -08:00