| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
executing supportsSeccompSandbox(). Previously, we would just report that the sandbox is unavailable. That's undesirable behavior, because it would lead the caller to think that they should continue without the sandbox. A simple bug in the sandbox compiler could thus result in us inadvertently disabling sandboxing for all users -- without necessarily noticing this issue for a while.
BUG=130662
TEST=make && ./demo32 && ./demo64
Review URL: https://chromiumcodereview.appspot.com/10545100
TBR=markus@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10540145
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141949 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
supportsSeccompSandbox(). Previously, we would just report that the sandbox is unavailable. That's undesirable behavior, because it would lead the caller to think that they should continue without the sandbox. A simple bug in the sandbox compiler could thus result in us inadvertently disabling sandboxing for all users -- without necessarily noticing this issue for a while.
BUG=130662
TEST=make && ./demo32 && ./demo64
Review URL: https://chromiumcodereview.appspot.com/10545100
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141938 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
sandbox.
This ensures that the sandbox doesn't surprisingly fail, if the user instantiated
a particularly strick policy.
BUG=130662
TEST=make && ./demo32 && ./demo64
Review URL: https://chromiumcodereview.appspot.com/10535089
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141851 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
new x32 API and older Intel APIs.
Also, extend the system call range from 0..512 to 0..1024. This covers the extra system calls added with x32.
As x32 isn't widely available yet, we don't add any other code to support it (e.g. we don't build a version of
demo.cc that runs in x32). But by explicitly blocking it for i386 and x86-64 we ensure that a "default allow"
policy is going to do the right thing.
TEST=make && demo32 && demo64
BUG=130662
Review URL: https://chromiumcodereview.appspot.com/10542028
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141155 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- A typo prevented status_ from being set properly in
supportsSeccompSandbox()
- Also fix a warning by explicitly discarding a return value
BUG=
TEST=
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/10532038
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@140951 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
code review of the initial changelist. And it ended up putting the checked-in files into a different directory than on my local disk. Oops.
Instead of renaming the directory, which has the potential to break more things, this changelist just fixes the include paths. The directory name isn't quite ideal, but it is not really that bad either. Just some confusion between hyphens and underscores.
BUG=130662
TEST=build with Makefile
Review URL: https://chromiumcodereview.appspot.com/10532015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@140658 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
still quite incomplete. In fact, it barely even compiles. You can use the
Makefile to experiment with it, but we deliberately have not integrated it
with the Chrome build system at this time.
The main intention for checking in the code at this point is to give others
a chance to take a look at the API. We made a few changes already, and I
want to make sure I give everybody an opportunity to speak up, if they still
want further revisions of the publicly exposed API.
BUG=130662
TEST=build with Makefile, then run demo32 and demo64
Review URL: https://chromiumcodereview.appspot.com/10458040
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@140407 0039d316-1c4b-4281-b951-d872f2087c98
|
