summaryrefslogtreecommitdiffstats
path: root/sandbox
Commit message (Collapse)AuthorAgeFilesLines
* Linux: remove unmaintained SELinux code.phajdan.jr@chromium.org2013-05-175-63/+0
| | | | | | | | | | | | See https://groups.google.com/a/chromium.org/d/msg/chromium-dev/YpU7t2XaGRg/V9-diQZQQDwJ for discussion. BUG=none R=agl@chromium.org, jln@chromium.org Review URL: https://codereview.chromium.org/14771026 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@200838 0039d316-1c4b-4281-b951-d872f2087c98
* Grab bag of clang fixes for Windows codernk@chromium.org2013-05-171-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These should hopefully be uncontroversial, so I'm sending them to Darin because he has global OWNERS approval on src/*. Let me know if you want to split this up and farm it out to individual components. R=darin@chromium.org CC=thakis@chromium.org BUG=82385 Fix some -Wdeprecated-writable-strings warnings for wide string literals. net/dns/dns_config_service_win_unittest.cc net/http/http_auth_sspi_win.cc net/http/http_auth_sspi_win.h ui/shell_dialogs/select_file_dialog_win_unittest.cc Use reinterpret_cast<> to convert from void * to a function pointer. chrome/browser/policy/policy_loader_win.cc content/browser/gamepad/gamepad_platform_data_fetcher_win.cc Remove "public" from a typedef. It's not clear that that really means. chrome/browser/enumerate_modules_model_unittest_win.cc Escape an unescaped backslash in a wide string iteral to prevent it from being interpreted as a unicode literal ("\uXXX"). chrome/browser/storage_monitor/test_portable_device_watcher_win.cc Use base::UTF8ToUTF16() over ATL::CA2W() and avoid an unnecessary c_str(). Clang can't convert from CA2WEX<> to string16. chrome/browser/ui/views/external_tab_container_win.cc Fix a -Wenum-compare warning when asserting that two enum values are equal. sandbox/win/src/policy_params.h Don't define va_copy for clang. It provides one in <stdarg.h>. third_party/leveldatabase/port/port_chromium.h Review URL: https://chromiumcodereview.appspot.com/15200005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@200814 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: fix O_CLOEXEC support.jln@chromium.org2013-05-012-5/+19
| | | | | | | | | | | | Buggy userland code can sometimes check for O_CLOEXEC when what it really wants is to check for FD_CLOEXEC. We work around this. BUG=237283 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/14787006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@197733 0039d316-1c4b-4281-b951-d872f2087c98
* sandbox_linux_unittests: fail if the kernel does not support BPF.jln@chromium.org2013-04-301-0/+9
| | | | | | | | | | | If the kernel does not support seccomp-bpf, sandbox_linux_unittests will fail. BUG=236716 Review URL: https://chromiumcodereview.appspot.com/14601002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@197466 0039d316-1c4b-4281-b951-d872f2087c98
* Remove seccomp-legacy: phase 2.jln@chromium.org2013-04-301-9/+1
| | | | | | | | | | | | This should completely get rid of seccomp-legacy (15000+ LOC). BUG=230142 TBR=ben@chromium.org NOTRY=true Review URL: https://chromiumcodereview.appspot.com/14271018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@197301 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: allow non racy use of O_CLOEXECjln@chromium.org2013-04-262-29/+26
| | | | | | | | | | | | | The current support of O_CLOEXEC in Open() in the broker process is racy. We make it non racy by using MSG_CMSG_CLOEXEC in recvmsg when getting the new file descriptor over the Unix socket. BUG=232077, 232068 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/14407005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196554 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: support O_NONBLOCK and O_CLOEXECjln@chromium.org2013-04-253-18/+65
| | | | | | | | | | | | | - Stop handling O_NONBLOCK in a special way, it's not special. - Handle O_CLOEXEC as much as possible by emulating it via fcntl. BUG=232077, 232068 TEST=sandbox_linux_unittests NOTRY=true Review URL: https://chromiumcodereview.appspot.com/14166016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196291 0039d316-1c4b-4281-b951-d872f2087c98
* Re-enable the BrokerProcess.OpenFileRW test on Android.palmer@chromium.org2013-04-241-11/+3
| | | | | | Review URL: https://chromiumcodereview.appspot.com/14305010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196070 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add access() brokering to the async-signal safe broker process.jln@chromium.org2013-04-244-55/+305
| | | | | | | | | | | | We add support for access() that is consistent with our support for open(). BUG=232077,232068 TEST=sandbox_linux_unittests NOTRY=true Review URL: https://codereview.chromium.org/14301014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195945 0039d316-1c4b-4281-b951-d872f2087c98
* Remove inline definition of SIZE_MAX in header.thakis@chromium.org2013-04-191-10/+3
| | | | | | | | | | | | | suid_unsafe_environment_variables.h is included both in C and C++ and is a little clunky. Clean things up a bit. BUG=233330 Review URL: https://codereview.chromium.org/14328030 Patch from Julien Tinnes <jln@chromium.org>. git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195066 0039d316-1c4b-4281-b951-d872f2087c98
* Fix small race in the sandboxcpu@chromium.org2013-04-194-9/+4
| | | | | | | | | | | | | | | DuplicateHandle with DUPLICATE_CLOSE_SOURCE always closes the handle, right now on failure we close it which means we are closing an invalid handle or closing some other handle in the small race window. Reported by Ashutosh Mehra from Adobe. BUG=233251 TEST=none Review URL: https://chromiumcodereview.appspot.com/13912024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195029 0039d316-1c4b-4281-b951-d872f2087c98
* Rewrite scoped_array<T> to scoped_ptr<T[]> in sandbox.dcheng@chromium.org2013-04-129-10/+10
| | | | | | | | | | | This is a manual cleanup pass using sed for files which are not built on Linux. BUG=171111 Review URL: https://chromiumcodereview.appspot.com/13888007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@194027 0039d316-1c4b-4281-b951-d872f2087c98
* Rewrite std::string("") to std::string(), Linux edition.dcheng@chromium.org2013-04-091-1/+1
| | | | | | | | | | | | | | | | | | | This patch was generated by running the empty_string clang tool across the Chromium Linux compilation database. Implicitly or explicitly constructing std::string() with a "" argument is inefficient as the caller needs to emit extra instructions to pass an argument, and the constructor needlessly copies a byte into internal storage. Rewriting these instances to simply call the default constructor appears to save ~14-18 kilobytes on an optimized release build. BUG=none Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=193020 Review URL: https://codereview.chromium.org/13145003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193040 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Rewrite std::string("") to std::string(), Linux edition."dcheng@chromium.org2013-04-091-1/+1
| | | | | | | | | | | | | | This reverts commit e59558b78e8c6a1b0bd916a724724b638c3c91b6. Revert "Fix build after r193020." This reverts commit 558a35897f6b3ffbcaefde927c1f150b815d140a. Revert "Really fix build after r193020." This reverts commit e3748a79b523a8d365d4a33ef986eebb4186fa78. git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193030 0039d316-1c4b-4281-b951-d872f2087c98
* Rewrite std::string("") to std::string(), Linux edition.dcheng@chromium.org2013-04-091-1/+1
| | | | | | | | | | | | | | | | | This patch was generated by running the empty_string clang tool across the Chromium Linux compilation database. Implicitly or explicitly constructing std::string() with a "" argument is inefficient as the caller needs to emit extra instructions to pass an argument, and the constructor needlessly copies a byte into internal storage. Rewriting these instances to simply call the default constructor appears to save ~14-18 kilobytes on an optimized release build. BUG=none Review URL: https://codereview.chromium.org/13145003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193020 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: assert monothreaded in testsjln@chromium.org2013-04-031-7/+5
| | | | | | | | | | | | When we start a new test that requires fork(), assert that we are not currently multi-threaded. BUG=225809 NOTRY=true Review URL: https://codereview.chromium.org/13430016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@191957 0039d316-1c4b-4281-b951-d872f2087c98
* Update the remaining references to sys_string_conversions.h to its new location.tfarina@chromium.org2013-03-302-3/+3
| | | | | | | | | | | | BUG=196305 TBR=isherman@chromium.org,rsleevi@chromium.org,keybuk@chromium.org,fischman@chromium.org, thestig@chromium.org,alexeypa@chromium.org,rogerta@chromium.org,cpu@chromium.org, akalin@chromium.org,ben@chromium.org,tony@chromium.org Review URL: https://chromiumcodereview.appspot.com/13322003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@191479 0039d316-1c4b-4281-b951-d872f2087c98
* Refactor sandbox_policy.cc so that it doesn't contain the sandbox policies ↵jam@chromium.org2013-03-201-0/+2
| | | | | | | | | | | | | | | | | | | | for all processes. Instead have whoever creates a sandboxed process set this data. This allows us to clean a few NaCl related changes in content: -remove NaCl sandbox rules from content -remove the hack for ifdef'ing out the GPU policy since it didn't link for nacl64.exe -remove the 1GB memory reservation for the NaCl loader process out of content Other cleanup: -renamed sandbox_policy.* to sandbox_win.* to match the other platform-specific sandbox files -moved BrokerGetFileHandleForProcess to internal content files since it's not called from outside -remove AddGpuDllEvictionPolicy since it was redundant (the one dll it removed was already listed in the generic list) There's still more cleanup to be done in the sandbox code (i.e. remove chrome frame switch, nacl process type switch etc). I will do that in future changes. BUG=191682 Review URL: https://codereview.chromium.org/12805004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@189175 0039d316-1c4b-4281-b951-d872f2087c98
* Android sandbox: workaround for restricted errno values.jln@chromium.org2013-03-112-3/+37
| | | | | | | | | | | | | On Android, errno are only supported up to 255 and are not processed otherwise. Fix a test to work around this issue. BUG=181647,169416 NOTRY=true TBR=markus Review URL: https://chromiumcodereview.appspot.com/12638015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@187410 0039d316-1c4b-4281-b951-d872f2087c98
* The 'sandbox' target is always 'none'.bungeman@chromium.org2013-02-281-1/+0
| | | | | | | | | | In revision 143549 seccomp_bpf was moved to its own target, however the line changing 'sandbox' to a static_library was left behind. This should be removed as it is misleading and leads to odd build generator behavior (like an empty build.ninja file). Review URL: https://codereview.chromium.org/12340115 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@185143 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Refactor the BPF sandbox API to use objects rather than ↵markus@chromium.org2013-02-2624-990/+1071
| | | | | | | | | | | | | | | | "static" methods. This change allows us to stack multiple instances of the sandbox. Also, split up headers in a generally saner fashion. BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/12223109 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184541 0039d316-1c4b-4281-b951-d872f2087c98
* Move file_path.h to base/files.brettw@chromium.org2013-02-241-1/+1
| | | | | | TBR=sky git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184344 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Added support for checking system call arguments against bit masks.markus@chromium.org2013-02-158-55/+1041
| | | | | | | | | | | | This is a second attempt. The original CL was tracked at https://chromiumcodereview.appspot.com/11613016 BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/11648028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@182698 0039d316-1c4b-4281-b951-d872f2087c98
* Remove sandbox win64 warningjschuh@chromium.org2013-02-121-7/+0
| | | | | | | | | Tests all pass and are getting enabled on the bots this week. BUG=168414 Review URL: https://codereview.chromium.org/12221109 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181924 0039d316-1c4b-4281-b951-d872f2087c98
* Ignore DEP and SEHOP flags on Win64jschuh@chromium.org2013-02-121-0/+3
| | | | | | | | | | These flags aren't supported on 64-bit and can throw an error on Win8 process creation. BUG=147752 Review URL: https://chromiumcodereview.appspot.com/12207106 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181840 0039d316-1c4b-4281-b951-d872f2087c98
* Replace FilePath with base::FilePath in some more top level directories.brettw@chromium.org2013-02-102-2/+3
| | | | | | Review URL: https://codereview.chromium.org/12217101 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181640 0039d316-1c4b-4281-b951-d872f2087c98
* Disable ProcessMitigationsTest.CheckDep on Win64jschuh@chromium.org2013-02-071-2/+2
| | | | | | | | DEP is already enabled by default and Win64 throws an error when you try to manipulate the setting at all. Review URL: https://codereview.chromium.org/12218061 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181382 0039d316-1c4b-4281-b951-d872f2087c98
* Added a unittest to check that we can restrict syscall(__NR_clone)markus@chromium.org2013-02-071-0/+55
| | | | | | | | | | BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/12207029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181121 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add warning if running tests multithreaded.jln@chromium.org2013-02-052-5/+22
| | | | | | | | | BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12207004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@180747 0039d316-1c4b-4281-b951-d872f2087c98
* Windows: Allow subprocesses to inherit non-console stdout/stderrmseaborn@chromium.org2013-02-038-3/+142
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this change, the renderer and other subprocesses never inherit stdout and stderr when they are pipe handles. Stdout/stderr will be pipe handles when chrome.exe/browser_tests.exe is running under Buildbot or under Cygwin's default terminal, mintty. We fix this by specifying PROC_THREAD_ATTRIBUTE_HANDLE_LIST in the arguments to CreateProcess(). The fix only applies on Windows >=Vista. Although it's probably safe for stdout/stderr to be inherited when it is a pipe handle or file handle, we put this behind the flag "--enable-logging". (This flag already makes stderr work when chrome.exe/browser_tests.exe is running under a Windows console -- a case which is not handled by the code path we're adding here because a Windows console is not an inheritable kernel handle.) Note that this relies on the fix committed in http://crrev.com/178656. BUG=171836 TEST=manually add logging to renderer process and check that it appears when running chrome.exe or browser_tests.exe Review URL: https://chromiumcodereview.appspot.com/12033045 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@180303 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: Make the test run on Android as Native executablejln@chromium.org2013-02-023-37/+67
| | | | | | | | | | | | Make it possible to run the tests via run_tests.py --exe. BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12093055 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@180236 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Refactoring in preparation for sandbox stacking.markus@chromium.org2013-01-2611-281/+539
| | | | | | | | | | | | | | | | | | | | | | | | | | We have to keep a few globally shared bits of data, because of the way the kernel exposes the sandboxing API. In the past, we solved this problem by having a monolithic "static" class for all of the sandboxing code. This is sub-optimal and makes it difficult to implement stacking of multiple BPF sandboxes -- a feature that we would like to have. I believe, all that needs to be kept static is the handling of SIGSYS traps. So, we are pulling those into their own class. In the next step, we'll clean up the actual sandbox class. This changelist introduces one new feature. Going forward, we won't allow "unsafe" traps (e.g. used for grey listing) unless the user explicitly sets the CHROME_SANDBOX_DEBUGGING environment variable. This prevents accidental bugs from unintentionally disabling the entire sandbox. BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/11929036 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@179026 0039d316-1c4b-4281-b951-d872f2087c98
* Disabling nacl_win64 targets when building in target_arch!=ia32 mode.bradnelson@google.com2013-01-211-30/+36
| | | | | | | | | | | | | | | | When building on windows with target_arch=x64, we no longer need win32 targets forced to be 64-bit. This gates out these targets when target_arch!=ia32. (Prior CL dropped the minimal set to break the dependency between these targets and the rest of the build. This eliminates them completely.) BUG=None TEST=None R=jschuh@chromium.org,thestig@chromium.org TBR=darin@chromium.org,abodenha@chromium.org,apatrick@chromium.org,sra@chromium.org,wtc@chromium.org Review URL: https://chromiumcodereview.appspot.com/11929039 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177959 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: more internal timeout in unit tests.jln@chromium.org2013-01-201-8/+32
| | | | | | | | | | | | | | Every SANDBOX_TEST derivative will now use poll() with a timeout instead of a blocking write. This is a second layer to make sure that our tests have a timeout. BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12018029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177875 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add timeout to tests.jln@chromium.org2013-01-181-0/+44
| | | | | | | | | | | | All derivatives of SANDBOX_TEST() will now have a 10s timeout. BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12021021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177771 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: ASSERT instead of EXPECT in broker tests.jln@chromium.org2013-01-181-28/+40
| | | | | | | | | | TEST=sandbox_linux_unittests NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11859020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177702 0039d316-1c4b-4281-b951-d872f2087c98
* Use SOCK_SEQPACKET for synchronous IPC.glider@google.com2013-01-181-1/+1
| | | | | | | | | | | | | | This is a copy of https://codereview.chromium.org/11738003 by mnissler@chromium.org SOCK_DGRAM fails in case the other end of the connection dies before sending a reply. This causes recvmsg() calls on the socket to hang, which results in stuck processes sticking around after running tests. BUG=chromium:166528 TEST=No more stuck --type=zygote processes in browser_tests and content_browsertests. Review URL: https://codereview.chromium.org/11823024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177638 0039d316-1c4b-4281-b951-d872f2087c98
* Android make sandbox/linux/seccomp-bpf compile on i386jln@chromium.org2013-01-185-42/+99
| | | | | | | | | | BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12025004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177542 0039d316-1c4b-4281-b951-d872f2087c98
* Android: remove x86 from sandbox/linux once again.jln@chromium.org2013-01-171-1/+1
| | | | | | | | | | | BUG=166704 TBR=markus NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11958035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177371 0039d316-1c4b-4281-b951-d872f2087c98
* Android: create a generic android_ucontext.hjln@chromium.org2013-01-175-6/+74
| | | | | | | | | | | | | | | | | | We now have a generic android_ucontext.h that should work on both ARM and X86. Note: if this needs to be reverted on X86, please only revert the GYP file and send me the error message. (Thanks to Yin Fengwei for his related work in https://chromiumcodereview.appspot.com/11639038/) BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11971028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177321 0039d316-1c4b-4281-b951-d872f2087c98
* If the kernel lacks support for BPF filtering, we can still perform a couplemarkus@chromium.org2013-01-114-85/+108
| | | | | | | | | | | | | of static tests on our filter policy and on the filter program. This extends the test coverage of our unittests, even if it is still somewhat limited. TEST=sandbox_linux_unittests BUG=141545 Review URL: https://chromiumcodereview.appspot.com/11829013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@176361 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: handle O_CREAT properly in broker process.jln@chromium.org2013-01-092-1/+13
| | | | | | | | | | | | | We only support 2-parameters open in the broker process but we didn't filter-out O_CREAT properly. BUG=168944 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11778056 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175744 0039d316-1c4b-4281-b951-d872f2087c98
* Make the Windows sandbox support a normal x64 buildjschuh@chromium.org2013-01-052-26/+32
| | | | | | | | | | I've fixed the dependencies, so we can now support building the sandbox and running the tests as part of a normal Win64 build. BUG=168414 Review URL: https://chromiumcodereview.appspot.com/11788002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175278 0039d316-1c4b-4281-b951-d872f2087c98
* Base: Update ScopedProcessInformation to use ScopedHandle and restrict Receive()rvargas@google.com2013-01-031-3/+4
| | | | | | | | | | to the span of the callsite. BUG=none TEST=base_unittests Review URL: https://codereview.chromium.org/11636061 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174998 0039d316-1c4b-4281-b951-d872f2087c98
* Fix Android x86 build with a quick hack.jln@chromium.org2012-12-201-2/+3
| | | | | | | | | | | BUG=166704 TBR=markus NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11649044 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174244 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 174135jochen@chromium.org2012-12-207-752/+19
| | | | | | | | | | | | | | | | | | > SECCOMP-BPF: Added support for checking system call arguments against bit masks. > > > BUG=130662 > TEST=sandbox_linux_unittests > > > Review URL: https://chromiumcodereview.appspot.com/11613016 Tests fail on Linux Precise bot: http://build.chromium.org/p/chromium.linux/buildstatus?builder=Linux%20Precise%20%28dbg%29&number=410 TBR=markus@chromium.org Review URL: https://codereview.chromium.org/11618035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174147 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Added support for checking system call arguments against bit masks.markus@chromium.org2012-12-207-19/+752
| | | | | | | | | | BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/11613016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174135 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Don't create an ScopedHandle with an invalid handle.rvargas@chromium.org2012-12-201-1/+2
| | | | | | | | | BUG=166888 TEST=none Review URL: https://chromiumcodereview.appspot.com/11639024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174122 0039d316-1c4b-4281-b951-d872f2087c98
* Update Linux sandbox tests to pass on Android.palmer@chromium.org2012-12-202-7/+25
| | | | | | | | | | BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11647024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174116 0039d316-1c4b-4281-b951-d872f2087c98
* Fix for downstream android webviewboliu@chromium.org2012-12-201-0/+3
| | | | | | | | | | | | | | Previously erros is struct sigcontext is not defined. Including the header file now. TBR=jln,markus Android only include change. Android trybots pass compile. NOTRY=true BUG= Review URL: https://chromiumcodereview.appspot.com/11636039 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174104 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-06 23:42:50 +0000