Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
platform
/
external
/
minijail
/
ce5b55eb48f276951b6c4d1bbfc667240c1e8f2f
/
libminijail.c
ce5b55e
Separate child process sync from user namespace
by Dylan Reid
· 9 years ago
272e3ab
Fix Minijail build.
by Jorge Lucangeli Obes
· 9 years ago
c31391e
Merge "softfail on older kernels that lack seccomp support"
by Jeffrey Vander Stoep
· 9 years ago
2885bef
softfail on older kernels that lack seccomp support
by Jeff Vander Stoep
· 9 years ago
bc67f44
Make set_supplementary_gids return 'void'.
by Jorge Lucangeli Obes
· 9 years ago
fd5fc56
Make set_supplementary_gids abort on memory errors.
by Jorge Lucangeli Obes
· 9 years ago
4b276a6
Use prctl(PR_CAPBSET_READ) to get the last valid cap on Android.
by Jorge Lucangeli Obes
· 9 years ago
2860c46
Add support for resetting signal masks
by Peter Qiu
· 9 years ago
de02a5b
Fix marshaling for supplementary gid list.
by Jorge Lucangeli Obes
· 9 years ago
43e29b3
Add libminijail static library target.
by Jorge Lucangeli Obes
· 9 years ago
06940be
Fix C99 declaration.
by Jorge Lucangeli Obes
· 9 years ago
cac4fa7
Merge "Free 'suppl_gid_list'."
by Jorge Lucangeli Obes
· 9 years ago
43a6a86
Fix some long lines.
by Jorge Lucangeli Obes
· 9 years ago
e81a52f
Free 'suppl_gid_list'.
by Jorge Lucangeli Obes
· 9 years ago
f7a3868
Fix indentation.
by Jorge Lucangeli Obes
· 9 years ago
d16ac49
Allow setting supplementary GIDs directly.
by Jorge Lucangeli Obes
· 9 years ago
c2ba9f5
Use size_t for size-related variables.
by Jorge Lucangeli Obes
· 9 years ago
d0a6e2f
Remove unused Minijail flag and make multi-line comments consistent.
by Jorge Lucangeli Obes
· 9 years ago
f794247
minijail: Add option to enter a new IPC namespace
by Dylan Reid
· 9 years ago
eac2894
minijail: Support setting syscall table with PR_ALT_SYSCALL
by Andrew Bresticker
· 9 years ago
648b220
minijail: Add ability to specify mounts
by Dylan Reid
· 9 years ago
6c7a458
minijail: Remove has_bind_mounts API
by Dylan Reid
· 9 years ago
a14e08d
minijail: Allow static binaries in a bind mount to run
by Dylan Reid
· 9 years ago
2034274
Remove warning suppressions.
by Jorge Lucangeli Obes
· 9 years ago
1102f5a
minijail: Support entering an existing net namespace.
by Dylan Reid
· 9 years ago
360f329
Merge "minijail: remove minijail_run_pid_pipe()"
by Samuel Tan
· 9 years ago
383e91a
Merge "minijail: add minijail_run_pid_pipes_no_preload() API function"
by Samuel Tan
· 9 years ago
63adc1f
minijail: remove minijail_run_pid_pipe()
by Samuel Tan
· 9 years ago
63187f4
minijail: add minijail_run_pid_pipes_no_preload() API function
by Samuel Tan
· 9 years ago
f682d47
minijail: Read the last valid cap value earlier.
by Dylan Reid
· 9 years ago
efb697a
Merge "Make Minijail work correctly with shared mounts."
by Jorge Lucangeli Obes
· 9 years ago
805be39
Make Minijail work correctly with shared mounts.
by Jorge Lucangeli Obes
· 9 years ago
46a5509
Call chdir("/") after chroot in pivot_root.
by Jorge Lucangeli Obes
· 9 years ago
08946cc
minijail: Check correct executable file
by Dylan Reid
· 9 years ago
5471450
minijail: Refactor dynamic and static code paths.
by Jorge Lucangeli Obes
· 9 years ago
791f577
minijail: Don't unmount proc if not mounted
by Dylan Reid
· 9 years ago
e0a530e
minijail: use new_root as put_old in pivot_root(2)
by Yu-Hsi Chiang
· 9 years ago
64d65a7
minijail: Support pivot_root
by Yu-Hsi Chiang
· 9 years ago
1912c5b
minijail: Support multiple range uid/gid mappings.
by Yu-Hsi Chiang
· 9 years ago
3cc05ea
minijail: Support writing child pid to file
by Yu-Hsi Chiang
· 9 years ago
10e9123
minijail: add user namespace support
by Yu-Hsi Chiang
· 9 years ago
3e954ec
minijail: Add a new option to allow program run as pid 1.
by Yu-Hsi Chiang
· 9 years ago
34e2274
Use libcap on Android.
by Jorge Lucangeli Obes
· 9 years ago
5b7a318
Use __ANDROID__ instead of __BRILLO__.
by Daniel Erat
· 9 years ago
1b21c8f
Use getgrnam_r.
by Yabin Cui
· 9 years ago
a21c8fc
Add 'Android.mk' file, fix compile on Android.
by Jorge Lucangeli Obes
· 9 years ago
20ac228
Revert "Add 'Android.mk' file, fix compile on Android."
by Jorge Lucangeli Obes
· 9 years ago
b9a322d
Add 'Android.mk' file, fix compile on Android.
by Jorge Lucangeli Obes
· 9 years ago
3c84df1
minijail: Set new process group ID.
by Jorge Lucangeli Obes
· 9 years ago
d613ab2
minijail: Make copyright headers consistent.
by Jorge Lucangeli Obes
· 10 years ago
3901da6
minijail: Allow tmpfs /tmp mount without a chroot.
by Jorge Lucangeli Obes
· 10 years ago
e6bd8cc
Revert "minijail: When pid-namespacing, init should be session leader"
by Mike Frysinger
· 10 years ago
67546a0
minijail: When pid-namespacing, init should be session leader
by Chris Masone
· 10 years ago
0ef8a66
minijail: add seccomp softfail option
by Utkarsh Sanghi
· 10 years ago
1563b5b
minijail: Add support for entering an existing VFS namespace.
by Jorge Lucangeli Obes
· 10 years ago
2f61ee4
Fix more style issues.
by Jorge Lucangeli Obes
· 10 years ago
c8b21e1
Fix coding style issues.
by Jorge Lucangeli Obes
· 10 years ago
1e4fc6a
Allow minijail to run statically linked targets
by Lee Campbell
· 10 years ago
11af062
Allow mounting of a tmpfs /tmp in the chroot
by Lee Campbell
· 10 years ago
18d1eba
Fix error reporting when sandboxed process is signaled.
by Jorge Lucangeli Obes
· 10 years ago
4ae30cc
Clarify comments around minijail_pre{enter|exec}().
by Jorge Lucangeli Obes
· 10 years ago
4e48065
Fix minijail_change_{user|group} with invalid users/groups.
by Jorge Lucangeli Obes
· 11 years ago
c420a26
minijail: add child PID to log messages
by mukesh agrawal
· 11 years ago
3adfef7
capabilities: extract the max cap from the runtime system
by Mike Frysinger
· 11 years ago
6c08630
[minijail] support network namespacing
by Elly Fong-Jones
· 12 years ago
339a113
Allow reading the jailed process' stdout and stderr.
by Jorge Lucangeli Obes
· 12 years ago
e5609ac
capabilities: correct the <<-operator width everwhere
by Kees Cook
· 12 years ago
323878a
capabilities: make sure that CAP_SETPCAP is cleared
by Kees Cook
· 12 years ago
1530b74
Add exit status reporting to Minijail.
by Jorge Lucangeli Obes
· 12 years ago
eee3155
Make it easier to build libminijail on Chromium Linux.
by Lei Zhang
· 12 years ago
6537a56
Minijail: Fix indentation in libminijail.c
by Jorge Lucangeli Obes
· 12 years ago
df4bd35
Minijail: allow writing to the child process' standard input.
by Jorge Lucangeli Obes
· 12 years ago
6201cf5
Minijail: with no_new_privs, drop privileges before setting seccomp filter.
by Jorge Lucangeli Obes
· 12 years ago
bda833c
Minijail: add logging for seccomp filter failures.
by Jorge Lucangeli Obes
· 12 years ago
a6b034d
Minijail: extract utility functions.
by Jorge Lucangeli Obes
· 12 years ago
224e427
Refactor logging in Minijail.
by Jorge Lucangeli Obes
· 12 years ago
1c888ae
[minijail] document use of NO_NEW_PRIVS
by Elly Jones
· 12 years ago
a05d7bb
[minijail] don't forget to enter pid namespace
by Elly Jones
· 12 years ago
761b741
[minijail] handle non-namespaced multithreaded use.
by Elly Jones
· 12 years ago
474ee71
Re-enable setting seccomp filters in Minijail.
by Jorge Lucangeli Obes
· 12 years ago
c2c9bcc
Add API for PR_SET_NO_NEW_PRIVS and set seccomp filter before dropping root.
by Jorge Lucangeli Obes
· 12 years ago
524c040
Integrate BPF seccomp_filters to Minijail.
by Jorge Lucangeli Obes
· 13 years ago
2343d83
Temporarily disable setting seccomp filters in Minijail.
by Jorge Lucangeli Obes
· 12 years ago
9807d03
Add minijail_run_pid() to return the pid of the jailed child process.
by Jorge Lucangeli Obes
· 12 years ago
dd3e851
[minijail] document an apparent use-after-free
by Elly Jones
· 13 years ago
e58176c
[minijail] pid namespace implies vfs namespace
by Elly Jones
· 13 years ago
a105963
minijail0: honor readonly bind mounts
by Elly Jones
· 13 years ago
6ac9112
Makefile, libminijail: Invert symbol visibility to allow sane unittesting
by Will Drewry
· 13 years ago
bee7ba7
libminijail.c: fix dangling pointer evaluation on unmarshal error
by Will Drewry
· 13 years ago
a8d1e1b
minijail0: unbreak chroot and marshalling
by Elly Jones
· 13 years ago
1d69793
libminijail: Fix minijail_parse_seccomp_filters to ignore comment lines.
by Ben Chan
· 13 years ago
51a5b6c
minijail0: add chroot support.
by Elly Jones
· 13 years ago
e1749eb
minijail0: convert to linux style
by Elly Jones
· 13 years ago
e805d37
libminijail: pass-through errno should be negative
by Kees Cook
· 13 years ago
eb300c5
minijail0: make jail_change_{user,group} reentrant.
by Elly Jones
· 13 years ago
c6c8643
libminijail: only clear supplemental groups on user/group change
by Will Drewry
· 13 years ago
f89aef5
libminijail: add seccomp_filter support to LD_PRELOAD + cleanup
by Will Drewry
· 13 years ago
fe4a372
libminijail: move over to using marshalled binary for preload
by Will Drewry
· 13 years ago
2ddaad0
libminijail: add marshalling and scrubbing functions
by Will Drewry
· 13 years ago
2f54b6a
minijail0: move ld_preload communication to a pipe
by Will Drewry
· 13 years ago
Next »