Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
platform
/
external
/
minijail
/
refs/heads/rel/p/fp2/21.05.0-rel
/
libminijail.c
785b1c3
extend -K to accept a mount propagation type
by Mike Frysinger
· 7 years ago
7058a2d
Use rlim_t for the arguments in minijail_rlimit()
by Luis Hector Chavez
· 7 years ago
8c3acbc
Fix leaks in mount_one()
by Luis Hector Chavez
· 7 years ago
5dd5b1b
move setpgid() from libminijail to minijail0
by Stephen Barber
· 7 years ago
ac08a68
allow bind mounts outside of chroots
by Mike Frysinger
· 7 years ago
0d1cbf6
libminijail: increase max preserved FDs
by Stephen Barber
· 7 years ago
33ffef3
add an option to set up a minimal /dev
by Mike Frysinger
· 8 years ago
0412dcc
Add minijail_fork
by Dylan Reid
· 7 years ago
ac981fc
minijail: Decouple the do_init flag
by Luis Hector Chavez
· 7 years ago
7132355
Improve the way uid/gid changes in unprivileged userns
by Luis Hector Chavez
· 7 years ago
114a930
Allow redirecting logging to an FD
by Luis Hector Chavez
· 7 years ago
7624e71
Improve compiler logging
by Luis Hector Chavez
· 7 years ago
64730af
Add a pre-chroot hook
by Luis Hector Chavez
· 7 years ago
18c49c8
Make minijail_run_internal static
by Dylan Reid
· 7 years ago
acfb8be
Move minijail_run args in to a struct.
by Dylan Reid
· 7 years ago
eaab420
abort when bind mounting a non-existent source path
by Mike Frysinger
· 7 years ago
1617f63
minijail: Add a way to allow arbitrary fd redirects
by Luis Hector Chavez
· 7 years ago
e0ba4ce
minijail: Add minijail_add_hook()
by Luis Hector Chavez
· 7 years ago
ec0a2c1
minijail: Allow skipping setting securebits when restricting caps
by Luis Hector Chavez
· 7 years ago
fe5fb8e
minijail: Add support for dropping caps with static binaries
by Luis Hector Chavez
· 7 years ago
0f72ef4
Add the ability to set rlimits on the jailed process
by Dylan Reid
· 7 years ago
b9a7b16
support creating new uts namespaces (and setting hostnames)
by Mike Frysinger
· 7 years ago
dba6209
Reland "Add optional signal forwarder and '-z' option to cli"
by Jorge Lucangeli Obes
· 7 years ago
7151582
Revert "Add optional signal forwarder and '-z' option to cli"
by Roozbeh Pournader
· 7 years ago
74b9027
Add optional signal forwarder and '-z' option to cli
by Graziano Misuraca
· 7 years ago
f6058c3
Fix prctl() call.
by Jorge Lucangeli Obes
· 7 years ago
a6eb21a
Implement initial ambient capabilities support.
by Jorge Lucangeli Obes
· 7 years ago
0b20877
Refactor Minijail in preparation for ambient capabilities work.
by Jorge Lucangeli Obes
· 7 years ago
866bb3a
Add a flag to drop access to the session keyring
by Chirantan Ekbote
· 8 years ago
ab9eb44
allow specifying larger /tmp tmpfs mounts
by Martin Pelikán
· 8 years ago
b91d404
add nosuid/nodev/noexec settings to the /tmp mount
by Mike Frysinger
· 8 years ago
3ba8157
name the /proc mount
by Mike Frysinger
· 8 years ago
0dce757
fix mode settings on /tmp mount
by Mike Frysinger
· 8 years ago
eea841b
keep error checking style with setgroups logic
by Mike Frysinger
· 8 years ago
3454319
Clarify, simplify some error messages.
by Jorge Lucangeli Obes
· 8 years ago
6b190c0
ignore missing /proc/<pid>/setgroups files
by Mike Frysinger
· 8 years ago
13807cb
minijail: Add ability to keep supplementary gids.
by Lutz Justen
· 8 years ago
457a5e3
Improve error messages.
by Jorge Lucangeli Obes
· 8 years ago
2449956
Call setgroups(2) only once when changing users.
by Jorge Lucangeli Obes
· 8 years ago
aa235b9
Create a new session for the jailed process.
by Jorge Lucangeli Obes
· 8 years ago
7559dfe
minijail: bring up loopback interface in new net namespaces
by Mike Frysinger
· 8 years ago
fb449ab
Add a PREUPLOAD.cfg file to enable clang-format
by Luis Hector Chavez
· 8 years ago
43ff080
Add an option to close all open file descriptors
by Luis Hector Chavez
· 8 years ago
713f6fb
Use SECCOMP_RET_TRAP when setting thread sync.
by Jorge Lucangeli Obes
· 8 years ago
200299c
Allow entering a user namespace with a default gid mapping.
by Jorge Lucangeli Obes
· 8 years ago
1365061
Add support for SECCOMP_FILTER_FLAG_TSYNC.
by Jorge Lucangeli Obes
· 8 years ago
4d4b3be
Add a function to load seccomp filters from a file descriptor.
by Jorge Lucangeli Obes
· 8 years ago
937ae7a
Merge "Fix return value check of write_pid_to_path"
by Treehugger Robot
· 8 years ago
db6dab4
Fix return value check of write_pid_to_path
by Keshav Santhanam
· 8 years ago
963eeec
Rename the init process inside PID namespaces.
by Jorge Lucangeli Obes
· 8 years ago
f205fff
Kill the child process before dying.
by Jorge Lucangeli Obes
· 8 years ago
ab6fa6f
Allow entering a user namespace with a default mapping.
by Jorge Lucangeli Obes
· 8 years ago
565e978
Fix soft-fail on Android.
by Jorge Lucangeli Obes
· 8 years ago
d906099
Merge "Move code away from libminijail.c."
by Treehugger Robot
· 8 years ago
7b2e29c
Move code away from libminijail.c.
by Jorge Lucangeli Obes
· 8 years ago
3b2e6e4
Free all strings in minijail_destroy().
by Jorge Lucangeli Obes
· 8 years ago
db0bc67
Use clang-format on more files.
by Jorge Lucangeli Obes
· 8 years ago
a205390
Allow dropping all caps but keeping root on static binaries.
by Jorge Lucangeli Obes
· 8 years ago
eec7796
Create mount destinations if they don't exist.
by Dylan Reid
· 8 years ago
81e2397
Allow mount data to be specified
by Dylan Reid
· 8 years ago
4cbc2a5
Add ability to enter a cgroup namespace
by Dylan Reid
· 8 years ago
df7fab1
Add logging message when using user namespaces and mount namespaces.
by Jorge Lucangeli Obes
· 8 years ago
7a56907
Avoid warning about BSD_SOURCE on glibc >= 2.20
by Arthur Gautier
· 8 years ago
2413f37
Skip setting seccomp filter when running with ASan.
by Jorge Lucangeli Obes
· 8 years ago
f783b52
Fix use of SECURE_ALL_BITS/SECURE_ALL_LOCKS.
by Jorge Lucangeli Obes
· 9 years ago
6b0de9b
Fix typo in error message.
by Jorge Lucangeli Obes
· 9 years ago
097b719
Remove mount points from peer group just before oldroot unmount.
by Hidehiko Abe
· 9 years ago
87bf01d
Re-organize flags in 'minijail_preexec'.
by Jorge Lucangeli Obes
· 9 years ago
3da4031
Make -K work for dynamically-linked binary.
by Shuhei Takahashi
· 9 years ago
a521bee
Add an option to skip remounting / as MS_PRIVATE.
by Jorge Lucangeli Obes
· 9 years ago
bce609d
Do not leak outside root dir fd into the child.
by Ricky Zhou
· 9 years ago
7ea269e
Don't call cap_get_proc(3) unconditionally.
by Jorge Lucangeli Obes
· 9 years ago
d8c8205
Always call 'drop_caps'.
by Jorge Lucangeli Obes
· 9 years ago
f9fcdbe
Add support for dropping capabilities from the bounding set.
by Jorge Lucangeli Obes
· 9 years ago
6c755d2
Don't die() on bind mounts.
by Jorge Lucangeli Obes
· 9 years ago
2b12ba4
Print an error when attempting to use bind mounts without chroot.
by Jorge Lucangeli Obes
· 9 years ago
b8a5138
Add 'cgroups' flag.
by Jorge Lucangeli Obes
· 9 years ago
605ce7f
Add ability to put jailed process in cgroups
by Dylan Reid
· 9 years ago
ce5b55e
Separate child process sync from user namespace
by Dylan Reid
· 9 years ago
272e3ab
Fix Minijail build.
by Jorge Lucangeli Obes
· 9 years ago
c31391e
Merge "softfail on older kernels that lack seccomp support"
by Jeffrey Vander Stoep
· 9 years ago
2885bef
softfail on older kernels that lack seccomp support
by Jeff Vander Stoep
· 9 years ago
bc67f44
Make set_supplementary_gids return 'void'.
by Jorge Lucangeli Obes
· 9 years ago
fd5fc56
Make set_supplementary_gids abort on memory errors.
by Jorge Lucangeli Obes
· 9 years ago
4b276a6
Use prctl(PR_CAPBSET_READ) to get the last valid cap on Android.
by Jorge Lucangeli Obes
· 9 years ago
2860c46
Add support for resetting signal masks
by Peter Qiu
· 9 years ago
de02a5b
Fix marshaling for supplementary gid list.
by Jorge Lucangeli Obes
· 9 years ago
43e29b3
Add libminijail static library target.
by Jorge Lucangeli Obes
· 9 years ago
06940be
Fix C99 declaration.
by Jorge Lucangeli Obes
· 9 years ago
cac4fa7
Merge "Free 'suppl_gid_list'."
by Jorge Lucangeli Obes
· 9 years ago
43a6a86
Fix some long lines.
by Jorge Lucangeli Obes
· 9 years ago
e81a52f
Free 'suppl_gid_list'.
by Jorge Lucangeli Obes
· 9 years ago
f7a3868
Fix indentation.
by Jorge Lucangeli Obes
· 9 years ago
d16ac49
Allow setting supplementary GIDs directly.
by Jorge Lucangeli Obes
· 9 years ago
c2ba9f5
Use size_t for size-related variables.
by Jorge Lucangeli Obes
· 9 years ago
d0a6e2f
Remove unused Minijail flag and make multi-line comments consistent.
by Jorge Lucangeli Obes
· 9 years ago
f794247
minijail: Add option to enter a new IPC namespace
by Dylan Reid
· 9 years ago
eac2894
minijail: Support setting syscall table with PR_ALT_SYSCALL
by Andrew Bresticker
· 9 years ago
648b220
minijail: Add ability to specify mounts
by Dylan Reid
· 9 years ago
6c7a458
minijail: Remove has_bind_mounts API
by Dylan Reid
· 9 years ago
Next »