| 8bee17760265b5c1be963f0b32c4168bc40a2f0c |
|
16-Feb-2017 |
Jorge Lucangeli Obes <jorgelo@google.com> |
Treat Seccomp failures as fatal errors.
The return value of SetUpMinijail is not being checked.
media.codec and media.extractor should not run without Seccomp if
there's a policy.
Bug: 34723744
Test: media.codec, media.extractor start, have Seccomp.
Test: cat /proc/`pgrep .codec`/status | grep Seccomp
Seccomp: 2
Test: cat /proc/`pgrep .extractor`/status | grep Seccomp
Seccomp: 2
Change-Id: I30c59d3193b3ebc8beace221741889afa2bbc8ae
/frameworks/av/services/minijail/minijail.cpp
|
| 80959a7c89e310b74c7e3a68d7f80ceac7a1574d |
|
14-Feb-2017 |
Jorge Lucangeli Obes <jorgelo@google.com> |
Allow media.codec and media.extractor to specify two policy files.
Bug: Bug: 34723744
Test: Unit tests.
Test: media.codec, media.extractor start, have Seccomp.
Test: cat /proc/`pgrep .codec`/status | grep Seccomp
Seccomp: 2
Test: cat /proc/`pgrep .extractor`/status | grep Seccomp
Seccomp: 2
Change-Id: If5c3dcc934f5d76bd32859b2f7b7ecb772a56303
/frameworks/av/services/minijail/minijail.cpp
|
| fbfb8e8b9a7e6a2d351b28bfd8cdd3dacd10e975 |
|
14-Feb-2017 |
Jorge Lucangeli Obes <jorgelo@google.com> |
Unify media.codec and media.extractor Minijail usage.
That way we can modify this code in one place to take a list of seccomp
policy files.
This CL removes around 70 lines by unifying identical code. No change
in behavior.
Bug: 34723744
Test: media.codec, media.extractor start, have Seccomp.
Test: cat /proc/`pgrep .codec`/status | grep Seccomp
Seccomp: 2
Test: cat /proc/`pgrep .extractor`/status | grep Seccomp
Seccomp: 2
Change-Id: Ia8be7b9c3d6163804d2a45954f8d03315ae32e7a
/frameworks/av/services/minijail/minijail.cpp
|