History log of /frameworks/base/core/jni/android_os_seccomp.cpp
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
ffad2adfa5488f43a798a30a7fdb14426f495e59 03-Mar-2017 Paul Lawrence <paullawrence@google.com> Make seccomp honor setenforce

Note: This code is in frameworks, since we might want to have tools
linked against seccomp_policy that continue to enforce seccomp

Bug: 35950093
Test: Builds, Seccomp: 2 is in zygote & zygote64 status
Run setenforce 0 && stop && start
Seccomp: 0 is in zygote & zygote64 status

Change-Id: I797a6c29f58725f84089c570f784125fb99f57ce
/frameworks/base/core/jni/android_os_seccomp.cpp
08b93c1e97fa71800cea4a1a9488c5e1a125c1bc 16-Feb-2017 Paul Lawrence <paullawrence@google.com> Move seccomp policy logic to bionic

Test: Make sure builds, runs, seccomp policy still applied
Bug: 35720753
Change-Id: Ieb09dd88cf070d4b4f1277d1a88d0ce250bb05b4
/frameworks/base/core/jni/android_os_seccomp.cpp
be0d6a68900e76f1244decd672f79cdf9802bc6d 27-Feb-2017 Paul Lawrence <paullawrence@google.com> Revert "Move seccomp policy logic to bionic"

This reverts commit 48c30ef529543c9bbd1b55f9e05c666b3ffeb7c6.

Reverting build-breaking change

Change-Id: Iad6270e51cb1ead0efbd52c2dfcc6d2118931e4e
/frameworks/base/core/jni/android_os_seccomp.cpp
48c30ef529543c9bbd1b55f9e05c666b3ffeb7c6 16-Feb-2017 Paul Lawrence <paullawrence@google.com> Move seccomp policy logic to bionic

Test: Make sure builds, runs, seccomp policy still applied
Bug: 35720753
Change-Id: I2d3a4ac9284a733010d74cb509237e35df17588f
/frameworks/base/core/jni/android_os_seccomp.cpp
0490912184edf93d4544e2f1f27a1a52fe5b3192 13-Feb-2017 Paul Lawrence <paullawrence@google.com> Use bionic's autogenerated whitelist policy

Bug: 35392119
Test: Check boots, same syscalls blocked as before
Change-Id: I4f9276938663f5b82c82eeea45de317b96b2de84
/frameworks/base/core/jni/android_os_seccomp.cpp
39139358e5be0b642fa2f18046513b084e37eb57 10-Feb-2017 Paul Lawrence <paullawrence@google.com> Expand seccomp whitelist

Bug: 34763393
Test: cts test android.os.cts.SeccompTest now passes
Change-Id: I8907074485395015a03119700543ff33fdd8e214
/frameworks/base/core/jni/android_os_seccomp.cpp
76c20442cfe91d37a1cf917d08ba95837332fb83 08-Feb-2017 Paul Lawrence <paullawrence@google.com> Expand seccomp whitelist

Bug: 35059702
Test: Device boots, app no longer produces SIGSYS failures
Change-Id: I020b625bd7529ad9806c0b23a1ca70bc87906dad
/frameworks/base/core/jni/android_os_seccomp.cpp
c47dd7cf0c368d6ad2bd58f77ca4cc6d86a152a4 07-Feb-2017 Paul Lawrence <paullawrence@google.com> Expand seccomp whitelist

Bug: 34979910
Test: System boots, app runs
Change-Id: I8b60a24ac855679251e73edcdec57eb4af4a5610
/frameworks/base/core/jni/android_os_seccomp.cpp
b29df844012fbc212aefc6940cd2c494bf7e23bd 06-Feb-2017 Paul Lawrence <paullawrence@google.com> Expand whitelist

Bug: 35034743
Test: Builds, boots
Change-Id: I5ab77554d23a8498cf32953d447534742683deb8
/frameworks/base/core/jni/android_os_seccomp.cpp
88ec14b0e54be405609d3d0b75559da09c29eb80 03-Feb-2017 Paul Lawrence <paullawrence@google.com> Expand whitelist

Bug: 34908783
Test: Device boots. Unable to test app due to Fake OEM error
Change-Id: I2a0f5646fa39f95875ecb661599d76f4b28a43ac
/frameworks/base/core/jni/android_os_seccomp.cpp
14f31aa647004945043bfdca50b5f3f96f93631b 02-Feb-2017 Paul Lawrence <paullawrence@google.com> Optimize seccomp

Bug: 34946764
Test: Make sure boots, seccomp still blocks, and is faster
Change-Id: I2b4da512f8a9eb8a32f4435561285d42e4b0395f
/frameworks/base/core/jni/android_os_seccomp.cpp
ef854774704d61992f13b8c49b9d210bf33ef4a8 31-Jan-2017 Paul Lawrence <paullawrence@google.com> Install seccomp into zygote not init

Bug: 34710876
Test: Boots, correct size filter installed, blocks unallowed calls

Change-Id: I3e66e8724ace37f7d30451b98a5e574766252ea0
/frameworks/base/core/jni/android_os_seccomp.cpp