2279b2534272282a5b5152723235da397e49195c |
|
19-Jul-2017 |
Steven Moreland <smoreland@google.com> |
frameworks/base: use proper nativehelper headers libnativehelper exports headers under nativehelper. These were available before incorrectly as global headers in order to give access to jni.h. Test: modules using frameworks/base find headers Bug: 63762847 Change-Id: I0f9f231acdebe460f279135462f43d3e32eff64d
/frameworks/base/core/jni/android_os_seccomp.cpp
|
ffad2adfa5488f43a798a30a7fdb14426f495e59 |
|
03-Mar-2017 |
Paul Lawrence <paullawrence@google.com> |
Make seccomp honor setenforce Note: This code is in frameworks, since we might want to have tools linked against seccomp_policy that continue to enforce seccomp Bug: 35950093 Test: Builds, Seccomp: 2 is in zygote & zygote64 status Run setenforce 0 && stop && start Seccomp: 0 is in zygote & zygote64 status Change-Id: I797a6c29f58725f84089c570f784125fb99f57ce
/frameworks/base/core/jni/android_os_seccomp.cpp
|
08b93c1e97fa71800cea4a1a9488c5e1a125c1bc |
|
16-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Move seccomp policy logic to bionic Test: Make sure builds, runs, seccomp policy still applied Bug: 35720753 Change-Id: Ieb09dd88cf070d4b4f1277d1a88d0ce250bb05b4
/frameworks/base/core/jni/android_os_seccomp.cpp
|
be0d6a68900e76f1244decd672f79cdf9802bc6d |
|
27-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Revert "Move seccomp policy logic to bionic" This reverts commit 48c30ef529543c9bbd1b55f9e05c666b3ffeb7c6. Reverting build-breaking change Change-Id: Iad6270e51cb1ead0efbd52c2dfcc6d2118931e4e
/frameworks/base/core/jni/android_os_seccomp.cpp
|
48c30ef529543c9bbd1b55f9e05c666b3ffeb7c6 |
|
16-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Move seccomp policy logic to bionic Test: Make sure builds, runs, seccomp policy still applied Bug: 35720753 Change-Id: I2d3a4ac9284a733010d74cb509237e35df17588f
/frameworks/base/core/jni/android_os_seccomp.cpp
|
0490912184edf93d4544e2f1f27a1a52fe5b3192 |
|
13-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Use bionic's autogenerated whitelist policy Bug: 35392119 Test: Check boots, same syscalls blocked as before Change-Id: I4f9276938663f5b82c82eeea45de317b96b2de84
/frameworks/base/core/jni/android_os_seccomp.cpp
|
39139358e5be0b642fa2f18046513b084e37eb57 |
|
10-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Expand seccomp whitelist Bug: 34763393 Test: cts test android.os.cts.SeccompTest now passes Change-Id: I8907074485395015a03119700543ff33fdd8e214
/frameworks/base/core/jni/android_os_seccomp.cpp
|
76c20442cfe91d37a1cf917d08ba95837332fb83 |
|
08-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Expand seccomp whitelist Bug: 35059702 Test: Device boots, app no longer produces SIGSYS failures Change-Id: I020b625bd7529ad9806c0b23a1ca70bc87906dad
/frameworks/base/core/jni/android_os_seccomp.cpp
|
c47dd7cf0c368d6ad2bd58f77ca4cc6d86a152a4 |
|
07-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Expand seccomp whitelist Bug: 34979910 Test: System boots, app runs Change-Id: I8b60a24ac855679251e73edcdec57eb4af4a5610
/frameworks/base/core/jni/android_os_seccomp.cpp
|
b29df844012fbc212aefc6940cd2c494bf7e23bd |
|
06-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Expand whitelist Bug: 35034743 Test: Builds, boots Change-Id: I5ab77554d23a8498cf32953d447534742683deb8
/frameworks/base/core/jni/android_os_seccomp.cpp
|
88ec14b0e54be405609d3d0b75559da09c29eb80 |
|
03-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Expand whitelist Bug: 34908783 Test: Device boots. Unable to test app due to Fake OEM error Change-Id: I2a0f5646fa39f95875ecb661599d76f4b28a43ac
/frameworks/base/core/jni/android_os_seccomp.cpp
|
14f31aa647004945043bfdca50b5f3f96f93631b |
|
02-Feb-2017 |
Paul Lawrence <paullawrence@google.com> |
Optimize seccomp Bug: 34946764 Test: Make sure boots, seccomp still blocks, and is faster Change-Id: I2b4da512f8a9eb8a32f4435561285d42e4b0395f
/frameworks/base/core/jni/android_os_seccomp.cpp
|
ef854774704d61992f13b8c49b9d210bf33ef4a8 |
|
31-Jan-2017 |
Paul Lawrence <paullawrence@google.com> |
Install seccomp into zygote not init Bug: 34710876 Test: Boots, correct size filter installed, blocks unallowed calls Change-Id: I3e66e8724ace37f7d30451b98a5e574766252ea0
/frameworks/base/core/jni/android_os_seccomp.cpp
|