Age | Commit message (Collapse) | Author |
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2271939
Change-Id: I8089cfbde0ea4dda4f4c52401e5899ce45107613
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: N/A
Test: atest
Change-Id: I2b608f7b89262ef64d12d698a3f59a744bc63737
|
|
* Remove the original rules from the top level Android.bp.
* libminijail.pic is manually replaced with libminijail, since this
change is to focus on the build cleanup.
* libminijail.rs was out of sync, and is now updated during
cargo2android
* This file is being superseded by build.rs in upstream
https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3975851
* ... which is the motivation to clean up the current setup to make
later changes easier
Bug: N/A
Test: m sync
Change-Id: I5247b998b98a5ed4955e836fbd1cd0ba5ac37a26
|
|
OWNERS.android doesn't actually work. Merge into OWNERS.
Bug: 249841918
Test: N/A
Change-Id: Ic33d00f84514cded28a08eaa0503ad9c747e1ad3
|
|
am: 93c0cc3be5
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2249312
Change-Id: I67bdbccfd6002b7f6cdfa2955a6db278c88a9b0c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2249312
Change-Id: I8aa47e3c3633113c9fbfe757e869688151f2493a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2249312
Change-Id: I4e5b315e28eeab6c0f8fa88fa8eb58b73cd32e9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 249841918
Test: N/A
Change-Id: I2c7151ded6eac4c0a61fe31208a43da62eea36de
|
|
am: 85699dadfe
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2237633
Change-Id: I27ecf218cb69c5c877017abbb70b47025add46a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2237633
Change-Id: I8783053018efc1bae1d555e6bb310677676f6d88
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2237633
Change-Id: Icee031f1f0b2ec415e3f96b30881c274eab96047
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
libminijail_unittest.cc now validates the preload .so file exists in
more test cases. It doesn't exist on android, so an `#ifdef ANDROID`
block has been added to work around it temporarily.
* upstream/main:
Extend host glibc workaround to clone3
minijail: enable Landlock for remaining minimalistic_mountns configs.
Update license boilerplate text in source code files
unittest: Include standard header for `errno`
rust: Simplify test config.
Add a comment that minijail_destroy frees memory.
minijail: enable Landlock for minimalistic-mountns configs that only include bind mounts.
update product name to omit spaces
libminijail: Use `bool` for flags
minijail: Update example in man page
minijail: Check for symlinks immediately before mount().
minijail: Apply nosymfollow to /tmp
libminijail_unittest: Pre-resolve the test preload path.
rust/minijail: Add a note on how unsafe fork() is.
Change-Id: I67e8a169eadf85d16c43f8903577a60163b7186d
Bug: 249100835
|
|
The minijail seccomp policies for crosvm now require `clone3`.
Inpsired by https://r.android.com/1887226
Test: TH
Test: built and ran a cuttlefish target with sandboxing enabled
Bug: 246990922
Change-Id: Iaef3bbb80ac3c16c1a55cd3ea55da89476a88a61
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3923841
Reviewed-by: Alistair Delva <adelva@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
|
|
BUG=b:244966913
TEST=security.Minijail*
Change-Id: I3ce1338a76cdf9e34dea9b5d4440bb8f92122f52
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3904232
Tested-by: Ben Scarlato <akhna@google.com>
Reviewed-by: Allen Webb <allenwebb@google.com>
Auto-Submit: Ben Scarlato <akhna@google.com>
Commit-Queue: Ben Scarlato <akhna@google.com>
|
|
a6e2882dcc am: ec451ee02e am: f57b01de8a am: b1afa61b3a
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2219410
Change-Id: I5ce778d15e34acf34abd799cb1ba57ce20812428
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
a6e2882dcc am: ec451ee02e am: f57b01de8a
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2219410
Change-Id: Ibc9001878c7708ef13fee2f1b0d58d4d94b982fc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
a6e2882dcc am: ec451ee02e
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2219410
Change-Id: I240163d15095e9c2c8a9b503433c9a05ce4945c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
a6e2882dcc
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2219410
Change-Id: I82e9e11cbf574820ec5f57e31c34c2e8af608a37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2219410
Change-Id: I3eb2d6483886f636808c4313cdc1cc92e85cd431
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 245854393
Test: presubmit
Change-Id: Ic84ddedd46fbf40e520f81fa225e6e2aac1543e9
|
|
65c66ac0b0 am: 401025bc89 am: 3399f6d2b6 am: 0f7ab0438e
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2215509
Change-Id: Ibad8e3106e46cb8a7b365b9c7e59412211f5c45f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
65c66ac0b0 am: 401025bc89 am: 3399f6d2b6
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2215509
Change-Id: I45b86cc0b8813b1433a1ddddc76a3f6b5c0c770e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
65c66ac0b0 am: 401025bc89
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2215509
Change-Id: I8f17ca5ad1bc291dd08fa29cb6c7a7ed87fe005b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
65c66ac0b0
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2215509
Change-Id: If18a68cd250fd2eeb665cc87157fb30efbca6e6b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2215509
Change-Id: I894412e1c31ad4d158ab91b14a06e3bc8298bfbd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 242357518
Test: presubmit; build/bazel/ci/bp2build.sh
Change-Id: I9115a60e4918ea8fec2caf18354b8e1a171f339b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3838743
|
|
Normally we don't do this, but enough changes have accumulated that
we're doing a tree-wide one-off update of the name & style.
BUG=chromium:1098010
TEST=`repo upload` works
Change-Id: I208569250e49179362ec9e2343ffc13652f576dd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3893890
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Allen Webb <allenwebb@google.com>
Auto-Submit: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
This fixes a build issue with the latest LLVM toolchain.
Change-Id: I7145d0d1aea6769ecab0c5286a71167fabb13d38
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3891224
Reviewed-by: Christian Blichmann <cblichmann@google.com>
Commit-Queue: Christian Blichmann <cblichmann@google.com>
Tested-by: Christian Blichmann <cblichmann@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
Without the test stanza, the default behavior of files under test/ is to
be executed individually serially.
TEST=cargo test -p minijail
BUG=None
Change-Id: Ib47867021abe9f648201582525320d251554d1bc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3861568
Tested-by: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
Commit-Queue: Junichi Uekawa <uekawa@chromium.org>
|
|
It won't kill the process counter to what it might look like.
BUG=b:238646369
TEST=None
Change-Id: I8239e4df84a93b8ec4941bd5223dd9c3fbe1faeb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3849937
Tested-by: Junichi Uekawa <uekawa@chromium.org>
Commit-Queue: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
bind mounts.
Configs that include one or more -k (or -K) mounts are excluded for now.
BUG=b:244175335
TEST=security.Minijail*
Change-Id: I709d6d434dcc999c8e001bac1246f1c5a56b3410
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3871078
Commit-Queue: Ben Scarlato <akhna@google.com>
Commit-Queue: Allen Webb <allenwebb@google.com>
Auto-Submit: Ben Scarlato <akhna@google.com>
Tested-by: Ben Scarlato <akhna@google.com>
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
BUG=None
TEST=CQ passes
Change-Id: I0fc0957917b9f54ac6bab5876131d95f7ca4f121
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3864708
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
This avoids the compiler warning `bitfield-constant-conversion` as the
signedness of 1-bit `int`s is implementation-defined. Since C99, `_Bool` is
defined to always have the range `0..1` for single-bit bit-fields.
Change-Id: Ia9bf5aff8e382fec365064b4bc81844139a3282e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3861048
Reviewed-by: Allen Webb <allenwebb@google.com>
Commit-Queue: Allen Webb <allenwebb@google.com>
Tested-by: Allen Webb <allenwebb@google.com>
|
|
Currently the first example given in the man page:
❯ minijail0 -c 0 -G -u nobody /usr/bin/whoami
won't actually switch the primary group from `root` to `nobody`; it
merely adds `nobody` to the set of groups, as shown below:
❯ minijail0 -c 0 -G -u nobody /usr/bin/id
uid=65534(nobody) gid=0(root) groups=0(root)
This CL updates the example to add a `-g nobody`, which changes the
primary group:
❯ minijail0 -u nobody -g nobody -c 0 -G /usr/bin/id
uid=65534(nobody) gid=65534(nobody) groups=65534(nobody)
The CL additionally changes the sentence order to match the parameter
order, and adds some light formatting to the example to differentiate
the word "nobody" from the user "nobody".
BUG=None
TEST=`man ./minijail0.5`
Change-Id: Icf195ad5dfbe46acbba19c827ca49e40db398928
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3859142
Commit-Queue: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: David Greenaway <dgreenaway@google.com>
Auto-Submit: David Greenaway <dgreenaway@google.com>
|
|
Checking for symlinks at minijail_bind() time still leaves a pretty big
window for the check to be raced and the source path of a bind mount to
be modified between minijail_bind() and the corresponding mount() call.
Check immediately before the mount() call to make the window as small
as possible.
BUG=b:243161816
TEST=security.Minijail*, login.Chrome, arc.Boot.
Change-Id: I232274afb650df217ff94db647e535593b80fbdd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3841217
Auto-Submit: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Ben Scarlato <akhna@google.com>
Commit-Queue: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
|
|
Symlinks can be used in the /tmp folder to trick crash_reporter into
deleting arbitrary files.
Mount the /tmp folder with nosymfollow flag to prevent an attacker with
write access to /tmp from confusing and redirecting code that uses
/tmp.
BUG=b:240740514
TEST=verify that /tmp mounted with nosymfollow using the command:
minijail0 -vt -P /mnt/empty -b / -k none,/proc,proc -- /bin/mount | grep /tmp
Cq-Depend: chromium:3852284
Change-Id: Ic991a0673cbaae21bd51ba18bccd049765bdab52
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3841218
Tested-by: Ryan Borzello <rborzello@chromium.org>
Commit-Queue: Ryan Borzello <rborzello@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
|
|
Make sure the test libminijailpreload.so path is an absolute path so
LD_PRELOAD doesn't select the wrong version of the library from /lib.
BUG=b:243412042
TEST=`make check` and `FEATURES=test emerge chromeos-base/minijail`
Change-Id: Ifa91829c41817f1eb9748f7aed7905e8ba547d11
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3850510
Reviewed-by: Ben Scarlato <akhna@google.com>
Tested-by: Allen Webb <allenwebb@google.com>
Commit-Queue: Allen Webb <allenwebb@google.com>
|
|
Fork() closes FDs but more importantly, it consumes the Minijail object
and cannot run the second time.
BUG=b:238646369
TEST=read it.
Change-Id: Ieec74056c35fa42abe8e7df1f86f5691c61d4e57
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3833624
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
Commit-Queue: Junichi Uekawa <uekawa@chromium.org>
|
|
Bug: 242357518
Test: presubmit; build/bazel/ci/bp2build.sh
Change-Id: I624b2072594794202d2f612c1389942f19168513
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3838743
Auto-Submit: Chih-hung Hsieh <chh@google.com>
Commit-Queue: Chih-hung Hsieh <chh@google.com>
Tested-by: Chih-hung Hsieh <chh@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
|
|
Preupload hook complains.
BUG=None
TEST=repo upload --cbr .
Change-Id: I0385129585353da9d30c3e408f956ba7fdf34553
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3833623
Reviewed-by: Allen Webb <allenwebb@google.com>
Commit-Queue: Junichi Uekawa <uekawa@chromium.org>
Tested-by: Junichi Uekawa <uekawa@chromium.org>
|
|
This is intended as a way to enable Landlock w/o having to add rules for common libraries.
BUG=b:241046775
TEST=run minijail locally for basic Linux utilities with
fs-default-paths enabled.
TEST=CQ
Change-Id: I8f25b0c5691dc05fc78357424010212933281cc6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3825563
Auto-Submit: Ben Scarlato <akhna@google.com>
Tested-by: Ben Scarlato <akhna@google.com>
Reviewed-by: Allen Webb <allenwebb@google.com>
Commit-Queue: Ben Scarlato <akhna@google.com>
|
|
Some Minijail invocations use trailing slashes in -b paths. Since these
trailing slashes are not a risk symlink-wise, allow them for now while
we clean them up.
BUG=b:241137716
TEST=New unit tests.
TEST=login.Chrome, arc.Boot, security.Minijail*.
Change-Id: I8e49e5f551ed9d4ef61b38e62577183d36779030
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3820909
Commit-Queue: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Ben Scarlato <akhna@google.com>
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
BUG=None
TEST=cd rust/minijail && cargo test && git diff
Fixes: d7e6e6865050 ("Add basic Landlock support.")
Change-Id: I4ea37805d4d101cfc2facc12ae8ed8c16a0557b0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3820910
Commit-Queue: Allen Webb <allenwebb@google.com>
Auto-Submit: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
|
|
This also moves syscalls to create Landlock rules to be directly before
landlock_restrict_self().
BUG=b:237809887
TEST=verified Minijail Landlock unit tests pass.
TEST=verified paths in config file allow/disallow basic Linux
utilities.
Change-Id: I193e035deac2ab6f7b6e1e3e5bb5f44369916062
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3820902
Auto-Submit: Ben Scarlato <akhna@google.com>
Commit-Queue: Allen Webb <allenwebb@google.com>
Commit-Queue: Ben Scarlato <akhna@google.com>
Reviewed-by: Allen Webb <allenwebb@google.com>
Tested-by: Ben Scarlato <akhna@google.com>
|
|
BUG=b:240742087
TEST=CQ
Change-Id: Ieb78663e1af7a83c706d6cc437f6908325b7e0fe
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/minijail/+/3816942
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Jorge Lucangeli Obes <jorgelo@chromium.org>
Commit-Queue: Ben Scarlato <akhna@google.com>
Auto-Submit: Ben Scarlato <akhna@google.com>
Tested-by: Ben Scarlato <akhna@google.com>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
|
|
6d5b7f70e0 am: 4c7c431225 am: ca215bbe8d
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2172122
Change-Id: Iaccaeacfde825b661df21e79d8f3f12ecf34ee7b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
6d5b7f70e0 am: 4c7c431225
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2172122
Change-Id: I1b75ab1afbfb612c46f60e0f595db3144fbcd22b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
6d5b7f70e0
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2172122
Change-Id: I8de706f262b13d76a80ff06f6d395a98ff4175c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2172122
Change-Id: I41e5170a3834a4e8d0d5d93bf5ea024f29683de7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/minijail/+/2172122
Change-Id: I9dc36b1e207d37f297939bad526f1d605fb912ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|