mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-12-25 04:14:06 +00:00
crosvm: add a feature to disable sandbox by default
Add a build-time feature that allows having plugin and other parts of crosvm to run outside of jailed environment. This is strictly a development time feature and is not expected to be activated with shipping code. Sandbox can still be activated by passing -u (--multiprocess) option. BUG=None TEST=cargo test --feature=default-no-sandbox Change-Id: If9ef1ce8ed0b5d23cef3ad193679baca94413360 Signed-off-by: Dmitry Torokhov <dtor@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1054194 Reviewed-by: Zach Reizner <zachr@chromium.org>
This commit is contained in:
parent
0ac9254f9a
commit
5e05a8331d
2 changed files with 2 additions and 1 deletions
|
@ -11,6 +11,7 @@ panic = 'abort'
|
|||
|
||||
[features]
|
||||
plugin = ["plugin_proto", "crosvm_plugin", "protobuf"]
|
||||
default-no-sandbox = []
|
||||
|
||||
[dependencies]
|
||||
arch = { path = "arch" }
|
||||
|
|
|
@ -92,7 +92,7 @@ impl Default for Config {
|
|||
vhost_net: false,
|
||||
wayland_socket_path: None,
|
||||
socket_path: None,
|
||||
multiprocess: true,
|
||||
multiprocess: !cfg!(feature = "default-no-sandbox"),
|
||||
seccomp_policy_dir: PathBuf::from(SECCOMP_POLICY_DIR),
|
||||
cid: None,
|
||||
plugin: None,
|
||||
|
|
Loading…
Reference in a new issue