Commit graph

4 commits

Author SHA1 Message Date
Yunlian Jiang
31c20fdcce crosvm: add getpid and prlimit to seccomp
This is needed to make sure seccomp work with glibc 2.27

BUG=chromium:897477
TEST=None

Change-Id: I101aa07bffd8db2b449be1a697dafcd7d6f1cb58
Reviewed-on: https://chromium-review.googlesource.com/1294729
Commit-Ready: Yunlian Jiang <yunlian@chromium.org>
Tested-by: Yunlian Jiang <yunlian@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
2018-10-23 02:55:29 -07:00
Yunlian Jiang
a70445aa3b crosvm: add openat to seccomp
This adds openat to a seccomp policy file if open is already there.
We need this because glibc 2.25 changed it system call for open().

BUG=chromium:894614
TEST=None

Change-Id: Ie5b45d858e8d9ea081fd7bfda81709bda048d965
Reviewed-on: https://chromium-review.googlesource.com/1292129
Commit-Ready: Yunlian Jiang <yunlian@chromium.org>
Tested-by: Yunlian Jiang <yunlian@chromium.org>
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
2018-10-21 05:25:01 -07:00
Stephen Barber
a10b2d20a8 plugin: add crosvm_net_get_config
BUG=none
TEST=sudo cargo test --features plugin

Change-Id: Ib38fad250295d73529dff0451345b4274a261073
Reviewed-on: https://chromium-review.googlesource.com/911943
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-03-08 00:37:50 -08:00
Zach Reizner
cc30d58c18 crosvm: run plugin process in a jail by default
The plugin process is similar to a virtual device from the perspective
of crosvm. Therefore, the plugin process should be run in a jail,
similar to the other devices in crosvm.

TEST=cargo build --features plugin; ./build_test
BUG=chromium:800626

Change-Id: I881d7b0f8a11e2626f69a5fa0eee0aa59bb6b6be
Reviewed-on: https://chromium-review.googlesource.com/882131
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-02-12 22:42:34 -08:00