security/sandbox/linux/SandboxFilter.cpp
84b52c0b3bd16213a0a634b1d1037ccaeeadf367
created 2015-03-24 10:53 +1300
pushed 2015-03-23 21:59 +0000
Edwin Flores Edwin Flores - Bug 1146192 - Backed out changeset d2918bcf0d90 for missing bug number - r=me
d2918bcf0d90059ca3145a19b705658af0fa4434
created 2015-03-24 09:55 +1300
pushed 2015-03-23 20:55 +0000
Edwin Flores Edwin Flores - Bug 1XXXXXX - Whitelist sched_yield syscall in GMP sandbox on Linux - r=jld
ac4464790ec4896a5188fa50cfc69ae0ffeddc08
created 2015-03-21 12:28 -0400
pushed 2015-03-21 16:32 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj
eece6a43d288b3f7bb85c3dd884258c321712d8f
created 2015-03-18 15:30 +0100
pushed 2015-03-19 08:00 +0000
Jed Davis Jed Davis - Bug 1144580 - Whitelist pselect6 in content seccomp-bpf policy. r=kang
093b0a844c3b09d93d916d2812499d5a40f1f745
created 2015-03-13 13:47 -0700
pushed 2015-03-16 12:34 +0000
Jed Davis Jed Davis - Bug 1141885 - Make readlink() fail instead of allowing it, for B2G content processes. r=kang
35ad2e5b036b9d141a0bbf71571b7b4936e23b7e
created 2015-03-11 12:39 +0100
pushed 2015-03-13 10:56 +0000
Jed Davis Jed Davis - Bug 906996 - Remove unlink from B2G content process syscall whitelist. r=kang
dca901fa0641cf6b67dc4f5495b319efdb9365ca
created 2015-03-07 10:44 -0500
pushed 2015-03-07 15:45 +0000
Jed Davis Jed Davis - Bug 1140111 - Whitelist readlinkat along with readlink. r=kang
128980c4abde25f05950187b41e317dea5e52782
created 2015-02-20 12:16 +0100
pushed 2015-02-24 10:01 +0000
Jed Davis Jed Davis - Bug 1134942 - Whitelist fstatat and unlinkat for B2G content processes. r=gdestuynder
3928ee1b0381453833c00fbe1e1b72a26143f13a
created 2015-01-11 11:34 +0900
pushed 2015-01-11 02:35 +0000
Masatoshi Kimura Masatoshi Kimura - Bug 1120062 - Part 1: Remove most Nullptr.h includes. r=waldo
ff45d829cf6b0664727921dd4665db9a925cc407
created 2014-11-21 01:07 +0800
pushed 2014-12-18 02:08 +0000
Kai-Zhen Li Kai-Zhen Li - bug 1102277 - Update seccomp filter for newer bionic. r=jld
1e0944ec79a6a270e0d4ddb1ab20fb4631c9186d
created 2014-12-10 17:26 -0800
pushed 2014-12-11 01:26 +0000
Jed Davis Jed Davis - Bug 1093334 - Adjust includes of Linux sandboxing headers from Chromium. r=kang
a2ae4c0a26fe0ec5ddac93ec0c6c9642c4a3d321
created 2014-12-10 17:26 -0800
pushed 2014-12-11 01:26 +0000
Jed Davis Jed Davis - Bug 1102209 - Remove use of CodeGen::JoinInstructions in the Linux sandboxing code. r=kang
92bd6caa14da1311e5fb40b0f05681cc36adab40
created 2014-12-02 17:10 -0500
pushed 2014-12-08 20:49 +0000
Jay Wang Jay Wang - Bug 1105452 - Need to use new Audio system APIs for audio offload playback. r=roc, r=jld, r=ggrisco
c2f036dd38b4adf30e260b2f91fbb6da4b551697
created 2014-10-21 11:18 +0200
pushed 2014-10-24 08:31 +0000
Jed Davis Jed Davis - Bug 1081242 - Make ASAN's error reporting work while sandboxed on Linux. r=kang
6ab760222a4eff750b43417f1b13f950f653a63e
created 2014-10-20 12:29 -0700
pushed 2014-10-21 02:08 +0000
Jed Davis Jed Davis - Bug 1078838 - Restrict clone(2) flags for sandboxed content processes. r=kang
11f1649bd31a1696dcf5fb27c0ca6badb0e446dd
created 2014-10-16 12:42 +0200
pushed 2014-10-17 09:10 +0000
Jed Davis Jed Davis - Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang
afeff2d265bdf1d9b27284de44b6185082691f91
created 2014-10-03 14:55 -0700
pushed 2014-10-03 21:55 +0000
Jed Davis Jed Davis - Bug 1068410 - Convert remote crash dump to use pipe instead of socketpair in the child. r=kang r=ted
36cf6a98d663a59eb03043e62527b120fc876e1d
created 2014-08-04 15:11 -0700
pushed 2014-08-05 01:37 +0000
Jed Davis Jed Davis - Bug 1047620 - Fix sandboxing for B2G --disable-jemalloc builds. r=kang
b60e4395f1413e062b19e22dd16da68983719219
created 2014-08-04 15:11 -0700
pushed 2014-08-05 01:37 +0000
Jed Davis Jed Davis - Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang r=ted
d78784f732eb181c05e0c8759fe959e2bcf7ff49
created 2014-08-04 15:11 -0700
pushed 2014-08-05 01:37 +0000
Jed Davis Jed Davis - Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang
9a9d70cf22246fc0555b72ddb9acce2cdf207411
created 2014-08-01 15:05 -0700
pushed 2014-08-04 11:23 +0000
Jed Davis Jed Davis - Bug 1046525 - Allow get{e,}gid and sched_{g,s}etparam in sandboxed content processes. r=kang
99e1f3c50a12775a3f59843cc60b9febc3e0785e
created 2014-07-30 16:49 +0100
pushed 2014-07-30 15:49 +0000
Ed Morley Ed Morley - Backed out changeset d50d7e88f35e (bug 1012951) for LSan failures
d50d7e88f35eecb6c657467a179f64a47cd0c3c6
created 2014-07-29 15:31 -0700
pushed 2014-07-30 07:14 +0000
Jed Davis Jed Davis - Bug 1012951 - Sandbox GMP plugins on Linux using seccomp-bpf. r=kang r=ted
c361be2aeb66ec71289f34a5edfcc7a2527afbf8
created 2014-07-17 14:57 -0700
pushed 2014-07-18 01:08 +0000
Jed Davis Jed Davis - Bug 1037211 - Remove MOZ_CONTENT_SANDBOX_REPORTER by making it always true. r=kang r=ted
39ee921a5b2f66fec3dfc260274650e2a79db287
created 2014-07-14 18:35 -0700
pushed 2014-07-15 19:39 +0000
Jed Davis Jed Davis - Bug 1038490 - Fix misuse of MOZ_WIDGET_GONK in Linux content process sandbox policy. r=kang
3ea86a380019d51722b0c38c3206e5b0958b0567
created 2014-07-09 16:52 -0700
pushed 2014-07-15 19:39 +0000
Jed Davis Jed Davis - Bug 1038486 - Fix Linux desktop seccomp sandbox build on 32-bit x86. r=kang
78ebcfff12347b6cd921ddb8d240a89912b106d3
created 2014-07-10 17:37 -0700
pushed 2014-07-15 07:27 +0000
Jed Davis Jed Davis - Bug 1035786 - Avoid warning-as-error sandbox build failure with an explicit cast. r=gdestuynder
89e48a42e8a560df6e083329906c5f0950e7f5b9
created 2014-06-02 14:52 +0200
pushed 2014-06-04 07:16 +0000
Jed Davis Jed Davis - Bug 1014299 - Add times() to seccomp whitelist. r=kang
179363be564197fc8907d08823bd06609257ece4
created 2014-05-20 18:38 -0700
pushed 2014-05-21 01:38 +0000
Jed Davis Jed Davis - Bug 920372 - Fix socketcall whitelisting on i386. r=kang
2adbb2797d8b4add9ad4db27090d7f6b26d6a3ee
created 2014-05-20 18:38 -0700
pushed 2014-05-21 01:38 +0000
Jed Davis Jed Davis - Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang
b56d5602d0cdcc7f06a82538e52fde16aa0d84a3
created 2014-05-20 18:37 -0700
pushed 2014-05-21 01:38 +0000
Jed Davis Jed Davis - Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang
0c567eac263556a4103ac7d50aec0b1d5df5fd2c
created 2014-05-02 16:57 +0200
pushed 2014-05-06 07:13 +0000
Jed Davis Jed Davis - Bug 1004832 - Add tgkill to seccomp-bpf whitelist. r=kang
dc0586595f8039894a875654a18e54c85e88df1c
created 2014-04-17 16:23 -0400
pushed 2014-04-17 20:23 +0000
Jed Davis Jed Davis - Bug 997409 - Add set_thread_area to seccomp whitelist if available. r=kang
aac74f0bcfbffa5c7da6cd011969d2d75100f065
created 2014-04-11 13:09 +0200
pushed 2014-04-15 09:44 +0000
Jed Davis Jed Davis - Bug 981949 - Whitelist ftruncate for seccomp-bpf sandboxing. r=kang
47cbfabd27b4bb316b914c00facf356a29529f42
created 2014-03-28 17:58 -0700
pushed 2014-03-29 00:58 +0000
Jed Davis Jed Davis - Bug 989172 - Re-add sigaltstack to seccomp whitelist. r=kang
d380f713c721a7020886c6b00284d206d0c7fefb
created 2014-03-20 10:19 -0400
pushed 2014-03-20 14:19 +0000
Jed Davis Jed Davis - Bug 985227 - Part 3: Replace the seccomp filter arch ifdefs with syscall existence tests. r=kang
679ac1f215d8a51477ef135a3a751dc7d43a9a14
created 2014-03-20 10:19 -0400
pushed 2014-03-20 14:19 +0000
Jed Davis Jed Davis - Bug 985227 - Part 2: Flatten out the #define maze in the seccomp filter. r=kang
1e4e7d7e184bc86c7781f42b6bed69228333d8c0
created 2014-03-20 10:19 -0400| base
pushed 2014-03-20 14:19 +0000
Jed Davis Jed Davis - Bug 985227 - Part 1: Move the seccomp filter into its own translation unit. r=kang
less more (0) tip