security/sandbox/linux/Sandbox.cpp
98e66e846417251283a213d48415de11b3cd4960
created 2017-01-27 14:25 -0700
pushed 2017-02-02 05:20 +0000
Jed Davis Jed Davis - Bug 1286865 - Step 0: Turn off crash-on-seccomp-fail by default on non-nightly. r?gcp draft
adab5d5d0372d1a26685d6fbc59cdfc977ad76c6
created 2017-01-31 13:06 +0100
pushed 2017-01-31 12:58 +0000
Olli Pettay Olli Pettay - Bug 1335323 - Move vector include to sandbox header to fix bustage. r=bustage-fix a=bustage-fix
058d894f8fd021a9643d0fdec89ce8e84fd458a7
created 2017-01-26 19:59 +0100
pushed 2017-01-30 11:35 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Make sandboxing policy more configurable via preferences. r?jld draft
2633df8bf5d3969230f0627eda9c01e239f1091d
created 2017-01-27 20:59 +0100
pushed 2017-01-28 05:04 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset e87ae43ca443 (bug 1330326)
c53bce434e7ebdfef59c7bcdeb9add526cffc277
created 2017-01-11 21:05 +0100
pushed 2017-01-17 23:25 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Add whitelist for syscalls via preferences. r?jld draft
b54a7014e03d92571b341b9ce82772305685a58d
created 2016-12-12 11:49 +0100
pushed 2016-12-13 16:16 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 3a761e5cc19c (bug 1257361) for bustage
26025c7f0d298872c5fe88739c9897254da6fc75
created 2016-12-06 12:38 -1000
pushed 2016-12-07 10:58 +0000
Jed Davis Jed Davis - Bug 1257361 - Simplify detecting threads that already have seccomp-bpf applied. r=tedd r=gcp
97bf9717631977f76a43fadd51c99dea1df770c6
created 2016-11-04 18:16 -0600
pushed 2016-11-05 15:48 +0000
Jed Davis Jed Davis - Bug 1313218 - Preload libmozsandbox.so in child processes on Linux. r=tedd r=billm r=glandium
8b07f481251c7c1aa8911e5f53f26d0c71f14dfc
created 2016-10-26 16:57 -0600
pushed 2016-10-27 02:12 +0000
Jed Davis Jed Davis - Bug 1268733 - Move Linux sandboxing code back out to libmozsandbox.so. r=gcp r=glandium
7fcfb1c3b654b1fae9532044c0b7731af49b38e7
created 2016-10-26 16:57 -0600
pushed 2016-10-27 02:12 +0000
Jed Davis Jed Davis - Bug 1268733 - Move sandbox interposition shims to their own static library. r=gcp r=glandium
a46f0e32289bb8975eef7f87d14cbd71c9c10582
created 2016-09-06 08:57 +0100
pushed 2016-09-06 16:57 +0000
Bob Owen Bob Owen - Bug 1287426 Part 3: Update security/sandbox/chromium/ to commit 4ec79b7f2379a60cdc15599e93255c0fa417f1ed. r=aklotz, r=jld
6d6a279299fcdf998904fd71a0a1268c34180cd1
created 2016-08-23 12:01 +0800
pushed 2016-08-23 04:02 +0000
Kan-Ru Chen Kan-Ru Chen - Bug 1297276 - Rename mfbt/unused.h to mfbt/Unused.h for consistency. r?froydnj draft
8bcc169e1f730a17ab95b5a3fb3365f279956103
created 2016-08-02 14:54 +0200
pushed 2016-08-02 13:30 +0000
Alexandre Lissy Alexandre Lissy - Bug 1285662 - Remove NUWA r? draft
8719c45bc591d91c424e762a3d5a3d8839325e7e
created 2016-07-11 09:22 -0700
pushed 2016-07-11 16:23 +0000
Haik Aftandilian Haik Aftandilian - Bug 1274540 - Record sandboxing status in crash reports; r?gcp draft
17c1f2315eb528745cfc7b73b1f5dc6cfcf7a35c
created 2016-05-26 16:20 +0200
pushed 2016-06-07 15:00 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 2: Move signal handler set up to SandboxEarlyInit() r=jld
1526b47e25e446cbbbaee357ed3d643fef45eb2a
created 2016-05-26 16:19 +0200
pushed 2016-06-07 15:00 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 1: Change search order for free signal r=jld
25cf270ae8c54aae735d5657cb5118a277eeef0a
created 2016-06-07 12:07 +0200
pushed 2016-06-07 15:00 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset ae5286493f15 (bug 1274873) for frequent timeouts in browser_ManifestObtainer_obtain.js
b070f6f0ace20cba6b74f269af0c3a5b0bbe229b
created 2016-06-07 12:06 +0200
pushed 2016-06-07 15:00 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 62646bfa1f95 (bug 1274873)
62646bfa1f953b5e89aef58e9879dd2f139610f0
created 2016-05-26 16:20 +0200
pushed 2016-06-07 13:42 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 2: Move signal handler set up to SandboxEarlyInit() r=jld
ae5286493f1570628d17c1d81a73a782291dd613
created 2016-05-26 16:19 +0200
pushed 2016-06-07 13:42 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 1: Change search order for free signal r=jld
3d67e45f994a3ae1ae43479c32c2ed63bbf1a7c8
created 2016-04-27 14:16 +1000
pushed 2016-04-29 03:33 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1267550 (part 2) - Rename MOZ_WARN_UNUSED_RESULT as MOZ_MUST_USE. r=froydnj.
c2b3f129d0c88620ee822e5bd4b7365d2a21c2f5
created 2015-11-05 10:42 -0500
pushed 2016-04-19 08:34 +0000
Ryan VanderMeulen Ryan VanderMeulen - Revert to revision a725f1cd4baa, undoing the m-c -> b2g44 merge. a=bustage
c23905a01c29f257f64db3e627d07a1eb71eb0d0
created 2015-11-30 18:21 +0100
pushed 2015-12-16 19:25 +0000
Jed Davis Jed Davis - Bug 1222500 - Handle unexpected thread creation better on desktop Linux. r=gdestuynder
7ec70e0c699746cf72e03acadc09d0d5877423d0
created 2015-11-02 07:53 +0200
pushed 2015-11-02 13:29 +0000
Birunthan Mohanathas Birunthan Mohanathas - Bug 1219392 - Capitalize mozilla::unused to avoid conflicts. r=froydnj
f5e11173ec72ac5c700ea1e19fc9a87375bde41a
created 2015-10-07 22:13 -0700
pushed 2015-10-08 14:45 +0000
Jed Davis Jed Davis - Bug 930258 - Part 2: seccomp-bpf integration. r=kang
10e3f62dc8a66c514fd1b3b42604cc5b7be8ebdc
created 2015-08-28 13:37 +0200
pushed 2015-09-10 19:28 +0000
Jed Davis Jed Davis - Bug 1199481 - Complain more when entering sandboxing code as root. r=kang
0d99e927527b2300dacfbc641e4af1249f46d604
created 2015-08-28 12:18 +0200
pushed 2015-09-10 19:28 +0000
Jed Davis Jed Davis - Bug 1199413 - Fix MOZ_DISABLE_GMP_SANDBOX so it disables all the sandboxing. r=kang
d9a56e97c6b1a4184deaf3f9c7b8a8872bd7fd21
created 2015-08-11 16:30 -0400
pushed 2015-08-14 21:17 +0000
Jed Davis Jed Davis - Bug 1004011 - Support SECCOMP_FILTER_FLAG_TSYNC if available. r=kang
2fb5a54331e35ec6fe1687a9cb9a1dcbc51d325a
created 2015-07-09 12:09 +0200
pushed 2015-07-21 16:41 +0000
Jed Davis Jed Davis - Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=gdestuynder r=glandium
201c980cabe7cc195dd9c1dddcd70fe73f1408b5
created 2015-07-13 16:51 -0700
pushed 2015-07-14 13:24 +0000
Wes Kocher Wes Kocher - Backed out 2 changesets (bug 1181704) for static build bustage CLOSED TREE
fbf7aca43c3a79cabf6bc05adc80dc930cae43f3
created 2015-07-13 16:17 -0700
pushed 2015-07-13 23:24 +0000
Jed Davis Jed Davis - Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=kang r=glandium
513d62fe75c9d136042f9ca85b017d3aad3cdc37
created 2015-06-19 14:26 -0700
pushed 2015-06-22 04:50 +0000
Jed Davis Jed Davis - Bug 1176085 - Fix second/nanosecond confusion in Linux sandbox start error case. r=kang
6e2d23f31eebabd6264b27e5a96505e113394bed
created 2015-06-10 13:38 -0400
pushed 2015-06-12 20:00 +0000
Jed Davis Jed Davis - Bug 1168555 - Work around Nuwa not always being single-threaded when a normal content process is. r=kang
6522add87d6bb4fa693c3089cc0c0e10ba77c301
created 2015-06-05 15:17 -0700
pushed 2015-06-08 11:01 +0000
Jed Davis Jed Davis - Bug 1055310 - Step 3: Move syscall interceptions into SandboxFilter.cpp. r=kang
b3f98086e8cc3cbf7cd17d8336e2bce77c255252
created 2015-06-05 15:17 -0700
pushed 2015-06-08 11:01 +0000
Jed Davis Jed Davis - Bug 1055310 - Step 2: Move SIGSYS handling to Chromium TrapRegistry. r=kang
32872aebf4abd375c974f1c752967de182680323
created 2015-06-05 15:17 -0700
pushed 2015-06-08 11:01 +0000
Jed Davis Jed Davis - Bug 1055310 - Step 1: Convert seccomp-bpf policies to Chromium PolicyCompiler. r=kang
acc410f0b28ca4affaed71fd1bfb0330a3c33072
created 2015-04-10 18:05 -0700
pushed 2015-04-13 10:33 +0000
Jed Davis Jed Davis - Bug 1151607 - Step 2: Apply net/ipc namespace separation and chroot to media plugins. r=kang
4ed5d64f054ba283f8a47c698daa38c124c8bacc
created 2015-04-10 18:05 -0700
pushed 2015-04-13 10:33 +0000
Jed Davis Jed Davis - Bug 1151607 - Step 1: Add Linux sandboxing hook for when child processes are still single-threaded. r=kang r=bent
53a41684adcbca8801d9d208a2d3d42a2a8a11d4
created 2015-04-10 18:05 -0700
pushed 2015-04-13 10:33 +0000
Jed Davis Jed Davis - Bug 1151607 - Step 0: sort includes to make the following patches cleaner. r=kang
3928ee1b0381453833c00fbe1e1b72a26143f13a
created 2015-01-11 11:34 +0900
pushed 2015-01-12 18:26 +0000
Masatoshi Kimura Masatoshi Kimura - Bug 1120062 - Part 1: Remove most Nullptr.h includes. r=waldo
1e0944ec79a6a270e0d4ddb1ab20fb4631c9186d
created 2014-12-10 17:26 -0800
pushed 2014-12-11 21:18 +0000
Jed Davis Jed Davis - Bug 1093334 - Adjust includes of Linux sandboxing headers from Chromium. r=kang
d06d1a469bb1962807e29e036666e06c4f5670e5
created 2014-11-24 15:22 -0800
pushed 2014-11-25 16:33 +0000
Jed Davis Jed Davis - Bug 1101170 - Move Linux sandbox code into plugin-container on desktop. r=kang r=glandium
0b3bfc3c27913e0be76dda67798865cf3c270f58
created 2014-11-24 15:22 -0800
pushed 2014-11-25 16:33 +0000
Jed Davis Jed Davis - Bug 1101170 - Move sandbox status info into a separate module. r=kang r=glandium
09cbdbb68a5c9a35628d08293ba37523a5f996ba
created 2014-11-06 13:11 +0100
pushed 2014-11-07 23:35 +0000
Jed Davis Jed Davis - Bug 1077057 - Expose Linux sandboxing information to JS via nsSystemInfo. r=kang r=froydnj
2881d59c61f243122b7c94deacee0140dd29f1ae
created 2014-11-06 11:04 -0800
pushed 2014-11-07 23:35 +0000
Jed Davis Jed Davis - Bug 1093893 - Fix B2G sandbox for ICS Bionic pthread_kill(). r=kang
8bcaa2c7dab7df62ef08306059a8409077430736
created 2014-08-15 15:00 -0400
pushed 2014-10-29 02:45 +0000
Jed Davis Jed Davis - Bug 1043733 - Require sandboxing to load Gecko Media Plugins on Linux. r=jesup, r=kang, a=sledru
90e489c8fc4b9e2373ba1651629e3caf024fc795
created 2014-08-15 15:00 -0400
pushed 2014-10-29 02:45 +0000
Jed Davis Jed Davis - Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang, r=ted, a=sledru
6fdd170cc4093c579d1fc884364bf1c34d0e0f94
created 2014-08-15 15:00 -0400
pushed 2014-10-29 02:45 +0000
Jed Davis Jed Davis - Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang, a=sledru
05c9d0a949bc005e2636fcf8d2d3de03324f8794
created 2014-07-16 13:33 -0700
pushed 2014-10-29 02:45 +0000
Jed Davis Jed Davis - Bug 1038900 - Dynamically allocate signal number for sandbox startup. r=kang a=2.0+
c2f036dd38b4adf30e260b2f91fbb6da4b551697
created 2014-10-21 11:18 +0200
pushed 2014-10-29 00:55 +0000
Jed Davis Jed Davis - Bug 1081242 - Make ASAN's error reporting work while sandboxed on Linux. r=kang
ee14fb2a1053fff9b4a5cb5f0dd0486ddbe3ceb1
created 2014-08-26 13:54 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang
2f9d0821e08cdf73a7c6e32e9bc2ecf440960197
created 2014-08-26 13:54 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium
b3dcb5b33f780a0266be0c9261e297fe43e3b1a8
created 2014-08-26 13:54 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang
740e7cc973862f86e2a68b5908f3f22e0c663259
created 2014-08-14 15:39 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - No bug - Add trailing newlines for non-Android Linux sandbox logging. r=kang
20dbe115d6285b6d618f7af8f0acd0a50413caeb
created 2014-08-12 21:28 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1043733 - Require sandboxing to load Gecko Media Plugins on Linux. r=jesup r=kang
b60e4395f1413e062b19e22dd16da68983719219
created 2014-08-04 15:11 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang r=ted
d78784f732eb181c05e0c8759fe959e2bcf7ff49
created 2014-08-04 15:11 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang
99e1f3c50a12775a3f59843cc60b9febc3e0785e
created 2014-07-30 16:49 +0100
pushed 2014-10-20 17:29 +0000
Ed Morley Ed Morley - Backed out changeset d50d7e88f35e (bug 1012951) for LSan failures
d50d7e88f35eecb6c657467a179f64a47cd0c3c6
created 2014-07-29 15:31 -0700
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1012951 - Sandbox GMP plugins on Linux using seccomp-bpf. r=kang r=ted
5342871fa1ccc62f858c3cfd97bec694301c751e
created 2014-07-24 11:36 +0200
pushed 2014-10-20 17:29 +0000
Jed Davis Jed Davis - Bug 1017393 - Record rejected syscall number in crash dump. r=kang
less more (0) -60 tip