executor: make sandboxes more modular

Currently we have a global fixed set of sandboxes, which makes it hard to add new OS-specific ones (all OSes need to updated to say that they don't support this sandbox). Let it each OS say what sandboxes it supports instead.
author: Dmitry Vyukov <dvyukov@google.com> 2018-09-17 11:39:04 +0200
committer: Dmitry Vyukov <dvyukov@google.com> 2018-09-17 11:39:04 +0200
commit: 98f4a9612dd54429b3f92dccf631fdfa4f9018f3 (patch)
tree: 673d1b4845d7a6de5b0a20c30a28d76c32356018 /executor/common_linux.h
parent: 0eca949a6c271b879d582e01c3d1d79dc704172c (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/executor/common_linux.h b/executor/common_linux.h
index 5ae770800..02c1eb82e 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -1561,6 +1561,7 @@ static int do_sandbox_none(void)
 #include <sched.h>
 #include <sys/prctl.h>
 
+#define SYZ_HAVE_SANDBOX_SETUID 1
 static int do_sandbox_setuid(void)
 {
 	if (unshare(CLONE_NEWPID)) {
@@ -1722,6 +1723,7 @@ static int namespace_sandbox_proc(void* arg)
 	doexit(1);
 }
 
+#define SYZ_HAVE_SANDBOX_NAMESPACE 1
 static int do_sandbox_namespace(void)
 {
 	int pid;
@@ -1844,6 +1846,7 @@ static void syz_setfilecon(const char* path, const char* context)
 		fail("setfilecon: could not set context to %s, currently %s", context, new_context);
 }
 
+#define SYZ_HAVE_SANDBOX_ANDROID_UNTRUSTED_APP 1
 static int do_sandbox_android_untrusted_app(void)
 {
 	setup_common();
author	Dmitry Vyukov <dvyukov@google.com>	2018-09-17 11:39:04 +0200
committer	Dmitry Vyukov <dvyukov@google.com>	2018-09-17 11:39:04 +0200
commit	98f4a9612dd54429b3f92dccf631fdfa4f9018f3 (patch)
tree	673d1b4845d7a6de5b0a20c30a28d76c32356018 /executor/common_linux.h
parent	0eca949a6c271b879d582e01c3d1d79dc704172c (diff)