| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
The recent docker upgrade to debian `bookworm` caused
x86_64 instances to fail in `pthread_create()` due to the
android seccomp filter.
On `bookworm`, `pthread_create()` calls `clone3()` and
`set_robust_list()` which aren't on the seccomp filter (instead
of `clone()`), which is. Added these calls to the seccomp policy.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently all executor fail errors go into "lost connection" bucket.
This is not very useful. First, there are different executor failures.
Second, it's not possible to understand what failures happen how frequently.
Third, there are not authentic lost connection.
Create separate SYZFAIL: bugs for them.
Update #573
Update #502
Update #318
|
| |
|
|
| |
Fix code formatting, clang-tidy warnings, minor style nits.
|
|
|
This adds support for the seccomp filters that are part of Android into
the sandbox. A process running as untrusted_app in Android has a
restricted set of syscalls that it is allow to run. This is
accomplished by setting seccomp filters in the zygote process prior to
forking into the application process. The seccomp filter list comes
directly from the Android source, it cannot be dynamically loaded from
an Android phone because libseccomp_policy.so does not exist as a
library on the system partition.
|
