From 98f4a9612dd54429b3f92dccf631fdfa4f9018f3 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Mon, 17 Sep 2018 11:39:04 +0200
Subject: executor: make sandboxes more modular

Currently we have a global fixed set of sandboxes,
which makes it hard to add new OS-specific ones
(all OSes need to updated to say that they don't
support this sandbox).
Let it each OS say what sandboxes it supports instead.
---
 executor/common_linux.h | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'executor/common_linux.h')

diff --git a/executor/common_linux.h b/executor/common_linux.h
index 5ae770800..02c1eb82e 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -1561,6 +1561,7 @@ static int do_sandbox_none(void)
 #include <sched.h>
 #include <sys/prctl.h>
 
+#define SYZ_HAVE_SANDBOX_SETUID 1
 static int do_sandbox_setuid(void)
 {
 	if (unshare(CLONE_NEWPID)) {
@@ -1722,6 +1723,7 @@ static int namespace_sandbox_proc(void* arg)
 	doexit(1);
 }
 
+#define SYZ_HAVE_SANDBOX_NAMESPACE 1
 static int do_sandbox_namespace(void)
 {
 	int pid;
@@ -1844,6 +1846,7 @@ static void syz_setfilecon(const char* path, const char* context)
 		fail("setfilecon: could not set context to %s, currently %s", context, new_context);
 }
 
+#define SYZ_HAVE_SANDBOX_ANDROID_UNTRUSTED_APP 1
 static int do_sandbox_android_untrusted_app(void)
 {
 	setup_common();
-- 
cgit mrf-deployment