Google Git
Sign in
android / platform / external / minijail / 866bb3acc5b62235567171dfed9205a5b8c3e039
commit866bb3acc5b62235567171dfed9205a5b8c3e039[log] [tgz]
authorChirantan Ekbote <chirantan@google.com>Tue Feb 07 12:26:42 2017 -0800
committerTreehugger Robot <treehugger-gerrit@google.com>Wed Feb 08 22:36:39 2017 +0000
tree51dd76e302d8fc1b8f3ac45470dfe3d2c0939bc7
parent959f656840f8b1b9d053be124e89d32dac8272e7 [diff]
Add a flag to drop access to the session keyring

Now that chrome os is moving over to ext4 based directory encryption, the
encryption keys are stored in the session keyring.  Applications that don't need
to access the encrypted user data directory don't need access to this keyring.
Add a flag for applications to drop access to the session keyring when they
don't need it.

Bug: crbug.com/682419
TEST=autotest in a later CL

Change-Id: I3cb8f120d9f4891d9a13f7fe342b0388e9975605
Signed-off-by: Chirantan Ekbote <chirantan@google.com>
4 files changed
tree: 51dd76e302d8fc1b8f3ac45470dfe3d2c0939bc7
  1. examples/
  2. linux-x86/
  3. test/
  4. tools/
  5. .clang-format
  6. .gitignore
  7. Android.mk
  8. arch.h
  9. bpf.c
  10. bpf.h
  11. common.mk
  12. CPPLINT.cfg
  13. elfparse.c
  14. elfparse.h
  15. gen_constants.sh
  16. gen_syscalls.sh
  17. get_googletest.sh
  18. libconstants.h
  19. libminijail-private.h
  20. libminijail.c
  21. libminijail.h
  22. libminijail.pc.in
  23. libminijail_unittest.cc
  24. libminijailpreload.c
  25. libsyscalls.h
  26. Makefile
  27. minijail0.1
  28. minijail0.5
  29. minijail0.c
  30. MODULE_LICENSE_BSD
  31. NOTICE
  32. OWNERS
  33. parse_seccomp_policy.cc
  34. platform2_preinstall.sh
  35. PRESUBMIT.cfg
  36. PREUPLOAD.cfg
  37. scoped_minijail.h
  38. signal_handler.c
  39. signal_handler.h
  40. syscall_filter.c
  41. syscall_filter.h
  42. syscall_filter_unittest.cc
  43. syscall_filter_unittest_macros.h
  44. syscall_wrapper.c
  45. syscall_wrapper.h
  46. test_harness.h
  47. util.c
  48. util.h