diff options
| author | Matt Delco <delco@chromium.org> | 2019-11-13 08:11:09 -0800 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-01-22 17:36:35 +0000 |
| commit | 45caf91aaa80d2d37a63ed2bf99da69b4da0aafa (patch) | |
| tree | 5c9648f6a34c359ff496bcb61d8f33951e4c5082 /seccomp/x86_64/wl_device.policy | |
| parent | 425aaacad18166faf42075b0e49db6aa554d32ae (diff) | |
| download | crosvm-45caf91aaa80d2d37a63ed2bf99da69b4da0aafa.tar crosvm-45caf91aaa80d2d37a63ed2bf99da69b4da0aafa.tar.gz crosvm-45caf91aaa80d2d37a63ed2bf99da69b4da0aafa.tar.bz2 crosvm-45caf91aaa80d2d37a63ed2bf99da69b4da0aafa.tar.lz crosvm-45caf91aaa80d2d37a63ed2bf99da69b4da0aafa.tar.xz crosvm-45caf91aaa80d2d37a63ed2bf99da69b4da0aafa.tar.zst crosvm-45caf91aaa80d2d37a63ed2bf99da69b4da0aafa.zip | |
crosvm: add support for bpf policy files
Change adds supports for providing pre-compiled bpf files as the policy file for jailing. In short it's more effient to compile once on the build machine than each time at runtime. Additionally libminijail's support for more efficient bpfs (which use a binary tree instead of a linear search) is currently only available via tools that are based around pre-compiled use. BUG=None TEST=Ran build_test and verified that tests can pass with both bpf and policy files (though the tests might only exercise the jail for the plugin). Change-Id: Idd93e3c802fc79da93850d6bad1db660576bc9ba Signed-off-by: Matt Delco <delco@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1914416 Tested-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Dylan Reid <dgreid@chromium.org>
Diffstat (limited to 'seccomp/x86_64/wl_device.policy')
0 files changed, 0 insertions, 0 deletions