| /external/libchrome/sandbox/linux/services/ |
| yama_unittests.cc | 19 #include "sandbox/linux/services/yama.h"
29 // On 3.2 kernels, yama doesn't work for 32-bit binaries on 64-bit kernels.
79 TEST(Yama, GetStatus) {
80 int status1 = Yama::GetStatus();
84 ASSERT_GE(Yama::STATUS_KNOWN | Yama::STATUS_PRESENT | Yama::STATUS_ENFORCING |
85 Yama::STATUS_STRICT_ENFORCING,
89 int status2 = Yama::GetStatus();
94 EXPECT_NE(0, Yama::STATUS_KNOWN & status1)
[all...] |
| yama.h | 13 // Yama is a LSM kernel module which can restrict ptrace().
14 // This class provides ways to detect if Yama is present and enabled
16 class SANDBOX_EXPORT Yama {
24 // STATUS_STRICT_ENFORCING corresponds to either mode 2 or mode 3 of Yama.
31 // If this succeeds, then Yama is available on this kernel.
32 // However, Yama may not be enforcing at this time.
35 // Disable Yama restrictions for the current process.
36 // This will fail if Yama is not available on this kernel.
41 // Checks if Yama is currently in enforcing mode for the machine (not the
43 // /proc/sys/kernel/yama/ptrace_scope
[all...] |
| yama.cc | 5 #include "sandbox/linux/services/yama.h"
32 // Enable or disable the Yama ptracers restrictions.
33 // Return false if Yama is not present on this kernel.
48 // ENOSYS or EINVAL means Yama is not in the current kernel.
66 bool Yama::RestrictPtracersToAncestors() {
71 bool Yama::DisableYamaRestrictions() {
76 int Yama::GetStatus() {
81 static const char kPtraceScopePath[] = "/proc/sys/kernel/yama/ptrace_scope";
88 // The status is known, yama is not present.
112 bool Yama::IsPresent() { return GetStatus() & STATUS_PRESENT;
[all...] |
| /external/elfutils/config/ |
| 10-default-yama-scope.conf | 1 # When yama is enabled in the kernel it might be used to filter any user
13 # yama ptrace scope can be used to reduce these permissions even more.
22 # For more information see Documentation/security/Yama.txt in the kernel
34 kernel.yama.ptrace_scope = 0
|
| ChangeLog | 42 * 10-default-yama-scope.conf: New file.
43 * Makefile.am (EXTRA_DIST): Add 10-default-yama-scope.conf.
44 * elfutils.spec.in (Requires): default-yama-scope.
45 (default-yama-scope): New package.
|
| Makefile.am | 31 EXTRA_DIST = elfutils.spec.in known-dwarf.awk 10-default-yama-scope.conf
|
| elfutils.spec.in | 13 Requires: default-yama-scope
103 %package default-yama-scope
104 Summary: Default yama attach scope sysctl setting
107 Provides: default-yama-scope
110 %description default-yama-scope
111 Yama sysctl setting to enable default attach scope settings
143 install -Dm0644 config/10-default-yama-scope.conf ${RPM_BUILD_ROOT}%{_sysctldir}/10-default-yama-scope.conf
159 %post default-yama-scope
160 %sysctl_apply 10-default-yama-scope.con
[all...] |
| /external/autotest/client/site_tests/security_HardlinkRestrictions/ |
| control | 7 PURPOSE = "Verify hardlink restrictions introduced by the Yama LSM"
|
| security_HardlinkRestrictions.py | 176 # Fall back to looking for Yama link restriction sysctl.
177 sysctl = "/proc/sys/kernel/yama/protected_nonaccess_hardlinks"
|
| /external/autotest/client/site_tests/security_SymlinkRestrictions/ |
| control | 7 PURPOSE = "Verify symlink restrictions introduced by the Yama LSM"
|
| security_SymlinkRestrictions.py | 249 # Fall back to looking for Yama link restriction sysctl.
250 sysctl = "/proc/sys/kernel/yama/protected_sticky_symlinks"
|
| /external/autotest/client/site_tests/security_ptraceRestrictions/ |
| control | 7 PURPOSE = "Verify ptrace restrictions introduced by the Yama LSM"
|
| security_ptraceRestrictions.py | 56 # Verify Yama exists and has ptrace restrictions enabled.
57 sysctl = "/proc/sys/kernel/yama/ptrace_scope"
|
| /external/autotest/client/site_tests/platform_OSLimits/ |
| platform_OSLimits.py | 107 'ptrace_scope': '/proc/sys/kernel/yama/ptrace_scope',
130 # Prior to kernel version 3.6, Yama handled link restrictions.
132 '/proc/sys/kernel/yama/protected_nonaccess_hardlinks'
134 '/proc/sys/kernel/yama/protected_sticky_symlinks'
|
| /external/libchrome/sandbox/linux/ |
| BUILD.gn | 343 "services/yama.cc",
344 "services/yama.h",
388 "services/yama.cc",
389 "services/yama.h",
|
| sandbox_linux.gypi | 236 'services/yama.cc',
237 'services/yama.h',
|
| /art/runtime/native/ |
| dalvik_system_ZygoteHooks.cc | 62 // Even if Yama is on a non-privileged native debugger should
65 // if Yama is off prctl(PR_SET_PTRACER) returns EINVAL - don't log in this
|
| /external/libchrome/ |
| SConstruct | 322 linux/services/yama.cc
|
| /packages/apps/Email/res/values-zu/ |
| strings.xml | 228 <string name="policy_email_age" msgid="3521941976575225050">"Khawulela inombolo yama-imeyili avumelanisiwe"</string>
|
| /external/elfutils/ |
| NEWS | 37 Provide default-yama-scope subpackage.
[all...] |
| /external/valgrind/coregrind/m_gdbserver/ |
| remote-utils.c | 173 const char *ptrace_scope_setting_file = "/proc/sys/kernel/yama/ptrace_scope";
[all...] |
| /external/valgrind/ |
| NEWS | [all...] |
| /external/valgrind/docs/html/ |
| dist.news.html | [all...] |
| /external/trappy/doc/ |
| Plotter.ipynb | [all...] |
