mirror of
https://github.com/genodelabs/genode.git
synced 2024-12-26 17:01:07 +00:00
b45242c50f
Since the recent move of the process creation into core, the original chroot trampoline mechanism implemented in 'os/src/app/chroot' does not work anymore. A process could simply escape the chroot environment by spawning a new process via core's PD service. Therefore, this patch moves the chroot support into core. So the chroot policy becomes mandatory part of the process creation. For each process created by core, core checks for 'root' argument of the PD session. If a path is present, core takes the precautions needed to execute the new process in the specified chroot environment. This conceptual change implies minor changes with respect to the Genode API and the configuration of the init process. The API changes are the enhancement of the 'Genode::Child' and 'Genode::Process' constructors to take the root path as argument. Init supports the specification of a chroot per process by specifying the new 'root' attribute to the '<start>' node of the process. In line with these changes, the 'Loader::Session::start' function has been enhanced with the additional (optional) root argument. |
||
|---|---|---|
| .. | ||
| allocator_avl.h | ||
| allocator_guard.h | ||
| allocator.h | ||
| blocking.h | ||
| cancelable_lock.h | ||
| capability.h | ||
| child.h | ||
| connection.h | ||
| console.h | ||
| crt0.h | ||
| elf.h | ||
| env.h | ||
| errno.h | ||
| exception.h | ||
| heap.h | ||
| ipc_generic.h | ||
| ipc.h | ||
| lock_guard.h | ||
| lock.h | ||
| native_capability.h | ||
| object_pool.h | ||
| pager.h | ||
| platform_env.h | ||
| printf.h | ||
| process.h | ||
| rpc_args.h | ||
| rpc_client.h | ||
| rpc_server.h | ||
| rpc.h | ||
| semaphore.h | ||
| service.h | ||
| signal.h | ||
| slab.h | ||
| sleep.h | ||
| snprintf.h | ||
| stdint.h | ||
| sync_allocator.h | ||
| thread_state.h | ||
| thread.h | ||
| tslab.h | ||