From 05c034e5bb0aebe325801eba6088de16c0d78593 Mon Sep 17 00:00:00 2001 From: ojhunt Date: Mon, 17 Jun 2019 18:48:13 -0700 Subject: [PATCH] Update component manifests for ambient replace-as-executable (#9350) Bug: SEC-314 dding this feature all fuchsia components as a pre-flight step as we restrict the ability for arbitrary processes to make VMOs executable. --- .../dart/examples/goodbye_dart/meta/goodbye_dart_aot.cmx | 4 +++- .../dart/examples/goodbye_dart/meta/goodbye_dart_jit.cmx | 4 +++- .../dart/examples/hello_app_dart/meta/hello_app_dart_aot.cmx | 4 +++- .../dart/examples/hello_app_dart/meta/hello_app_dart_jit.cmx | 4 +++- .../fuchsia/dart/examples/hello_dart/meta/hello_dart_aot.cmx | 4 +++- .../dart/examples/hello_dart/meta/hello_dart_aot_product.cmx | 4 +++- .../dart/examples/hello_dart/meta/hello_dart_debug.cmx | 4 +++- .../fuchsia/dart/examples/hello_dart/meta/hello_dart_jit.cmx | 4 +++- .../dart/examples/hello_dart/meta/hello_dart_jit_product.cmx | 4 +++- .../fuchsia/dart/integration/meta/dart_aot_runner_test.cmx | 3 +++ .../fuchsia/dart/integration/meta/dart_jit_runner_test.cmx | 3 +++ shell/platform/fuchsia/dart/meta/dart_aot_product_runner.cmx | 1 + shell/platform/fuchsia/dart/meta/dart_aot_runner.cmx | 3 ++- shell/platform/fuchsia/dart/meta/dart_jit_product_runner.cmx | 1 + shell/platform/fuchsia/dart/meta/dart_jit_runner.cmx | 3 ++- shell/platform/fuchsia/dart/meta/dart_zircon_test.cmx | 1 + shell/platform/fuchsia/dart/vmservice/meta/vmservice.cmx | 3 +++ .../fuchsia/flutter/meta/flutter_aot_product_runner.cmx | 3 ++- shell/platform/fuchsia/flutter/meta/flutter_aot_runner.cmx | 3 ++- .../fuchsia/flutter/meta/flutter_jit_product_runner.cmx | 3 ++- shell/platform/fuchsia/flutter/meta/flutter_jit_runner.cmx | 3 ++- shell/platform/fuchsia/flutter/meta/flutter_runner_tests.cmx | 3 +++ 22 files changed, 54 insertions(+), 15 deletions(-) diff --git a/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_aot.cmx b/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_aot.cmx index c2d2112f1..27e194e22 100644 --- a/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_aot.cmx +++ b/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_aot.cmx @@ -3,7 +3,9 @@ "data": "data/goodbye_dart_aot" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_jit.cmx b/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_jit.cmx index 296167c38..6a86e73ff 100644 --- a/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_jit.cmx +++ b/shell/platform/fuchsia/dart/examples/goodbye_dart/meta/goodbye_dart_jit.cmx @@ -3,7 +3,9 @@ "data": "data/goodbye_dart_jit" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_aot.cmx b/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_aot.cmx index 6046d17c1..68e8054f8 100644 --- a/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_aot.cmx +++ b/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_aot.cmx @@ -3,7 +3,9 @@ "data": "data/hello_app_dart_aot" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_jit.cmx b/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_jit.cmx index b8ff06f0a..c22b19ebf 100644 --- a/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_jit.cmx +++ b/shell/platform/fuchsia/dart/examples/hello_app_dart/meta/hello_app_dart_jit.cmx @@ -3,7 +3,9 @@ "data": "data/hello_app_dart_jit" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot.cmx b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot.cmx index 7f95a4c13..55828a914 100644 --- a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot.cmx +++ b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot.cmx @@ -3,7 +3,9 @@ "data": "data/hello_dart_aot" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot_product.cmx b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot_product.cmx index 8df0f57c4..91d46add6 100644 --- a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot_product.cmx +++ b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_aot_product.cmx @@ -3,7 +3,9 @@ "data": "data/hello_dart_aot_product" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_debug.cmx b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_debug.cmx index 4a7426b8d..57448353c 100644 --- a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_debug.cmx +++ b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_debug.cmx @@ -3,7 +3,9 @@ "data": "data/hello_dart_debug" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit.cmx b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit.cmx index feccd66dd..3c9167be5 100644 --- a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit.cmx +++ b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit.cmx @@ -3,7 +3,9 @@ "data": "data/hello_dart_jit" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit_product.cmx b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit_product.cmx index fa55e46c6..fa6222f83 100644 --- a/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit_product.cmx +++ b/shell/platform/fuchsia/dart/examples/hello_dart/meta/hello_dart_jit_product.cmx @@ -3,7 +3,9 @@ "data": "data/hello_dart_jit_product" }, "sandbox": { - "features": [], + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Environment" ] diff --git a/shell/platform/fuchsia/dart/integration/meta/dart_aot_runner_test.cmx b/shell/platform/fuchsia/dart/integration/meta/dart_aot_runner_test.cmx index 3f4d17b0d..4e4999751 100644 --- a/shell/platform/fuchsia/dart/integration/meta/dart_aot_runner_test.cmx +++ b/shell/platform/fuchsia/dart/integration/meta/dart_aot_runner_test.cmx @@ -3,6 +3,9 @@ "data": "data/dart_aot_runner_test" }, "sandbox": { + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.cobalt.LoggerFactory", "fuchsia.fonts.Provider", diff --git a/shell/platform/fuchsia/dart/integration/meta/dart_jit_runner_test.cmx b/shell/platform/fuchsia/dart/integration/meta/dart_jit_runner_test.cmx index f1b691352..7c85007e3 100644 --- a/shell/platform/fuchsia/dart/integration/meta/dart_jit_runner_test.cmx +++ b/shell/platform/fuchsia/dart/integration/meta/dart_jit_runner_test.cmx @@ -3,6 +3,9 @@ "data": "data/dart_jit_runner_test" }, "sandbox": { + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.cobalt.LoggerFactory", "fuchsia.fonts.Provider", diff --git a/shell/platform/fuchsia/dart/meta/dart_aot_product_runner.cmx b/shell/platform/fuchsia/dart/meta/dart_aot_product_runner.cmx index aa5a3e177..b2bc08051 100644 --- a/shell/platform/fuchsia/dart/meta/dart_aot_product_runner.cmx +++ b/shell/platform/fuchsia/dart/meta/dart_aot_product_runner.cmx @@ -5,6 +5,7 @@ "sandbox": { "features": [ "root-ssl-certificates" + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.crash.Analyzer", diff --git a/shell/platform/fuchsia/dart/meta/dart_aot_runner.cmx b/shell/platform/fuchsia/dart/meta/dart_aot_runner.cmx index aa5a3e177..0eded73d7 100644 --- a/shell/platform/fuchsia/dart/meta/dart_aot_runner.cmx +++ b/shell/platform/fuchsia/dart/meta/dart_aot_runner.cmx @@ -4,7 +4,8 @@ }, "sandbox": { "features": [ - "root-ssl-certificates" + "root-ssl-certificates", + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.crash.Analyzer", diff --git a/shell/platform/fuchsia/dart/meta/dart_jit_product_runner.cmx b/shell/platform/fuchsia/dart/meta/dart_jit_product_runner.cmx index e28f9a97f..3a0246c51 100644 --- a/shell/platform/fuchsia/dart/meta/dart_jit_product_runner.cmx +++ b/shell/platform/fuchsia/dart/meta/dart_jit_product_runner.cmx @@ -5,6 +5,7 @@ "sandbox": { "features": [ "root-ssl-certificates" + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.crash.Analyzer", diff --git a/shell/platform/fuchsia/dart/meta/dart_jit_runner.cmx b/shell/platform/fuchsia/dart/meta/dart_jit_runner.cmx index e28f9a97f..b95198e72 100644 --- a/shell/platform/fuchsia/dart/meta/dart_jit_runner.cmx +++ b/shell/platform/fuchsia/dart/meta/dart_jit_runner.cmx @@ -4,7 +4,8 @@ }, "sandbox": { "features": [ - "root-ssl-certificates" + "root-ssl-certificates", + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.crash.Analyzer", diff --git a/shell/platform/fuchsia/dart/meta/dart_zircon_test.cmx b/shell/platform/fuchsia/dart/meta/dart_zircon_test.cmx index 531309ed4..fa0f46132 100644 --- a/shell/platform/fuchsia/dart/meta/dart_zircon_test.cmx +++ b/shell/platform/fuchsia/dart/meta/dart_zircon_test.cmx @@ -5,6 +5,7 @@ "sandbox": { "features": [ "root-ssl-certificates" + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.sys.Environment" diff --git a/shell/platform/fuchsia/dart/vmservice/meta/vmservice.cmx b/shell/platform/fuchsia/dart/vmservice/meta/vmservice.cmx index e609c7d5d..9602ffd1d 100644 --- a/shell/platform/fuchsia/dart/vmservice/meta/vmservice.cmx +++ b/shell/platform/fuchsia/dart/vmservice/meta/vmservice.cmx @@ -3,6 +3,9 @@ "data": "data/vmservice" }, "sandbox": { + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.cobalt.LoggerFactory", "fuchsia.fonts.Provider", diff --git a/shell/platform/fuchsia/flutter/meta/flutter_aot_product_runner.cmx b/shell/platform/fuchsia/flutter/meta/flutter_aot_product_runner.cmx index 6e6a4c928..5d914665d 100644 --- a/shell/platform/fuchsia/flutter/meta/flutter_aot_product_runner.cmx +++ b/shell/platform/fuchsia/flutter/meta/flutter_aot_product_runner.cmx @@ -5,7 +5,8 @@ "sandbox": { "features": [ "root-ssl-certificates", - "vulkan" + "vulkan", + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.crash.Analyzer", diff --git a/shell/platform/fuchsia/flutter/meta/flutter_aot_runner.cmx b/shell/platform/fuchsia/flutter/meta/flutter_aot_runner.cmx index 6e6a4c928..5d914665d 100644 --- a/shell/platform/fuchsia/flutter/meta/flutter_aot_runner.cmx +++ b/shell/platform/fuchsia/flutter/meta/flutter_aot_runner.cmx @@ -5,7 +5,8 @@ "sandbox": { "features": [ "root-ssl-certificates", - "vulkan" + "vulkan", + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.crash.Analyzer", diff --git a/shell/platform/fuchsia/flutter/meta/flutter_jit_product_runner.cmx b/shell/platform/fuchsia/flutter/meta/flutter_jit_product_runner.cmx index 008e385a3..688954d02 100644 --- a/shell/platform/fuchsia/flutter/meta/flutter_jit_product_runner.cmx +++ b/shell/platform/fuchsia/flutter/meta/flutter_jit_product_runner.cmx @@ -5,7 +5,8 @@ "sandbox": { "features": [ "root-ssl-certificates", - "vulkan" + "vulkan", + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.device.manager.Administrator", diff --git a/shell/platform/fuchsia/flutter/meta/flutter_jit_runner.cmx b/shell/platform/fuchsia/flutter/meta/flutter_jit_runner.cmx index 6e6a4c928..5d914665d 100644 --- a/shell/platform/fuchsia/flutter/meta/flutter_jit_runner.cmx +++ b/shell/platform/fuchsia/flutter/meta/flutter_jit_runner.cmx @@ -5,7 +5,8 @@ "sandbox": { "features": [ "root-ssl-certificates", - "vulkan" + "vulkan", + "deprecated-ambient-replace-as-executable" ], "services": [ "fuchsia.crash.Analyzer", diff --git a/shell/platform/fuchsia/flutter/meta/flutter_runner_tests.cmx b/shell/platform/fuchsia/flutter/meta/flutter_runner_tests.cmx index c66080b25..f606b8d8f 100644 --- a/shell/platform/fuchsia/flutter/meta/flutter_runner_tests.cmx +++ b/shell/platform/fuchsia/flutter/meta/flutter_runner_tests.cmx @@ -3,6 +3,9 @@ "binary": "test/flutter_runner_tests" }, "sandbox": { + "features": [ + "deprecated-ambient-replace-as-executable" + ], "services": [ "fuchsia.sys.Launcher" ]