StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

Move example sandboxes out of lib directories

Browse Source 
This is mainly so that the structure of the examples follows what we do
internally (not having separate directories).

PiperOrigin-RevId: 402298115
Change-Id: I0f542607b88597572de39532364816f80a076697
This commit is contained in:
Christian Blichmann 2021-10-11 07:59:01 -07:00 committed by Copybara-Service
parent 2c42654333
commit 1260b5f38b
19 changed files with 236 additions and 303 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sandboxed_api/BUILD.bazel
View File

@ -202,10 +202,10 @@ cc_test(
deps = [
":sapi",
":testing",
"//sandboxed_api/examples/stringop/lib:stringop-sapi",
"//sandboxed_api/examples/stringop/lib:stringop_params_cc_proto",
"//sandboxed_api/examples/sum/lib:sum-sapi",
"//sandboxed_api/examples/sum/lib:sum-sapi_embed",
"//sandboxed_api/examples/stringop:stringop-sapi",
"//sandboxed_api/examples/stringop:stringop_params_cc_proto",
"//sandboxed_api/examples/sum:sum-sapi",
"//sandboxed_api/examples/sum:sum-sapi_embed",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",

46
sandboxed_api/examples/stringop/BUILD.bazel
View File

@ -15,19 +15,61 @@
# Description: Example using dynamic length structures for Sandboxed API
load("//sandboxed_api/bazel:build_defs.bzl", "sapi_platform_copts")
load("//sandboxed_api/bazel:proto.bzl", "sapi_proto_library")
load("//sandboxed_api/bazel:sapi.bzl", "sapi_library")
licenses(["notice"])
sapi_proto_library(
name = "stringop_params_proto",
srcs = ["stringop_params.proto"],
visibility = ["//visibility:public"],
)
cc_library(
name = "stringop",
srcs = ["stringop.cc"],
copts = sapi_platform_copts(),
visibility = ["//visibility:public"],
deps = [
":stringop_params_cc_proto",
"//sandboxed_api:lenval_core",
"@com_google_absl//absl/base:core_headers",
],
alwayslink = 1, # All functions are linked into dependent binaries
)
sapi_library(
name = "stringop-sapi",
srcs = [],
hdrs = ["sandbox.h"],
functions = [
"duplicate_string",
"reverse_string",
"pb_duplicate_string",
"pb_reverse_string",
"nop",
"violate",
"get_raw_c_string",
],
input_files = ["stringop.cc"],
lib = ":stringop",
lib_name = "Stringop",
namespace = "",
visibility = ["//visibility:public"],
deps = [":stringop_params_cc_proto"],
)
cc_test(
name = "main_stringop",
srcs = ["main_stringop.cc"],
copts = sapi_platform_copts(),
tags = ["local"],
deps = [
":stringop-sapi",
":stringop_params_cc_proto",
"//sandboxed_api:sapi",
"//sandboxed_api:vars",
"//sandboxed_api/examples/stringop/lib:stringop-sapi",
"//sandboxed_api/examples/stringop/lib:stringop_params_cc_proto",
"//sandboxed_api/util:flags",
"//sandboxed_api/util:status",
"//sandboxed_api/util:status_matchers",

53
sandboxed_api/examples/stringop/CMakeLists.txt
View File

@ -12,7 +12,58 @@
# See the License for the specific language governing permissions and
# limitations under the License.
add_subdirectory(lib)
# sandboxed_api/examples/stringop/lib:stringop_params_proto
sapi_protobuf_generate_cpp(
_sapi_stringop_params_pb_cc _sapi_stringop_params_pb_h
stringop_params.proto
)
# Object library to avoid having to use -Wl,--whole-archive. This simulates
# Bazel's alwayslink=1.
add_library(sapi_stringop_params_proto OBJECT
${_sapi_stringop_params_pb_cc}
${_sapi_stringop_params_pb_h}
)
add_library(sapi::stringop_params_proto ALIAS sapi_stringop_params_proto)
target_include_directories(sapi_stringop_params_proto PUBLIC
${Protobuf_INCLUDE_DIRS}
)
# sandboxed_api/examples/stringop/lib:stringop
add_library(sapi_stringop STATIC
stringop.cc
)
add_library(sapi::stringop ALIAS sapi_stringop)
add_dependencies(sapi_stringop
sapi::stringop_params_proto
)
target_link_libraries(sapi_stringop
PRIVATE $<TARGET_OBJECTS:sapi_stringop_params_proto>
sapi::base
absl::core_headers
sapi::lenval_core
PUBLIC protobuf::libprotobuf
)
# sandboxed_api/examples/stringop/lib:stringop-sapi
add_sapi_library(stringop-sapi
SOURCES sandbox.h
FUNCTIONS duplicate_string
reverse_string
pb_duplicate_string
pb_reverse_string
nop
violate
get_raw_c_string
INPUTS stringop.cc
LIBRARY sapi_stringop
LIBRARY_NAME Stringop
NAMESPACE ""
)
add_library(sapi::stringop_sapi ALIAS stringop-sapi)
target_link_libraries(stringop-sapi PRIVATE
$<TARGET_OBJECTS:sapi_stringop_params_proto>
sapi::base
)
if(SAPI_ENABLE_TESTS)
# sandboxed_api/examples/stringop:main_stringop

61
sandboxed_api/examples/stringop/lib/BUILD.bazel
View File

@ -1,61 +0,0 @@
# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
load("//sandboxed_api/bazel:build_defs.bzl", "sapi_platform_copts")
load("//sandboxed_api/bazel:proto.bzl", "sapi_proto_library")
load("//sandboxed_api/bazel:sapi.bzl", "sapi_library")
licenses(["notice"])
sapi_proto_library(
name = "stringop_params_proto",
srcs = ["stringop_params.proto"],
visibility = ["//visibility:public"],
)
cc_library(
name = "stringop",
srcs = ["stringop.cc"],
copts = sapi_platform_copts(),
visibility = ["//visibility:public"],
deps = [
":stringop_params_cc_proto",
"//sandboxed_api:lenval_core",
"@com_google_absl//absl/base:core_headers",
],
alwayslink = 1, # All functions are linked into dependent binaries
)
sapi_library(
name = "stringop-sapi",
srcs = [],
hdrs = ["sandbox.h"],
functions = [
"duplicate_string",
"reverse_string",
"pb_duplicate_string",
"pb_reverse_string",
"nop",
"violate",
"get_raw_c_string",
],
input_files = [
"stringop.cc",
],
lib = ":stringop",
lib_name = "Stringop",
namespace = "",
visibility = ["//visibility:public"],
deps = [":stringop_params_cc_proto"],
)

66
sandboxed_api/examples/stringop/lib/CMakeLists.txt
View File

@ -1,66 +0,0 @@
# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# sandboxed_api/examples/stringop/lib:stringop_params_proto
sapi_protobuf_generate_cpp(
_sapi_stringop_params_pb_cc _sapi_stringop_params_pb_h
stringop_params.proto
)
# Object library to avoid having to use -Wl,--whole-archive. This simulates
# Bazel's alwayslink=1.
add_library(sapi_stringop_params_proto OBJECT
${_sapi_stringop_params_pb_cc}
${_sapi_stringop_params_pb_h}
)
add_library(sapi::stringop_params_proto ALIAS sapi_stringop_params_proto)
target_include_directories(sapi_stringop_params_proto PUBLIC
${Protobuf_INCLUDE_DIRS}
)
# sandboxed_api/examples/stringop/lib:stringop
add_library(sapi_stringop STATIC
stringop.cc
)
add_library(sapi::stringop ALIAS sapi_stringop)
add_dependencies(sapi_stringop
sapi::stringop_params_proto
)
target_link_libraries(sapi_stringop
PRIVATE $<TARGET_OBJECTS:sapi_stringop_params_proto>
sapi::base
absl::core_headers
sapi::lenval_core
PUBLIC protobuf::libprotobuf
)
# sandboxed_api/examples/stringop/lib:stringop-sapi
add_sapi_library(stringop-sapi
SOURCES sandbox.h
FUNCTIONS duplicate_string
reverse_string
pb_duplicate_string
pb_reverse_string
nop
violate
get_raw_c_string
INPUTS stringop.cc
LIBRARY sapi_stringop
LIBRARY_NAME Stringop
NAMESPACE ""
)
add_library(sapi::stringop_sapi ALIAS stringop-sapi)
target_link_libraries(stringop-sapi PRIVATE
$<TARGET_OBJECTS:sapi_stringop_params_proto>
sapi::base
)

6
sandboxed_api/examples/stringop/main_stringop.cc
View File

@ -23,9 +23,9 @@
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/time/time.h"
#include "sandboxed_api/examples/stringop/lib/sandbox.h"
#include "sandboxed_api/examples/stringop/lib/stringop-sapi.sapi.h"
#include "sandboxed_api/examples/stringop/lib/stringop_params.pb.h"
#include "sandboxed_api/examples/stringop/sandbox.h"
#include "sandboxed_api/examples/stringop/stringop-sapi.sapi.h"
#include "sandboxed_api/examples/stringop/stringop_params.pb.h"
#include "sandboxed_api/transaction.h"
#include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/util/status_matchers.h"

8
sandboxed_api/examples/stringop/lib/sandbox.h → sandboxed_api/examples/stringop/sandbox.h
View File

@ -12,13 +12,13 @@
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef SANDBOXED_API_EXAMPLES_STRINGOP_LIB_SANDBOX_H_
#define SANDBOXED_API_EXAMPLES_STRINGOP_LIB_SANDBOX_H_
#ifndef SANDBOXED_API_EXAMPLES_STRINGOP_SANDBOX_H_
#define SANDBOXED_API_EXAMPLES_STRINGOP_SANDBOX_H_
#include <linux/audit.h>
#include <sys/syscall.h>
#include "sandboxed_api/examples/stringop/lib/stringop-sapi.sapi.h"
#include "sandboxed_api/examples/stringop/stringop-sapi.sapi.h"
#include "sandboxed_api/sandbox2/policy.h"
#include "sandboxed_api/sandbox2/policybuilder.h"
@ -50,4 +50,4 @@ class StringopSapiSandbox : public StringopSandbox {
}
};
#endif // SANDBOXED_API_EXAMPLES_STRINGOP_LIB_SANDBOX_H_
#endif // SANDBOXED_API_EXAMPLES_STRINGOP_SANDBOX_H_

2
sandboxed_api/examples/stringop/lib/stringop.cc → sandboxed_api/examples/stringop/stringop.cc
View File

@ -19,7 +19,7 @@
#include "absl/base/attributes.h"
#include "absl/base/optimization.h"
#include "sandboxed_api/examples/stringop/lib/stringop_params.pb.h"
#include "sandboxed_api/examples/stringop/stringop_params.pb.h"
#include "sandboxed_api/lenval_core.h"
// Protobuf examples.

0
sandboxed_api/examples/stringop/lib/stringop_params.proto → sandboxed_api/examples/stringop/stringop_params.proto
View File

59
sandboxed_api/examples/sum/BUILD.bazel
View File

@ -13,19 +13,74 @@
# limitations under the License.
load("//sandboxed_api/bazel:build_defs.bzl", "sapi_platform_copts")
load("//sandboxed_api/bazel:proto.bzl", "sapi_proto_library")
load("//sandboxed_api/bazel:sapi.bzl", "sapi_library")
licenses(["notice"])
sapi_proto_library(
name = "sum_params_proto",
srcs = ["sum_params.proto"],
visibility = ["//visibility:public"],
alwayslink = 1,
)
cc_library(
name = "sum",
srcs = [
"sum.c",
"sum_cpp.cc",
],
copts = sapi_platform_copts(),
visibility = ["//visibility:public"],
deps = [
":sum_params_cc_proto",
"@com_google_glog//:glog",
],
alwayslink = 1, # All functions are linked into depending binaries
)
sapi_library(
name = "sum-sapi",
srcs = [],
hdrs = ["sandbox.h"],
functions = [
"sum",
"sums",
"addf",
"sub",
"mul",
"divs",
"muld",
"crash",
"violate",
"sumarr",
"testptr",
"read_int",
"sleep_for_sec",
"sumproto",
],
input_files = [
"sum.c",
"sum_cpp.cc",
],
lib = ":sum",
lib_name = "Sum",
namespace = "",
visibility = ["//visibility:public"],
deps = [":sum_params_cc_proto"],
)
# A quick'n'dirty testing binary
cc_binary(
name = "main_sum",
srcs = ["main_sum.cc"],
copts = sapi_platform_copts(),
deps = [
":sum-sapi",
":sum_params_cc_proto",
"//sandboxed_api:sapi",
"//sandboxed_api:vars",
"//sandboxed_api/examples/sum/lib:sum-sapi",
"//sandboxed_api/examples/sum/lib:sum_params_cc_proto",
"//sandboxed_api/util:flags",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",

60
sandboxed_api/examples/sum/CMakeLists.txt
View File

@ -12,7 +12,65 @@
# See the License for the specific language governing permissions and
# limitations under the License.
add_subdirectory(lib)
# sandboxed_api/examples/sum/lib:sum_params_proto
sapi_protobuf_generate_cpp(_sapi_sum_params_pb_cc _sapi_sum_params_pb_h
sum_params.proto
)
# Object library to avoid having to use -Wl,--whole-archive. This simulates
# Bazel's alwayslink=1.
add_library(sapi_sum_params_proto OBJECT
${_sapi_sum_params_pb_cc}
${_sapi_sum_params_pb_h}
)
add_library(sapi::sum_params_proto ALIAS sapi_sum_params_proto)
target_include_directories(sapi_sum_params_proto PUBLIC
${Protobuf_INCLUDE_DIRS}
)
# sandboxed_api/examples/sum/lib:sum
add_library(sapi_sum STATIC
sum.c
sum_cpp.cc
)
add_library(sapi::sum ALIAS sapi_sum)
add_dependencies(sapi_sum
sapi::sum_params_proto
)
target_link_libraries(sapi_sum
PRIVATE $<TARGET_OBJECTS:sapi_sum_params_proto>
glog::glog
sapi::base
PUBLIC protobuf::libprotobuf
)
# sandboxed_api/examples/sum/lib:sum-sapi
add_sapi_library(sum-sapi
SOURCES sandbox.h
FUNCTIONS sum
sums
addf
sub
mul
divs
muld
crash
violate
sumarr
testptr
read_int
sleep_for_sec
sumproto
INPUTS sum.c
sum_cpp.cc
LIBRARY sapi_sum
LIBRARY_NAME Sum
NAMESPACE ""
)
add_library(sapi::sum_sapi ALIAS sum-sapi)
target_link_libraries(sum-sapi PRIVATE
$<TARGET_OBJECTS:sapi_sum_params_proto>
sapi::base
)
# sandboxed_api/examples/sum:main_sum
add_executable(sapi_main_sum

72
sandboxed_api/examples/sum/lib/BUILD.bazel
View File

@ -1,72 +0,0 @@
# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
load("//sandboxed_api/bazel:build_defs.bzl", "sapi_platform_copts")
load("//sandboxed_api/bazel:proto.bzl", "sapi_proto_library")
load("//sandboxed_api/bazel:sapi.bzl", "sapi_library")
licenses(["notice"])
sapi_proto_library(
name = "sum_params_proto",
srcs = ["sum_params.proto"],
visibility = ["//visibility:public"],
alwayslink = 1,
)
cc_library(
name = "sum",
srcs = [
"sum.c",
"sum_cpp.cc",
],
copts = sapi_platform_copts(),
visibility = ["//visibility:public"],
deps = [
":sum_params_cc_proto",
"@com_google_glog//:glog",
],
alwayslink = 1, # All functions are linked into depending binaries
)
sapi_library(
name = "sum-sapi",
srcs = [],
hdrs = ["sandbox.h"],
functions = [
"sum",
"sums",
"addf",
"sub",
"mul",
"divs",
"muld",
"crash",
"violate",
"sumarr",
"testptr",
"read_int",
"sleep_for_sec",
"sumproto",
],
input_files = [
"sum.c",
"sum_cpp.cc",
],
lib = ":sum",
lib_name = "Sum",
namespace = "",
visibility = ["//visibility:public"],
deps = [":sum_params_cc_proto"],
)

73
sandboxed_api/examples/sum/lib/CMakeLists.txt
View File

@ -1,73 +0,0 @@
# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# sandboxed_api/examples/sum/lib:sum_params_proto
sapi_protobuf_generate_cpp(_sapi_sum_params_pb_cc _sapi_sum_params_pb_h
sum_params.proto
)
# Object library to avoid having to use -Wl,--whole-archive. This simulates
# Bazel's alwayslink=1.
add_library(sapi_sum_params_proto OBJECT
${_sapi_sum_params_pb_cc}
${_sapi_sum_params_pb_h}
)
add_library(sapi::sum_params_proto ALIAS sapi_sum_params_proto)
target_include_directories(sapi_sum_params_proto PUBLIC
${Protobuf_INCLUDE_DIRS}
)
# sandboxed_api/examples/sum/lib:sum
add_library(sapi_sum STATIC
sum.c
sum_cpp.cc
)
add_library(sapi::sum ALIAS sapi_sum)
add_dependencies(sapi_sum
sapi::sum_params_proto
)
target_link_libraries(sapi_sum
PRIVATE $<TARGET_OBJECTS:sapi_sum_params_proto>
glog::glog
sapi::base
PUBLIC protobuf::libprotobuf
)
# sandboxed_api/examples/sum/lib:sum-sapi
add_sapi_library(sum-sapi
SOURCES sandbox.h
FUNCTIONS sum
sums
addf
sub
mul
divs
muld
crash
violate
sumarr
testptr
read_int
sleep_for_sec
sumproto
INPUTS sum.c
sum_cpp.cc
LIBRARY sapi_sum
LIBRARY_NAME Sum
NAMESPACE ""
)
add_library(sapi::sum_sapi ALIAS sum-sapi)
target_link_libraries(sum-sapi PRIVATE
$<TARGET_OBJECTS:sapi_sum_params_proto>
sapi::base
)

6
sandboxed_api/examples/sum/main_sum.cc
View File

@ -21,9 +21,9 @@
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/examples/sum/lib/sandbox.h"
#include "sandboxed_api/examples/sum/lib/sum-sapi.sapi.h"
#include "sandboxed_api/examples/sum/lib/sum_params.pb.h"
#include "sandboxed_api/examples/sum/sandbox.h"
#include "sandboxed_api/examples/sum/sum-sapi.sapi.h"
#include "sandboxed_api/examples/sum/sum_params.pb.h"
#include "sandboxed_api/transaction.h"
#include "sandboxed_api/vars.h"

6
sandboxed_api/examples/sum/lib/sandbox.h → sandboxed_api/examples/sum/sandbox.h
View File

@ -12,13 +12,13 @@
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef SANDBOXED_API_EXAMPLES_SUM_LIB_SANDBOX_H_
#define SANDBOXED_API_EXAMPLES_SUM_LIB_SANDBOX_H_
#ifndef SANDBOXED_API_EXAMPLES_SUM_SANDBOX_H_
#define SANDBOXED_API_EXAMPLES_SUM_SANDBOX_H_
#include <linux/audit.h>
#include <sys/syscall.h>
#include "sandboxed_api/examples/sum/lib/sum-sapi.sapi.h"
#include "sandboxed_api/examples/sum/sum-sapi.sapi.h"
#include "sandboxed_api/sandbox2/policy.h"
#include "sandboxed_api/sandbox2/policybuilder.h"

0
sandboxed_api/examples/sum/lib/sum.c → sandboxed_api/examples/sum/sum.c
View File

2
sandboxed_api/examples/sum/lib/sum_cpp.cc → sandboxed_api/examples/sum/sum_cpp.cc
View File

@ -13,7 +13,7 @@
// limitations under the License.
#include <glog/logging.h>
#include "sandboxed_api/examples/sum/lib/sum_params.pb.h"
#include "sandboxed_api/examples/sum/sum_params.pb.h"
extern "C" int sumproto(const sumsapi::SumParamsProto* params) {
LOG(INFO) << "Param is " << params->DebugString();

0
sandboxed_api/examples/sum/lib/sum_params.proto → sandboxed_api/examples/sum/sum_params.proto
View File

11
sandboxed_api/sapi_test.cc
View File

@ -19,12 +19,11 @@
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "sandboxed_api/examples/stringop/lib/sandbox.h"
#include "sandboxed_api/examples/stringop/lib/stringop-sapi.sapi.h"
#include "sandboxed_api/examples/stringop/lib/stringop_params.pb.h"
#include "sandboxed_api/examples/sum/lib/sandbox.h"
#include "sandboxed_api/examples/sum/lib/sum-sapi.sapi.h"
#include "sandboxed_api/examples/sum/lib/sum-sapi_embed.h"
#include "sandboxed_api/examples/stringop/sandbox.h"
#include "sandboxed_api/examples/stringop/stringop-sapi.sapi.h"
#include "sandboxed_api/examples/stringop/stringop_params.pb.h"
#include "sandboxed_api/examples/sum/sandbox.h"
#include "sandboxed_api/examples/sum/sum-sapi.sapi.h"
#include "sandboxed_api/testing.h"
#include "sandboxed_api/transaction.h"
#include "sandboxed_api/util/status_matchers.h"