Bulk IWYU and build_cleaner fixes

PiperOrigin-RevId: 559733768
Change-Id: Ia38f4c176e9f0abbfdb3a8f1109f482d8870eb0f
This commit is contained in:
Wiktor Garbacz 2023-08-24 06:23:03 -07:00 committed by Copybara-Service
parent 38e5be910e
commit 127176d72f
196 changed files with 773 additions and 304 deletions

View File

@ -47,6 +47,7 @@ cc_library(
"//sandboxed_api/sandbox2:util", "//sandboxed_api/sandbox2:util",
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/container:flat_hash_map", "@com_google_absl//absl/container:flat_hash_map",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/synchronization", "@com_google_absl//absl/synchronization",
@ -82,11 +83,11 @@ cc_library(
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"//sandboxed_api/util:status", "//sandboxed_api/util:status",
"@com_google_absl//absl/base",
"@com_google_absl//absl/base:core_headers", "@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/base:dynamic_annotations", "@com_google_absl//absl/base:dynamic_annotations",
"@com_google_absl//absl/container:flat_hash_map", "@com_google_absl//absl/container:flat_hash_map",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
@ -101,10 +102,7 @@ cc_library(
name = "call", name = "call",
hdrs = ["call.h"], hdrs = ["call.h"],
copts = sapi_platform_copts(), copts = sapi_platform_copts(),
deps = [ deps = [":var_type"],
":var_type",
"@com_google_absl//absl/base:core_headers",
],
) )
cc_library( cc_library(
@ -188,6 +186,7 @@ cc_library(
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check", "@com_google_absl//absl/log:check",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_protobuf//:protobuf", "@com_google_protobuf//:protobuf",
"@org_sourceware_libffi//:libffi", "@org_sourceware_libffi//:libffi",
@ -205,9 +204,10 @@ cc_test(
"//sandboxed_api/examples/stringop:stringop-sapi", "//sandboxed_api/examples/stringop:stringop-sapi",
"//sandboxed_api/examples/stringop:stringop_params_cc_proto", "//sandboxed_api/examples/stringop:stringop_params_cc_proto",
"//sandboxed_api/examples/sum:sum-sapi", "//sandboxed_api/examples/sum:sum-sapi",
"//sandboxed_api/examples/sum:sum-sapi_embed",
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/time",
"@com_google_benchmark//:benchmark", "@com_google_benchmark//:benchmark",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
], ],

View File

@ -52,7 +52,8 @@ add_library(sapi_embed_file ${SAPI_LIB_TYPE}
) )
add_library(sapi::embed_file ALIAS sapi_embed_file) add_library(sapi::embed_file ALIAS sapi_embed_file)
target_link_libraries(sapi_embed_file target_link_libraries(sapi_embed_file
PRIVATE absl::strings PRIVATE absl::core_headers
absl::strings
sandbox2::util sandbox2::util
sapi::base sapi::base
sapi::fileops sapi::fileops
@ -85,7 +86,8 @@ target_link_libraries(sapi_sapi
sandbox2::util sandbox2::util
sapi::embed_file sapi::embed_file
sapi::vars sapi::vars
PUBLIC absl::core_headers PUBLIC absl::check
absl::core_headers
sandbox2::client sandbox2::client
sandbox2::sandbox2 sandbox2::sandbox2
sapi::base sapi::base
@ -98,7 +100,6 @@ add_library(sapi_call ${SAPI_LIB_TYPE}
) )
add_library(sapi::call ALIAS sapi_call) add_library(sapi::call ALIAS sapi_call)
target_link_libraries(sapi_call PRIVATE target_link_libraries(sapi_call PRIVATE
absl::core_headers
sapi::var_type sapi::var_type
sapi::base sapi::base
) )
@ -166,10 +167,13 @@ add_library(sapi_client ${SAPI_LIB_TYPE}
) )
add_library(sapi::client ALIAS sapi_client) add_library(sapi::client ALIAS sapi_client)
target_link_libraries(sapi_client target_link_libraries(sapi_client
PRIVATE absl::core_headers PRIVATE absl::check
absl::core_headers
absl::dynamic_annotations absl::dynamic_annotations
absl::flags_parse absl::flags_parse
absl::log
absl::log_initialize absl::log_initialize
absl::statusor
absl::strings absl::strings
libffi::libffi libffi::libffi
sandbox2::comms sandbox2::comms
@ -181,8 +185,6 @@ target_link_libraries(sapi_client
sapi::proto_arg_proto sapi::proto_arg_proto
sapi::vars sapi::vars
${CMAKE_DL_LIBS} ${CMAKE_DL_LIBS}
PUBLIC absl::check
absl::log
) )
if(BUILD_TESTING AND SAPI_BUILD_TESTING AND NOT CMAKE_CROSSCOMPILING) if(BUILD_TESTING AND SAPI_BUILD_TESTING AND NOT CMAKE_CROSSCOMPILING)
@ -208,6 +210,7 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING AND NOT CMAKE_CROSSCOMPILING)
target_link_libraries(sapi_test PRIVATE target_link_libraries(sapi_test PRIVATE
absl::status absl::status
absl::statusor absl::statusor
absl::time
benchmark benchmark
sandbox2::result sandbox2::result
sapi::proto_arg_proto sapi::proto_arg_proto

View File

@ -57,3 +57,9 @@ bzl_library(
srcs = ["sapi.bzl"], srcs = ["sapi.bzl"],
visibility = ["//visibility:private"], visibility = ["//visibility:private"],
) )
bzl_library(
name = "llvm_config_bzl",
srcs = ["llvm_config.bzl"],
visibility = ["//visibility:private"],
)

View File

@ -15,6 +15,7 @@
#ifndef SANDBOXED_API_CALL_H_ #ifndef SANDBOXED_API_CALL_H_
#define SANDBOXED_API_CALL_H_ #define SANDBOXED_API_CALL_H_
#include <cstddef>
#include <cstdint> #include <cstdint>
#include "sandboxed_api/var_type.h" #include "sandboxed_api/var_type.h"

View File

@ -13,7 +13,8 @@
// limitations under the License. // limitations under the License.
#include <dlfcn.h> #include <dlfcn.h>
#include <sys/syscall.h> #include <syscall.h>
#include <unistd.h>
#include <algorithm> #include <algorithm>
#include <cstdint> #include <cstdint>
@ -21,6 +22,7 @@
#include <cstring> #include <cstring>
#include <iterator> #include <iterator>
#include <list> #include <list>
#include <string>
#include <type_traits> #include <type_traits>
#include <utility> #include <utility>
#include <vector> #include <vector>
@ -33,6 +35,7 @@
#include "absl/log/check.h" #include "absl/log/check.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "sandboxed_api/call.h" #include "sandboxed_api/call.h"
#include "sandboxed_api/lenval_core.h" #include "sandboxed_api/lenval_core.h"

View File

@ -15,6 +15,7 @@
#ifndef SANDBOXED_API_CONFIG_H_ #ifndef SANDBOXED_API_CONFIG_H_
#define SANDBOXED_API_CONFIG_H_ #define SANDBOXED_API_CONFIG_H_
#include <features.h>
#include <cstdint> #include <cstdint>
#include <string> #include <string>

View File

@ -16,10 +16,10 @@
#include <fcntl.h> #include <fcntl.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h> #include <unistd.h>
#include <string>
#include "sandboxed_api/file_toc.h" #include "sandboxed_api/file_toc.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"

View File

@ -16,6 +16,7 @@
#define SANDBOXED_API_EMBED_FILE_H_ #define SANDBOXED_API_EMBED_FILE_H_
#include "sandboxed_api/file_toc.h" #include "sandboxed_api/file_toc.h"
#include "absl/base/thread_annotations.h"
#include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_map.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"

View File

@ -76,8 +76,10 @@ cc_test(
"//sandboxed_api/util:status", "//sandboxed_api/util:status",
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/time", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings:string_view",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
], ],
) )

View File

@ -71,9 +71,10 @@ if(SAPI_BUILD_TESTING)
) )
set_target_properties(sapi_main_stringop PROPERTIES OUTPUT_NAME main_stringop) set_target_properties(sapi_main_stringop PROPERTIES OUTPUT_NAME main_stringop)
target_link_libraries(sapi_main_stringop PRIVATE target_link_libraries(sapi_main_stringop PRIVATE
absl::strings absl::memory
absl::time
absl::log absl::log
absl::statusor
absl::strings
sapi::sapi sapi::sapi
sapi::status sapi::status
sapi::stringop_sapi sapi::stringop_sapi

View File

@ -12,17 +12,16 @@
// See the License for the specific language governing permissions and // See the License for the specific language governing permissions and
// limitations under the License. // limitations under the License.
#include <fcntl.h> #include <cstring>
#include <sys/stat.h> #include <string>
#include <sys/types.h>
#include <memory>
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/time/time.h" #include "absl/status/statusor.h"
#include "absl/strings/string_view.h"
#include "sandboxed_api/examples/stringop/stringop_params.pb.h" #include "sandboxed_api/examples/stringop/stringop_params.pb.h"
#include "sandboxed_api/transaction.h" #include "sandboxed_api/transaction.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"

View File

@ -15,10 +15,10 @@
#include <sys/ptrace.h> #include <sys/ptrace.h>
#include <algorithm> #include <algorithm>
#include <iostream> #include <cstdlib>
#include <string>
#include "absl/base/attributes.h" #include "absl/base/attributes.h"
#include "absl/base/optimization.h"
#include "sandboxed_api/examples/stringop/stringop_params.pb.h" #include "sandboxed_api/examples/stringop/stringop_params.pb.h"
#include "sandboxed_api/lenval_core.h" #include "sandboxed_api/lenval_core.h"

View File

@ -82,14 +82,15 @@ cc_binary(
":sum_params_cc_proto", ":sum_params_cc_proto",
"//sandboxed_api:sapi", "//sandboxed_api:sapi",
"//sandboxed_api:vars", "//sandboxed_api:vars",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/base:log_severity", "@com_google_absl//absl/base:log_severity",
"@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check", "@com_google_absl//absl/log:check",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
], ],
) )

View File

@ -78,10 +78,12 @@ add_executable(sapi_main_sum
set_target_properties(sapi_main_sum PROPERTIES OUTPUT_NAME main_sum) set_target_properties(sapi_main_sum PROPERTIES OUTPUT_NAME main_sum)
add_executable(sapi::main_sum ALIAS sapi_main_sum) add_executable(sapi::main_sum ALIAS sapi_main_sum)
target_link_libraries(sapi_main_sum PRIVATE target_link_libraries(sapi_main_sum PRIVATE
absl::core_headers
absl::log absl::log
absl::log_initialize absl::log_initialize
absl::flags
absl::flags_parse absl::flags_parse
absl::status
absl::statusor
absl::strings absl::strings
sapi::base sapi::base
sapi::sapi sapi::sapi

View File

@ -13,19 +13,22 @@
// limitations under the License. // limitations under the License.
#include <fcntl.h> #include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <cstring>
#include <ctime>
#include <memory> #include <memory>
#include <string>
#include <utility>
#include "absl/base/log_severity.h" #include "absl/base/log_severity.h"
#include "absl/flags/flag.h" #include "absl/base/macros.h"
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/log/check.h" #include "absl/log/check.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "sandboxed_api/examples/sum/sum-sapi.sapi.h" #include "sandboxed_api/examples/sum/sum-sapi.sapi.h"
#include "sandboxed_api/examples/sum/sum_params.pb.h" #include "sandboxed_api/examples/sum/sum_params.pb.h"

View File

@ -13,10 +13,9 @@
// limitations under the License. // limitations under the License.
#include <stdio.h> #include <stdio.h>
#include <stdint.h>
#include <unistd.h>
#include <stdlib.h> #include <stdlib.h>
#include <sys/ptrace.h> #include <sys/ptrace.h>
#include <unistd.h>
int sumsymbol = 5; int sumsymbol = 5;

View File

@ -44,11 +44,12 @@ cc_binary(
":zlib-sapi", ":zlib-sapi",
"//sandboxed_api:vars", "//sandboxed_api:vars",
"@com_google_absl//absl/base:core_headers", "@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/base:log_severity",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
], ],
) )

View File

@ -34,11 +34,12 @@ add_executable(sapi_main_zlib
set_target_properties(sapi_main_zlib PROPERTIES OUTPUT_NAME main_zlib) set_target_properties(sapi_main_zlib PROPERTIES OUTPUT_NAME main_zlib)
target_link_libraries(sapi_main_zlib PRIVATE target_link_libraries(sapi_main_zlib PRIVATE
sapi::base sapi::base
absl::flags
absl::flags_parse absl::flags_parse
absl::log absl::log
absl::log_initialize absl::log_initialize
absl::log_severity
absl::status absl::status
absl::statusor
sapi::sapi sapi::sapi
sapi::status sapi::status
sapi::zlib_sapi sapi::zlib_sapi

View File

@ -12,17 +12,17 @@
// See the License for the specific language governing permissions and // See the License for the specific language governing permissions and
// limitations under the License. // limitations under the License.
#include <linux/audit.h> #include <cassert>
#include <sys/syscall.h> #include <cstdio>
#include <cstdlib> #include <cstdlib>
#include "absl/base/log_severity.h"
#include "absl/base/macros.h" #include "absl/base/macros.h"
#include "absl/flags/flag.h"
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "sandboxed_api/examples/zlib/zlib-sapi.sapi.h" #include "sandboxed_api/examples/zlib/zlib-sapi.sapi.h"
#include "sandboxed_api/vars.h" #include "sandboxed_api/vars.h"

View File

@ -22,6 +22,8 @@
#include <sys/types.h> #include <sys/types.h>
#include <cstddef>
struct FileToc { struct FileToc {
const char* name; const char* name;
const char* data; const char* data;

View File

@ -14,7 +14,13 @@
#include "sandboxed_api/proto_helper.h" #include "sandboxed_api/proto_helper.h"
#include <cstddef>
#include <cstdint>
#include <string>
#include <vector>
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h"
namespace sapi { namespace sapi {

View File

@ -17,7 +17,8 @@
#ifndef SANDBOXED_API_PROTO_HELPER_H_ #ifndef SANDBOXED_API_PROTO_HELPER_H_
#define SANDBOXED_API_PROTO_HELPER_H_ #define SANDBOXED_API_PROTO_HELPER_H_
#include <cinttypes> #include <cstddef>
#include <cstdint>
#include <type_traits> #include <type_traits>
#include <vector> #include <vector>

View File

@ -14,7 +14,12 @@
#include "sandboxed_api/rpcchannel.h" #include "sandboxed_api/rpcchannel.h"
#include <cstdint>
#include <cstring>
#include <string>
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"

View File

@ -16,6 +16,7 @@
#define SANDBOXED_API_RPCCHANNEL_H_ #define SANDBOXED_API_RPCCHANNEL_H_
#include <cstddef> #include <cstddef>
#include <cstdint>
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"

View File

@ -14,16 +14,18 @@
#include "sandboxed_api/sandbox.h" #include "sandboxed_api/sandbox.h"
#include <sys/ioctl.h>
#include <sys/resource.h> #include <sys/resource.h>
#include <sys/types.h>
#include <sys/uio.h> #include <sys/uio.h>
#include <syscall.h>
#include <algorithm>
#include <cstdarg>
#include <cstdio> #include <cstdio>
#include <initializer_list>
#include <memory> #include <memory>
#include <string>
#include <utility>
#include <vector>
#include "absl/base/casts.h"
#include "absl/base/dynamic_annotations.h" #include "absl/base/dynamic_annotations.h"
#include "absl/base/macros.h" #include "absl/base/macros.h"
#include "absl/log/log.h" #include "absl/log/log.h"

View File

@ -15,13 +15,20 @@
#ifndef SANDBOXED_API_SANDBOX_H_ #ifndef SANDBOXED_API_SANDBOX_H_
#define SANDBOXED_API_SANDBOX_H_ #define SANDBOXED_API_SANDBOX_H_
#include <ctime>
#include <initializer_list>
#include <memory> #include <memory>
#include <string> #include <string>
#include <utility>
#include <vector> #include <vector>
#include "sandboxed_api/file_toc.h" #include "sandboxed_api/file_toc.h"
#include "absl/base/attributes.h"
#include "absl/base/macros.h" #include "absl/base/macros.h"
#include "absl/log/log.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/time/time.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/rpcchannel.h" #include "sandboxed_api/rpcchannel.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"

View File

@ -116,7 +116,7 @@ cc_library(
":util", ":util",
"//sandboxed_api:config", "//sandboxed_api:config",
"@com_google_absl//absl/algorithm:container", "@com_google_absl//absl/algorithm:container",
"@com_google_absl//absl/log", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/strings:str_format", "@com_google_absl//absl/strings:str_format",
"@com_google_absl//absl/types:span", "@com_google_absl//absl/types:span",
@ -147,7 +147,6 @@ cc_library(
":util", ":util",
"//sandboxed_api:config", "//sandboxed_api:config",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
], ],
) )
@ -179,6 +178,7 @@ cc_library(
deps = [ deps = [
":comms", ":comms",
":logserver_cc_proto", ":logserver_cc_proto",
"@com_google_absl//absl/base:log_severity",
"@com_google_absl//absl/log:log_entry", "@com_google_absl//absl/log:log_entry",
"@com_google_absl//absl/log:log_sink", "@com_google_absl//absl/log:log_sink",
"@com_google_absl//absl/log:log_sink_registry", "@com_google_absl//absl/log:log_sink_registry",
@ -198,6 +198,7 @@ cc_library(
":logserver", ":logserver",
":logsink", ":logsink",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
], ],
@ -218,9 +219,9 @@ cc_library(
"//sandboxed_api/sandbox2/network_proxy:filtering", "//sandboxed_api/sandbox2/network_proxy:filtering",
"//sandboxed_api/sandbox2/util:bpf_helper", "//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/strings:string_view",
], ],
) )
@ -262,7 +263,9 @@ cc_binary(
":sanitizer", ":sanitizer",
"//sandboxed_api/sandbox2/unwind", "//sandboxed_api/sandbox2/unwind",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/base:log_severity",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/status",
], ],
) )
@ -333,6 +336,7 @@ cc_library(
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check", "@com_google_absl//absl/log:check",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/types:span", "@com_google_absl//absl/types:span",
], ],
@ -425,10 +429,12 @@ cc_library(
"@com_google_absl//absl/cleanup", "@com_google_absl//absl/cleanup",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check",
"@com_google_absl//absl/memory", "@com_google_absl//absl/memory",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/time",
], ],
) )
@ -452,13 +458,17 @@ cc_library(
"//sandboxed_api:config", "//sandboxed_api:config",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:status", "//sandboxed_api/util:status",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/cleanup", "@com_google_absl//absl/cleanup",
"@com_google_absl//absl/container:flat_hash_map", "@com_google_absl//absl/container:flat_hash_map",
"@com_google_absl//absl/container:flat_hash_set", "@com_google_absl//absl/container:flat_hash_set",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/strings:str_format",
"@com_google_absl//absl/synchronization", "@com_google_absl//absl/synchronization",
"@com_google_absl//absl/time", "@com_google_absl//absl/time",
], ],
@ -478,10 +488,13 @@ cc_library(
":policy", ":policy",
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/cleanup", "@com_google_absl//absl/cleanup",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
"@com_google_absl//absl/synchronization", "@com_google_absl//absl/synchronization",
"@com_google_absl//absl/time", "@com_google_absl//absl/time",
], ],
@ -539,6 +552,7 @@ cc_library(
":mounts", ":mounts",
":namespace", ":namespace",
":policy", ":policy",
":syscall",
":violation_cc_proto", ":violation_cc_proto",
"//sandboxed_api:config", "//sandboxed_api:config",
"//sandboxed_api/sandbox2/network_proxy:filtering", "//sandboxed_api/sandbox2/network_proxy:filtering",
@ -553,6 +567,7 @@ cc_library(
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/types:optional",
"@com_google_absl//absl/types:span", "@com_google_absl//absl/types:span",
], ],
) )
@ -589,7 +604,6 @@ cc_library(
visibility = ["//visibility:public"], visibility = ["//visibility:public"],
deps = [ deps = [
":util", ":util",
"//sandboxed_api/util:file_helpers",
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:status", "//sandboxed_api/util:status",
@ -674,12 +688,12 @@ cc_test(
copts = sapi_platform_copts(), copts = sapi_platform_copts(),
data = ["//sandboxed_api/sandbox2/testcases:minimal_dynamic"], data = ["//sandboxed_api/sandbox2/testcases:minimal_dynamic"],
deps = [ deps = [
":mount_tree_cc_proto",
":mounts", ":mounts",
"//sandboxed_api:testing", "//sandboxed_api:testing",
"//sandboxed_api/util:file_base", "//sandboxed_api/util:file_base",
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"//sandboxed_api/util:temp_file", "//sandboxed_api/util:temp_file",
"@com_google_absl//absl/status",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
], ],
@ -691,7 +705,6 @@ cc_library(
hdrs = ["namespace.h"], hdrs = ["namespace.h"],
copts = sapi_platform_copts(), copts = sapi_platform_copts(),
deps = [ deps = [
":mount_tree_cc_proto",
":mounts", ":mounts",
":violation_cc_proto", ":violation_cc_proto",
"//sandboxed_api/util:file_base", "//sandboxed_api/util:file_base",
@ -718,7 +731,8 @@ cc_test(
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"//sandboxed_api/util:temp_file", "//sandboxed_api/util:temp_file",
"@com_google_absl//absl/log", "@com_google_absl//absl/log:check",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
], ],
@ -736,6 +750,7 @@ cc_library(
":forkserver", ":forkserver",
":sanitizer", ":sanitizer",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/log",
"@com_google_absl//absl/log:check", "@com_google_absl//absl/log:check",
], ],
) )
@ -755,8 +770,6 @@ cc_library(
"//sandboxed_api/util:file_helpers", "//sandboxed_api/util:file_helpers",
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:status",
"@com_google_absl//absl/algorithm:container",
"@com_google_absl//absl/base:core_headers", "@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
@ -864,6 +877,7 @@ cc_test(
":sandbox2", ":sandbox2",
"//sandboxed_api:testing", "//sandboxed_api:testing",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"@com_google_absl//absl/log",
"@com_google_absl//absl/log:check", "@com_google_absl//absl/log:check",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
@ -898,7 +912,6 @@ cc_test(
":comms", ":comms",
":sandbox2", ":sandbox2",
"//sandboxed_api:testing", "//sandboxed_api:testing",
"//sandboxed_api/sandbox2/util:bpf_helper",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
@ -918,8 +931,6 @@ cc_test(
], ],
tags = ["no_qemu_user_mode"], tags = ["no_qemu_user_mode"],
deps = [ deps = [
":limits",
":regs",
":sandbox2", ":sandbox2",
"//sandboxed_api:config", "//sandboxed_api:config",
"//sandboxed_api:testing", "//sandboxed_api:testing",
@ -950,7 +961,11 @@ cc_test(
"//sandboxed_api:config", "//sandboxed_api:config",
"//sandboxed_api:testing", "//sandboxed_api:testing",
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/synchronization",
"@com_google_absl//absl/time",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
], ],
) )
@ -986,6 +1001,7 @@ cc_test(
":util", ":util",
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/cleanup", "@com_google_absl//absl/cleanup",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
], ],
@ -1001,8 +1017,6 @@ cc_test(
tags = ["no_qemu_user_mode"], tags = ["no_qemu_user_mode"],
deps = [ deps = [
":global_forkserver", ":global_forkserver",
":namespace",
":regs",
":sandbox2", ":sandbox2",
":stack_trace", ":stack_trace",
"//sandboxed_api:testing", "//sandboxed_api:testing",
@ -1010,7 +1024,7 @@ cc_test(
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:reflection", "@com_google_absl//absl/flags:reflection",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/log:check",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",
"@com_google_absl//absl/time", "@com_google_absl//absl/time",
"@com_google_googletest//:gtest_main", "@com_google_googletest//:gtest_main",
@ -1057,7 +1071,6 @@ cc_test(
":policybuilder", ":policybuilder",
"//sandboxed_api/sandbox2/util:bpf_helper", "//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:status_matchers", "//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/log",
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",

View File

@ -76,6 +76,7 @@ add_library(sandbox2::syscall ALIAS sandbox2_syscall)
target_link_libraries(sandbox2_syscall target_link_libraries(sandbox2_syscall
PRIVATE absl::algorithm_container PRIVATE absl::algorithm_container
absl::span absl::span
absl::statusor
absl::str_format absl::str_format
absl::strings absl::strings
sandbox2::util sandbox2::util
@ -166,17 +167,18 @@ add_library(sandbox2_policy ${SAPI_LIB_TYPE}
policy.h policy.h
) )
add_library(sandbox2::policy ALIAS sandbox2_policy) add_library(sandbox2::policy ALIAS sandbox2_policy)
target_link_libraries(sandbox2_policy PRIVATE target_link_libraries(sandbox2_policy
absl::core_headers PRIVATE absl::strings
sandbox2::bpf_helper sandbox2::bpf_helper
sandbox2::bpfdisassembler sandbox2::bpfdisassembler
sandbox2::comms sandbox2::comms
sandbox2::namespace sandbox2::regs
sandbox2::regs sandbox2::syscall
sandbox2::syscall sapi::base
sandbox2::violation_proto sapi::config
sapi::base PUBLIC sandbox2::network_proxy_filtering
sapi::config sandbox2::namespace
sandbox2::violation_proto
) )
# sandboxed_api/sandbox2:notify # sandboxed_api/sandbox2:notify
@ -215,6 +217,8 @@ set_target_properties(sandbox2_forkserver_bin PROPERTIES
add_executable(sandbox2::forkserver_bin ALIAS sandbox2_forkserver_bin) add_executable(sandbox2::forkserver_bin ALIAS sandbox2_forkserver_bin)
target_link_libraries(sandbox2_forkserver_bin PRIVATE target_link_libraries(sandbox2_forkserver_bin PRIVATE
absl::log_globals absl::log_globals
absl::log_severity
absl::status
sandbox2::client sandbox2::client
sandbox2::comms sandbox2::comms
sandbox2::forkserver sandbox2::forkserver
@ -286,6 +290,7 @@ add_library(sandbox2_executor ${SAPI_LIB_TYPE}
add_library(sandbox2::executor ALIAS sandbox2_executor) add_library(sandbox2::executor ALIAS sandbox2_executor)
target_link_libraries(sandbox2_executor target_link_libraries(sandbox2_executor
PRIVATE absl::core_headers PRIVATE absl::core_headers
absl::status
sandbox2::forkserver_proto sandbox2::forkserver_proto
sandbox2::ipc sandbox2::ipc
sandbox2::limits sandbox2::limits
@ -295,7 +300,7 @@ target_link_libraries(sandbox2_executor
sapi::status_proto sapi::status_proto
PUBLIC absl::log PUBLIC absl::log
absl::span absl::span
absl::status absl::statusor
absl::strings absl::strings
sapi::config sapi::config
sapi::fileops sapi::fileops
@ -366,6 +371,7 @@ target_link_libraries(sandbox2_stack_trace
absl::memory absl::memory
absl::status absl::status
absl::strings absl::strings
absl::time
sandbox2::client sandbox2::client
sandbox2::limits sandbox2::limits
sandbox2::policybuilder sandbox2::policybuilder
@ -378,7 +384,8 @@ target_link_libraries(sandbox2_stack_trace
sapi::fileops sapi::fileops
sapi::raw_logging sapi::raw_logging
sapi::status sapi::status
PUBLIC absl::statusor PUBLIC absl::check
absl::statusor
sandbox2::comms sandbox2::comms
sandbox2::executor sandbox2::executor
sandbox2::namespace sandbox2::namespace
@ -428,11 +435,14 @@ add_library(sandbox2_monitor_ptrace ${SAPI_LIB_TYPE}
) )
add_library(sandbox2::monitor_ptrace ALIAS sandbox2_monitor_ptrace) add_library(sandbox2::monitor_ptrace ALIAS sandbox2_monitor_ptrace)
target_link_libraries(sandbox2_monitor_ptrace target_link_libraries(sandbox2_monitor_ptrace
PRIVATE absl::cleanup PRIVATE absl::core_headers
absl::cleanup
absl::flat_hash_set absl::flat_hash_set
absl::flags absl::flags
absl::log absl::log
absl::status absl::status
absl::statusor
absl::str_format
absl::strings absl::strings
absl::time absl::time
sapi::base sapi::base
@ -443,7 +453,8 @@ target_link_libraries(sandbox2_monitor_ptrace
sandbox2::result sandbox2::result
sandbox2::sanitizer sandbox2::sanitizer
sandbox2::util sandbox2::util
PUBLIC sandbox2::executor PUBLIC absl::check
sandbox2::executor
sandbox2::monitor_base sandbox2::monitor_base
sandbox2::notify sandbox2::notify
sandbox2::policy sandbox2::policy
@ -461,9 +472,13 @@ add_library(sandbox2_monitor_unotify ${SAPI_LIB_TYPE}
) )
add_library(sandbox2::monitor_unotify ALIAS sandbox2_monitor_unotify) add_library(sandbox2::monitor_unotify ALIAS sandbox2_monitor_unotify)
target_link_libraries(sandbox2_monitor_unotify target_link_libraries(sandbox2_monitor_unotify
PRIVATE absl::cleanup PRIVATE absl::check
absl::cleanup
absl::core_headers
absl::log absl::log
absl::optional
absl::status absl::status
absl::strings
absl::time absl::time
sapi::base sapi::base
sandbox2::client sandbox2::client
@ -493,6 +508,7 @@ target_link_libraries(sandbox2_policybuilder
sapi::config sapi::config
sandbox2::bpf_helper sandbox2::bpf_helper
sandbox2::namespace sandbox2::namespace
sandbox2::syscall
sandbox2::violation_proto sandbox2::violation_proto
sapi::file_base sapi::file_base
sapi::status sapi::status
@ -538,7 +554,6 @@ add_library(sandbox2::sanitizer ALIAS sandbox2_sanitizer)
target_link_libraries(sandbox2_sanitizer target_link_libraries(sandbox2_sanitizer
PRIVATE absl::strings PRIVATE absl::strings
sandbox2::util sandbox2::util
sapi::file_helpers
sapi::fileops sapi::fileops
sapi::strerror sapi::strerror
sapi::raw_logging sapi::raw_logging
@ -642,7 +657,8 @@ add_library(sandbox2_forkingclient ${SAPI_LIB_TYPE}
) )
add_library(sandbox2::forkingclient ALIAS sandbox2_forkingclient) add_library(sandbox2::forkingclient ALIAS sandbox2_forkingclient)
target_link_libraries(sandbox2_forkingclient target_link_libraries(sandbox2_forkingclient
PRIVATE absl::memory PRIVATE absl::check
absl::memory
absl::log absl::log
sandbox2::sanitizer sandbox2::sanitizer
sapi::base sapi::base
@ -659,15 +675,13 @@ add_library(sandbox2_util ${SAPI_LIB_TYPE}
) )
add_library(sandbox2::util ALIAS sandbox2_util) add_library(sandbox2::util ALIAS sandbox2_util)
target_link_libraries(sandbox2_util target_link_libraries(sandbox2_util
PRIVATE absl::algorithm_container PRIVATE absl::core_headers
absl::core_headers
absl::str_format absl::str_format
absl::strings absl::strings
sapi::config sapi::config
sapi::file_base sapi::file_base
sapi::file_helpers sapi::file_helpers
sapi::fileops sapi::fileops
sapi::status
sapi::base sapi::base
sapi::raw_logging sapi::raw_logging
PUBLIC absl::status PUBLIC absl::status
@ -813,10 +827,10 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_minimal_dynamic sandbox2::testcase_minimal_dynamic
) )
target_link_libraries(sandbox2_mounts_test PRIVATE target_link_libraries(sandbox2_mounts_test PRIVATE
absl::status
absl::strings absl::strings
sapi::file_base sapi::file_base
sandbox2::mounts sandbox2::mounts
sandbox2::mount_tree_proto
sapi::temp_file sapi::temp_file
sapi::testing sapi::testing
sapi::status_matchers sapi::status_matchers
@ -838,6 +852,8 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_namespace sandbox2::testcase_namespace
) )
target_link_libraries(sandbox2_namespace_test PRIVATE target_link_libraries(sandbox2_namespace_test PRIVATE
absl::check
absl::statusor
absl::strings absl::strings
sandbox2::allow_all_syscalls sandbox2::allow_all_syscalls
sandbox2::allow_unrestricted_networking sandbox2::allow_unrestricted_networking
@ -971,7 +987,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
) )
target_link_libraries(sandbox2_notify_test PRIVATE target_link_libraries(sandbox2_notify_test PRIVATE
absl::strings absl::strings
sandbox2::bpf_helper
sandbox2::comms sandbox2::comms
sandbox2::regs sandbox2::regs
sandbox2::sandbox2 sandbox2::sandbox2
@ -1001,8 +1016,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
absl::strings absl::strings
sandbox2::bpf_helper sandbox2::bpf_helper
sapi::config sapi::config
sandbox2::limits
sandbox2::regs
sandbox2::sandbox2 sandbox2::sandbox2
sapi::status_matchers sapi::status_matchers
sapi::testing sapi::testing
@ -1027,7 +1040,11 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_tsync sandbox2::testcase_tsync
) )
target_link_libraries(sandbox2_sandbox2_test PRIVATE target_link_libraries(sandbox2_sandbox2_test PRIVATE
absl::status
absl::statusor
absl::strings absl::strings
absl::synchronization
absl::time
sapi::config sapi::config
sandbox2::sandbox2 sandbox2::sandbox2
sapi::testing sapi::testing
@ -1076,6 +1093,7 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
) )
target_link_libraries(sandbox2_util_test PRIVATE target_link_libraries(sandbox2_util_test PRIVATE
sandbox2::util sandbox2::util
absl::statusor
absl::strings absl::strings
absl::cleanup absl::cleanup
sapi::status_matchers sapi::status_matchers
@ -1094,12 +1112,12 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_symbolize sandbox2::testcase_symbolize
) )
target_link_libraries(sandbox2_stack_trace_test PRIVATE target_link_libraries(sandbox2_stack_trace_test PRIVATE
absl::check
absl::flags absl::flags
absl::status absl::status
absl::strings absl::strings
absl::time absl::time
sandbox2::global_forkserver sandbox2::global_forkserver
sandbox2::namespace
sandbox2::sandbox2 sandbox2::sandbox2
sandbox2::stack_trace sandbox2::stack_trace
sandbox2::util sandbox2::util

View File

@ -14,13 +14,17 @@
#include "sandboxed_api/sandbox2/bpfdisassembler.h" #include "sandboxed_api/sandbox2/bpfdisassembler.h"
#include <linux/bpf_common.h>
// IWYU pragma: no_include <asm/int-ll64.h> // IWYU pragma: no_include <asm/int-ll64.h>
#include <linux/filter.h> #include <linux/filter.h>
#include <linux/seccomp.h> #include <linux/seccomp.h>
#include <sys/sysinfo.h>
#include <cstddef> #include <cstddef>
#include <string>
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/types/span.h"
#define INSIDE_FIELD(what, field) \ #define INSIDE_FIELD(what, field) \
((offsetof(seccomp_data, field) == 0 || \ ((offsetof(seccomp_data, field) == 0 || \

View File

@ -1,5 +1,9 @@
#include "sandboxed_api/sandbox2/bpfdisassembler.h" #include "sandboxed_api/sandbox2/bpfdisassembler.h"
#include <linux/bpf_common.h>
#include <linux/filter.h>
#include <linux/seccomp.h>
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "sandboxed_api/sandbox2/util/bpf_helper.h" #include "sandboxed_api/sandbox2/util/bpf_helper.h"

View File

@ -19,7 +19,10 @@
#include <unistd.h> #include <unistd.h>
#include <cerrno> #include <cerrno>
#include <cstddef>
#include <cstdint>
#include <memory> #include <memory>
#include <utility>
#include "absl/memory/memory.h" #include "absl/memory/memory.h"
#include "absl/status/status.h" #include "absl/status/status.h"

View File

@ -15,9 +15,9 @@
#include "sandboxed_api/sandbox2/buffer.h" #include "sandboxed_api/sandbox2/buffer.h"
#include <sys/stat.h> #include <sys/stat.h>
#include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <cstdint>
#include <memory> #include <memory>
#include <string> #include <string>
#include <utility> #include <utility>

View File

@ -17,6 +17,7 @@
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
#include <fcntl.h> #include <fcntl.h>
#include <linux/bpf_common.h>
#include <linux/filter.h> #include <linux/filter.h>
#include <linux/seccomp.h> #include <linux/seccomp.h>
#include <sys/prctl.h> #include <sys/prctl.h>
@ -24,17 +25,21 @@
#include <unistd.h> #include <unistd.h>
#include <atomic> #include <atomic>
#include <cerrno>
#include <cinttypes> #include <cinttypes>
#include <cstdint> #include <cstdint>
#include <cstdlib> #include <cstdlib>
#include <limits>
#include <memory> #include <memory>
#include <string> #include <string>
#include <thread> // NOLINT(build/c++11) #include <thread> // NOLINT(build/c++11)
#include <utility> #include <utility>
#include <vector>
#include "absl/base/attributes.h" #include "absl/base/attributes.h"
#include "absl/base/macros.h" #include "absl/base/macros.h"
#include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_map.h"
#include "absl/status/status.h"
#include "absl/strings/numbers.h" #include "absl/strings/numbers.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/str_join.h" #include "absl/strings/str_join.h"

View File

@ -29,16 +29,20 @@
#include <atomic> #include <atomic>
#include <cerrno> #include <cerrno>
#include <cstddef> #include <cstdint>
#include <cstdlib> #include <cstdlib>
#include <cstring> #include <cstring>
#include <functional> #include <functional>
#include <memory> #include <memory>
#include <string>
#include <utility>
#include <vector>
#include "google/protobuf/message.h" #include "google/protobuf/message.h"
#include "absl/base/dynamic_annotations.h" #include "absl/base/dynamic_annotations.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/strings/numbers.h"
#include "absl/strings/str_format.h" #include "absl/strings/str_format.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"
#include "sandboxed_api/sandbox2/util.h" #include "sandboxed_api/sandbox2/util.h"

View File

@ -28,14 +28,18 @@
#include <cstddef> #include <cstddef>
#include <cstdint> #include <cstdint>
#include <functional>
#include <limits> #include <limits>
#include <memory> #include <memory>
#include <string> #include <string>
#include <utility> #include <utility>
#include <vector>
#include "absl/base/attributes.h" #include "absl/base/attributes.h"
#include "absl/base/thread_annotations.h"
#include "absl/log/die_if_null.h" #include "absl/log/die_if_null.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/string_view.h" #include "absl/strings/string_view.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"
#include "sandboxed_api/util/status.pb.h" #include "sandboxed_api/util/status.pb.h"

View File

@ -17,9 +17,9 @@
#include <fcntl.h> #include <fcntl.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/time.h> #include <sys/types.h>
#include <unistd.h>
#include <cstdint>
#include <cstring> #include <cstring>
#include <ctime> #include <ctime>
#include <functional> #include <functional>

View File

@ -34,17 +34,17 @@ cc_binary(
copts = sapi_platform_copts(), copts = sapi_platform_copts(),
data = [":crc4bin"], data = [":crc4bin"],
deps = [ deps = [
"//sandboxed_api:config",
"//sandboxed_api/sandbox2", "//sandboxed_api/sandbox2",
"//sandboxed_api/sandbox2:comms", "//sandboxed_api/sandbox2:comms",
"//sandboxed_api/sandbox2/util:bpf_helper", "//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"@com_google_absl//absl/base:log_severity",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/strings:string_view",
"@com_google_absl//absl/time",
], ],
) )
@ -59,6 +59,7 @@ cc_binary(
"//sandboxed_api/sandbox2:util", "//sandboxed_api/sandbox2:util",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/strings:string_view",
], ],
) )

View File

@ -24,7 +24,9 @@ target_link_libraries(sandbox2_crc4sandbox PRIVATE
absl::flags absl::flags
absl::flags_parse absl::flags_parse
absl::log absl::log
absl::log_globals
absl::log_initialize absl::log_initialize
absl::log_severity
sandbox2::bpf_helper sandbox2::bpf_helper
sandbox2::comms sandbox2::comms
sapi::runfiles sapi::runfiles
@ -42,6 +44,7 @@ target_link_libraries(sandbox2_crc4bin PRIVATE
absl::core_headers absl::core_headers
absl::flags absl::flags
absl::flags_parse absl::flags_parse
absl::strings
sandbox2::client sandbox2::client
sandbox2::comms sandbox2::comms
sandbox2::util sandbox2::util

View File

@ -19,9 +19,12 @@
#include <cstdint> #include <cstdint>
#include <cstring> #include <cstring>
#include <functional>
#include <vector>
#include "absl/flags/flag.h" #include "absl/flags/flag.h"
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/strings/string_view.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/util.h" #include "sandboxed_api/sandbox2/util.h"

View File

@ -14,11 +14,8 @@
// A demo sandbox for the crc4bin binary // A demo sandbox for the crc4bin binary
#include <linux/filter.h>
#include <sys/resource.h>
#include <syscall.h> #include <syscall.h>
#include <cstddef>
#include <cstdint> #include <cstdint>
#include <cstdio> #include <cstdio>
#include <cstdlib> #include <cstdlib>
@ -27,13 +24,14 @@
#include <utility> #include <utility>
#include <vector> #include <vector>
#include "absl/base/log_severity.h"
#include "absl/flags/flag.h" #include "absl/flags/flag.h"
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "sandboxed_api/config.h" #include "absl/base/log_severity.h"
#include "absl/strings/string_view.h"
#include "absl/time/time.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/limits.h" #include "sandboxed_api/sandbox2/limits.h"

View File

@ -17,6 +17,7 @@
#include <unistd.h> #include <unistd.h>
#include <string> #include <string>
#include <vector>
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"

View File

@ -34,13 +34,14 @@ cc_binary(
"//sandboxed_api:config", "//sandboxed_api:config",
"//sandboxed_api/sandbox2", "//sandboxed_api/sandbox2",
"//sandboxed_api/sandbox2:comms", "//sandboxed_api/sandbox2:comms",
"//sandboxed_api/sandbox2:fork_client",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check", "@com_google_absl//absl/log:check",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/time",
], ],
) )

View File

@ -27,7 +27,10 @@ target_link_libraries(sandbox2_custom_fork_sandbox PRIVATE
absl::log absl::log
absl::log_globals absl::log_globals
absl::log_initialize absl::log_initialize
absl::log_severity
absl::time
sandbox2::comms sandbox2::comms
sandbox2::fork_client
sandbox2::forkserver sandbox2::forkserver
sapi::runfiles sapi::runfiles
sandbox2::sandbox2 sandbox2::sandbox2

View File

@ -16,7 +16,7 @@
// sandbox2, and which uses a built-in fork-server to spawn new sandboxees // sandbox2, and which uses a built-in fork-server to spawn new sandboxees
// (instead of doing fork/execve via the Fork-Server). // (instead of doing fork/execve via the Fork-Server).
#include <sys/types.h> #include <unistd.h>
#include <cstdint> #include <cstdint>

View File

@ -17,21 +17,24 @@
#include <syscall.h> #include <syscall.h>
#include <cstdint>
#include <cstdlib> #include <cstdlib>
#include <memory> #include <memory>
#include <string> #include <string>
#include <utility> #include <utility>
#include <vector> #include <vector>
#include "absl/flags/flag.h"
#include "absl/flags/parse.h"
#include "absl/log/check.h" #include "absl/log/check.h"
#include "absl/flags/parse.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/base/log_severity.h"
#include "absl/time/time.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/fork_client.h"
#include "sandboxed_api/sandbox2/limits.h" #include "sandboxed_api/sandbox2/limits.h"
#include "sandboxed_api/sandbox2/policy.h" #include "sandboxed_api/sandbox2/policy.h"
#include "sandboxed_api/sandbox2/policybuilder.h" #include "sandboxed_api/sandbox2/policybuilder.h"

View File

@ -40,11 +40,12 @@ cc_binary(
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"@com_google_absl//absl/base:core_headers", "@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/strings:string_view",
"@com_google_absl//absl/time",
], ],
) )

View File

@ -26,6 +26,9 @@ target_link_libraries(sandbox2_network_sandbox PRIVATE
absl::log absl::log
absl::log_globals absl::log_globals
absl::log_initialize absl::log_initialize
absl::log_severity
absl::strings
absl::time
sandbox2::bpf_helper sandbox2::bpf_helper
sandbox2::comms sandbox2::comms
sapi::fileops sapi::fileops

View File

@ -16,11 +16,11 @@
// namespace. It can't connect with the server directly, but the executor can // namespace. It can't connect with the server directly, but the executor can
// establish a connection and pass the connected socket to the sandboxee. // establish a connection and pass the connected socket to the sandboxee.
#include <sys/socket.h> #include <unistd.h>
#include <syscall.h>
#include <cstdint>
#include <cstdio>
#include <cstring> #include <cstring>
#include <string>
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/strings/str_format.h" #include "absl/strings/str_format.h"

View File

@ -15,24 +15,25 @@
// A demo sandbox for the network binary. // A demo sandbox for the network binary.
#include <arpa/inet.h> #include <arpa/inet.h>
#include <linux/filter.h>
#include <netdb.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <sys/resource.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h>
#include <cstdio>
#include <cstdlib> #include <cstdlib>
#include <memory>
#include <string> #include <string>
#include <utility>
#include <vector>
#include "absl/base/macros.h" #include "absl/base/macros.h"
#include "absl/flags/flag.h"
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/base/log_severity.h"
#include "absl/strings/string_view.h"
#include "absl/time/time.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"

View File

@ -32,7 +32,6 @@ cc_binary(
"//sandboxed_api:config", "//sandboxed_api:config",
"//sandboxed_api/sandbox2", "//sandboxed_api/sandbox2",
"//sandboxed_api/sandbox2:comms", "//sandboxed_api/sandbox2:comms",
"//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"@com_google_absl//absl/base:core_headers", "@com_google_absl//absl/base:core_headers",
@ -41,6 +40,8 @@ cc_binary(
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/strings:string_view",
"@com_google_absl//absl/time",
], ],
) )
@ -64,6 +65,7 @@ cc_binary(
"@com_google_absl//absl/status", "@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings:str_format", "@com_google_absl//absl/strings:str_format",
"@com_google_absl//absl/strings:string_view",
], ],
) )

View File

@ -26,6 +26,9 @@ target_link_libraries(sandbox2_networkproxy_sandbox PRIVATE
absl::log absl::log
absl::log_globals absl::log_globals
absl::log_initialize absl::log_initialize
absl::log_severity
absl::strings
absl::time
sandbox2::bpf_helper sandbox2::bpf_helper
sandbox2::comms sandbox2::comms
sapi::fileops sapi::fileops
@ -50,6 +53,7 @@ target_link_libraries(sandbox2_networkproxy_bin PRIVATE absl::status
absl::log_initialize absl::log_initialize
absl::statusor absl::statusor
absl::str_format absl::str_format
absl::strings
sandbox2::client sandbox2::client
sandbox2::comms sandbox2::comms
sapi::fileops sapi::fileops

View File

@ -5,10 +5,10 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h> #include <sys/types.h>
#include <syscall.h> #include <unistd.h>
#include <cerrno>
#include <cstring> #include <cstring>
#include "absl/base/log_severity.h" #include "absl/base/log_severity.h"
@ -20,6 +20,7 @@
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/strings/str_format.h" #include "absl/strings/str_format.h"
#include "absl/strings/string_view.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/network_proxy/client.h" #include "sandboxed_api/sandbox2/network_proxy/client.h"

View File

@ -1,18 +1,15 @@
// A demo sandbox for the network binary. // A demo sandbox for the network binary.
#include <arpa/inet.h> #include <arpa/inet.h>
#include <linux/filter.h>
#include <netdb.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <sys/resource.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h>
#include <cstdio>
#include <cstdlib> #include <cstdlib>
#include <memory>
#include <string> #include <string>
#include <utility>
#include <vector> #include <vector>
#include "absl/base/macros.h" #include "absl/base/macros.h"
@ -21,13 +18,15 @@
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/base/log_severity.h"
#include "absl/strings/string_view.h"
#include "absl/time/time.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/policy.h" #include "sandboxed_api/sandbox2/policy.h"
#include "sandboxed_api/sandbox2/policybuilder.h" #include "sandboxed_api/sandbox2/policybuilder.h"
#include "sandboxed_api/sandbox2/sandbox2.h" #include "sandboxed_api/sandbox2/sandbox2.h"
#include "sandboxed_api/sandbox2/util/bpf_helper.h"
#include "sandboxed_api/util/fileops.h" #include "sandboxed_api/util/fileops.h"
#include "sandboxed_api/util/runfiles.h" #include "sandboxed_api/util/runfiles.h"

View File

@ -39,11 +39,12 @@ cc_binary(
"//sandboxed_api/sandbox2", "//sandboxed_api/sandbox2",
"//sandboxed_api/sandbox2/util:bpf_helper", "//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/time",
], ],
) )

View File

@ -21,10 +21,14 @@ add_dependencies(sandbox2_static_sandbox
sandbox2::static_bin sandbox2::static_bin
) )
target_link_libraries(sandbox2_static_sandbox PRIVATE target_link_libraries(sandbox2_static_sandbox PRIVATE
absl::check
absl::flags absl::flags
absl::flags_parse absl::flags_parse
absl::log absl::log
absl::log_globals
absl::log_initialize absl::log_initialize
absl::log_severity
absl::time
sandbox2::bpf_helper sandbox2::bpf_helper
sapi::runfiles sapi::runfiles
sandbox2::sandbox2 sandbox2::sandbox2

View File

@ -17,12 +17,10 @@
// //
// It inverts all bytes coming from stdin and writes them to the stdout. // It inverts all bytes coming from stdin and writes them to the stdout.
#include <signal.h>
#include <sys/prctl.h> #include <sys/prctl.h>
#include <unistd.h> #include <unistd.h>
#include <cctype> #include <cctype>
#include <cstddef>
#include <cstdio> #include <cstdio>
int main(int argc, char* argv[]) { int main(int argc, char* argv[]) {

View File

@ -17,22 +17,23 @@
#include <fcntl.h> #include <fcntl.h>
#include <sys/mman.h> #include <sys/mman.h>
#include <sys/resource.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <csignal> #include <cerrno>
#include <cstdlib> #include <cstdlib>
#include <memory> #include <memory>
#include <string> #include <string>
#include <utility> #include <utility>
#include <vector> #include <vector>
#include "absl/flags/flag.h" #include "absl/log/check.h"
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/base/log_severity.h"
#include "absl/time/time.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/limits.h" #include "sandboxed_api/sandbox2/limits.h"

View File

@ -39,10 +39,12 @@ cc_binary(
"//sandboxed_api/sandbox2:util", "//sandboxed_api/sandbox2:util",
"//sandboxed_api/sandbox2/util:bpf_helper", "//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"@com_google_absl//absl/base:log_severity",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/flags:usage", "@com_google_absl//absl/flags:usage",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/strings", "@com_google_absl//absl/strings",

View File

@ -19,12 +19,14 @@ add_executable(sandbox2_sandbox2tool
set_target_properties(sandbox2_sandbox2tool PROPERTIES OUTPUT_NAME sandbox2tool) set_target_properties(sandbox2_sandbox2tool PROPERTIES OUTPUT_NAME sandbox2tool)
add_executable(sandbox2::sandbox2tool ALIAS sandbox2_sandbox2tool) add_executable(sandbox2::sandbox2tool ALIAS sandbox2_sandbox2tool)
target_link_libraries(sandbox2_sandbox2tool PRIVATE target_link_libraries(sandbox2_sandbox2tool PRIVATE
absl::check
absl::flags absl::flags
absl::flags_parse absl::flags_parse
absl::flags_usage absl::flags_usage
absl::log absl::log
absl::log_globals absl::log_globals
absl::log_initialize absl::log_initialize
absl::log_severity
absl::strings absl::strings
absl::time absl::time
sandbox2::allow_all_syscalls sandbox2::allow_all_syscalls

View File

@ -22,26 +22,30 @@
// --logtostderr // --logtostderr
// /bin/ls // /bin/ls
#include <sys/resource.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <csignal> #include <csignal>
#include <cstdint>
#include <cstdio>
#include <cstdlib> #include <cstdlib>
#include <memory> #include <memory>
#include <string> #include <string>
#include <utility> #include <utility>
#include <vector> #include <vector>
#include "absl/base/log_severity.h"
#include "absl/flags/flag.h" #include "absl/flags/flag.h"
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/flags/usage.h" #include "absl/flags/usage.h"
#include "absl/log/check.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/strings/str_format.h" #include "absl/strings/str_format.h"
#include "absl/strings/str_split.h" #include "absl/strings/str_split.h"
#include "absl/strings/string_view.h"
#include "absl/time/time.h" #include "absl/time/time.h"
#include "sandboxed_api/sandbox2/allow_all_syscalls.h" #include "sandboxed_api/sandbox2/allow_all_syscalls.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"

View File

@ -28,14 +28,16 @@ cc_binary(
data = [":zpipe"], data = [":zpipe"],
deps = [ deps = [
"//sandboxed_api/sandbox2", "//sandboxed_api/sandbox2",
"//sandboxed_api/sandbox2:comms",
"//sandboxed_api/sandbox2/util:bpf_helper", "//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:flag",
"@com_google_absl//absl/flags:parse", "@com_google_absl//absl/flags:parse",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/log:check",
"@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:globals",
"@com_google_absl//absl/log:initialize", "@com_google_absl//absl/log:initialize",
"@com_google_absl//absl/strings:string_view",
"@com_google_absl//absl/time",
], ],
) )

View File

@ -21,11 +21,15 @@ add_dependencies(sandbox2_zpipe_sandbox
sandbox2::zpipe sandbox2::zpipe
) )
target_link_libraries(sandbox2_zpipe_sandbox PRIVATE target_link_libraries(sandbox2_zpipe_sandbox PRIVATE
absl::check
absl::flags absl::flags
absl::flags_parse absl::flags_parse
absl::log absl::log
absl::log_globals absl::log_globals
absl::log_initialize absl::log_initialize
absl::log_severity
absl::strings
absl::time
sandbox2::bpf_helper sandbox2::bpf_helper
sandbox2::comms sandbox2::comms
sapi::runfiles sapi::runfiles

View File

@ -13,13 +13,10 @@
// limitations under the License. // limitations under the License.
#include <fcntl.h> #include <fcntl.h>
#include <linux/filter.h>
#include <sys/resource.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h>
#include <cstddef> #include <cerrno>
#include <cstdint>
#include <cstdio>
#include <cstdlib> #include <cstdlib>
#include <memory> #include <memory>
#include <string> #include <string>
@ -30,8 +27,11 @@
#include "absl/flags/parse.h" #include "absl/flags/parse.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/log/initialize.h" #include "absl/log/initialize.h"
#include "absl/log/check.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "sandboxed_api/sandbox2/comms.h" #include "absl/base/log_severity.h"
#include "absl/strings/string_view.h"
#include "absl/time/time.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/limits.h" #include "sandboxed_api/sandbox2/limits.h"
#include "sandboxed_api/sandbox2/policy.h" #include "sandboxed_api/sandbox2/policy.h"

View File

@ -17,16 +17,19 @@
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include <fcntl.h> #include <fcntl.h>
#include <libgen.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <unistd.h> #include <unistd.h>
#include <climits> #include <algorithm>
#include <cstddef> #include <cerrno>
#include <cstdint>
#include <memory> #include <memory>
#include <string_view> #include <string>
#include <vector>
#include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/match.h" #include "absl/strings/match.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/string_view.h" #include "absl/strings/string_view.h"

View File

@ -15,7 +15,6 @@
#ifndef SANDBOXED_API_SANDBOX2_EXECUTOR_H_ #ifndef SANDBOXED_API_SANDBOX2_EXECUTOR_H_
#define SANDBOXED_API_SANDBOX2_EXECUTOR_H_ #define SANDBOXED_API_SANDBOX2_EXECUTOR_H_
#include <stdlib.h>
#include <unistd.h> #include <unistd.h>
#include <memory> #include <memory>
@ -26,6 +25,7 @@
#include "absl/base/macros.h" #include "absl/base/macros.h"
#include "absl/log/check.h" #include "absl/log/check.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/statusor.h"
#include "absl/strings/string_view.h" #include "absl/strings/string_view.h"
#include "absl/types/span.h" #include "absl/types/span.h"
#include "sandboxed_api/sandbox2/fork_client.h" #include "sandboxed_api/sandbox2/fork_client.h"

View File

@ -14,10 +14,14 @@
#include "sandboxed_api/sandbox2/fork_client.h" #include "sandboxed_api/sandbox2/fork_client.h"
#include <sys/types.h>
#include "absl/log/check.h" #include "absl/log/check.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/synchronization/mutex.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/forkserver.pb.h" #include "sandboxed_api/sandbox2/forkserver.pb.h"
#include "sandboxed_api/util/fileops.h"
namespace sandbox2 { namespace sandbox2 {

View File

@ -14,13 +14,13 @@
#include "sandboxed_api/sandbox2/forkingclient.h" #include "sandboxed_api/sandbox2/forkingclient.h"
#include <sys/types.h>
#include <unistd.h> #include <unistd.h>
#include <cstdlib> #include <cstdlib>
#include <memory> #include <memory>
#include "absl/log/check.h" #include "absl/log/check.h"
#include "absl/log/log.h"
#include "sandboxed_api/sandbox2/forkserver.h" #include "sandboxed_api/sandbox2/forkserver.h"
#include "sandboxed_api/sandbox2/sanitizer.h" #include "sandboxed_api/sandbox2/sanitizer.h"
#include "sandboxed_api/util/raw_logging.h" #include "sandboxed_api/util/raw_logging.h"

View File

@ -16,15 +16,15 @@
#include "sandboxed_api/sandbox2/forkserver.h" #include "sandboxed_api/sandbox2/forkserver.h"
#include <asm/types.h>
#include <fcntl.h> #include <fcntl.h>
#include <linux/filter.h>
#include <linux/seccomp.h>
#include <sched.h> #include <sched.h>
#include <sys/eventfd.h> #include <sys/eventfd.h>
#include <sys/prctl.h> #include <sys/prctl.h>
#include <sys/resource.h> #include <sys/resource.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h> #include <sys/uio.h>
#include <sys/un.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h> #include <unistd.h>
@ -32,12 +32,13 @@
#include <cerrno> #include <cerrno>
#include <csignal> #include <csignal>
#include <cstdint> #include <cstdint>
#include <cstdio>
#include <cstdlib> #include <cstdlib>
#include <cstring> #include <cstring>
#include <fstream> #include <fstream>
#include <memory> #include <initializer_list>
#include <string> #include <string>
#include <utility>
#include <vector>
#include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_map.h"
#include "absl/container/flat_hash_set.h" #include "absl/container/flat_hash_set.h"
@ -47,6 +48,7 @@
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/str_join.h" #include "absl/strings/str_join.h"
#include "absl/strings/str_split.h" #include "absl/strings/str_split.h"
#include "absl/strings/string_view.h"
#include "libcap/include/sys/capability.h" #include "libcap/include/sys/capability.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"

View File

@ -13,13 +13,13 @@
// limitations under the License. // limitations under the License.
#include <sys/prctl.h> #include <sys/prctl.h>
#include <sys/socket.h>
#include <unistd.h>
#include <csignal> #include <csignal>
#include <cstdlib> #include <cstdlib>
#include "absl/base/log_severity.h"
#include "absl/log/globals.h" #include "absl/log/globals.h"
#include "absl/status/status.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/forkserver.h" #include "sandboxed_api/sandbox2/forkserver.h"

View File

@ -16,13 +16,14 @@
#include <fcntl.h> #include <fcntl.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <syscall.h> #include <sys/wait.h>
#include <unistd.h> #include <unistd.h>
#include <utility> #include <string>
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "absl/log/check.h" #include "absl/log/check.h"
#include "absl/log/log.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "sandboxed_api/sandbox2/forkserver.pb.h" #include "sandboxed_api/sandbox2/forkserver.pb.h"
#include "sandboxed_api/sandbox2/global_forkclient.h" #include "sandboxed_api/sandbox2/global_forkclient.h"

View File

@ -19,20 +19,17 @@
#include <fcntl.h> #include <fcntl.h>
#include <sched.h> #include <sched.h>
#include <sys/mman.h> #include <sys/mman.h>
#include <sys/prctl.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <climits> #include <cerrno>
#include <csignal>
#include <cstdlib> #include <cstdlib>
#include <memory> #include <memory>
#include <string> #include <string>
#include <vector> #include <vector>
#include "absl/base/const_init.h"
#include "absl/cleanup/cleanup.h" #include "absl/cleanup/cleanup.h"
#include "absl/flags/flag.h" #include "absl/flags/flag.h"
#include "absl/log/log.h" #include "absl/log/log.h"

View File

@ -21,6 +21,7 @@
#include <sys/types.h> #include <sys/types.h>
#include <bitset> #include <bitset>
#include <cstddef>
#include <string> #include <string>
#include "absl/base/thread_annotations.h" #include "absl/base/thread_annotations.h"

View File

@ -22,6 +22,7 @@
#include <memory> #include <memory>
#include <string> #include <string>
#include <tuple> #include <tuple>
#include <vector>
#include <thread> #include <thread>
#include "absl/log/log.h" #include "absl/log/log.h"

View File

@ -23,6 +23,7 @@
#include <tuple> #include <tuple>
#include <vector> #include <vector>
#include "absl/base/attributes.h"
#include "absl/strings/string_view.h" #include "absl/strings/string_view.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"

View File

@ -15,9 +15,10 @@
#include "sandboxed_api/sandbox2/ipc.h" #include "sandboxed_api/sandbox2/ipc.h"
#include <memory> #include <memory>
#include <string>
#include <utility> #include <utility>
#include <vector>
#include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"

View File

@ -20,7 +20,6 @@
#include <utility> #include <utility>
#include <vector> #include <vector>
#include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"

View File

@ -17,8 +17,11 @@
#include <unistd.h> #include <unistd.h>
#include <csignal> #include <csignal>
#include <cstdio>
#include <string> #include <string>
#include "absl/base/log_severity.h"
#include "absl/log/log_entry.h"
#include "absl/log/log_sink_registry.h" #include "absl/log/log_sink_registry.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/str_format.h" #include "absl/strings/str_format.h"

View File

@ -16,11 +16,16 @@
#include "sandboxed_api/sandbox2/monitor_base.h" #include "sandboxed_api/sandbox2/monitor_base.h"
#include <pthread.h>
#include <sched.h> #include <sched.h>
#include <signal.h>
#include <sys/resource.h>
#include <syscall.h> #include <syscall.h>
#include <cerrno> #include <cerrno>
#include <cstdint>
#include <cstdio> #include <cstdio>
#include <iomanip>
#include <memory> #include <memory>
#include <optional> #include <optional>
#include <string> #include <string>
@ -30,10 +35,14 @@
#include "absl/cleanup/cleanup.h" #include "absl/cleanup/cleanup.h"
#include "absl/flags/declare.h" #include "absl/flags/declare.h"
#include "absl/flags/flag.h" #include "absl/flags/flag.h"
#include "absl/log/check.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/match.h" #include "absl/strings/match.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/string_view.h"
#include "absl/synchronization/notification.h"
#include "absl/time/time.h" #include "absl/time/time.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"

View File

@ -19,6 +19,7 @@
#define SANDBOXED_API_SANDBOX2_MONITOR_BASE_H_ #define SANDBOXED_API_SANDBOX2_MONITOR_BASE_H_
#include <sys/resource.h> #include <sys/resource.h>
#include <sys/types.h>
#include <cstdint> #include <cstdint>
#include <cstdio> #include <cstdio>
@ -29,6 +30,7 @@
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/synchronization/notification.h" #include "absl/synchronization/notification.h"
#include "absl/time/time.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/fork_client.h" #include "sandboxed_api/sandbox2/fork_client.h"

View File

@ -17,27 +17,39 @@
#include "sandboxed_api/sandbox2/monitor_ptrace.h" #include "sandboxed_api/sandbox2/monitor_ptrace.h"
#include <sys/ptrace.h> #include <sys/ptrace.h>
#include <sys/resource.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <algorithm>
#include <atomic> #include <atomic>
#include <cerrno> #include <cerrno>
#include <csignal> #include <cstdint>
#include <ctime>
#include <deque> #include <deque>
#include <fstream> #include <fstream>
#include <memory> #include <memory>
#include <sstream>
#include <string> #include <string>
#include <utility> #include <utility>
#include <vector>
#include "absl/base/optimization.h"
#include "absl/cleanup/cleanup.h" #include "absl/cleanup/cleanup.h"
#include "absl/container/flat_hash_map.h"
#include "absl/container/flat_hash_set.h" #include "absl/container/flat_hash_set.h"
#include "absl/flags/declare.h" #include "absl/flags/declare.h"
#include "absl/flags/flag.h" #include "absl/flags/flag.h"
#include "absl/log/check.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/str_format.h"
#include "absl/strings/string_view.h"
#include "absl/synchronization/mutex.h"
#include "absl/synchronization/notification.h"
#include "absl/time/clock.h"
#include "absl/time/time.h" #include "absl/time/time.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"

View File

@ -19,14 +19,16 @@
#define SANDBOXED_API_SANDBOX2_MONITOR_PTRACE_H_ #define SANDBOXED_API_SANDBOX2_MONITOR_PTRACE_H_
#include <atomic> #include <atomic>
#include <csignal>
#include <cstdint> #include <cstdint>
#include <memory> #include <memory>
#include <thread> #include <thread>
#include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_map.h"
#include "absl/log/log.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"
#include "absl/synchronization/notification.h" #include "absl/synchronization/notification.h"
#include "absl/time/clock.h"
#include "absl/time/time.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/monitor_base.h" #include "sandboxed_api/sandbox2/monitor_base.h"
#include "sandboxed_api/sandbox2/notify.h" #include "sandboxed_api/sandbox2/notify.h"

View File

@ -1,20 +1,38 @@
#include "sandboxed_api/sandbox2/monitor_unotify.h" #include "sandboxed_api/sandbox2/monitor_unotify.h"
#include <linux/audit.h> #include <linux/audit.h>
#include <linux/filter.h>
#include <linux/ioctl.h>
#include <linux/seccomp.h> #include <linux/seccomp.h>
#include <poll.h> #include <poll.h>
#include <sys/eventfd.h> #include <sys/eventfd.h>
#include <sys/ioctl.h> #include <sys/ioctl.h>
#include <sys/ptrace.h> #include <sys/ptrace.h>
#include <sys/resource.h>
#include <sys/sysinfo.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <algorithm>
#include <atomic>
#include <cerrno>
#include <cstdint>
#include <cstdlib>
#include <cstring>
#include <memory>
#include <string>
#include <utility>
#include <vector>
#include "absl/base/macros.h"
#include "absl/cleanup/cleanup.h" #include "absl/cleanup/cleanup.h"
#include "absl/log/check.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h"
#include "absl/synchronization/mutex.h"
#include "absl/synchronization/notification.h"
#include "absl/time/clock.h"
#include "absl/time/time.h" #include "absl/time/time.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
#include "sandboxed_api/sandbox2/forkserver.pb.h" #include "sandboxed_api/sandbox2/forkserver.pb.h"

View File

@ -2,15 +2,22 @@
#define SANDBOXED_API_SANDBOX2_MONITOR_UNOTIFY_H_ #define SANDBOXED_API_SANDBOX2_MONITOR_UNOTIFY_H_
#include <linux/seccomp.h> #include <linux/seccomp.h>
#include <sys/sysinfo.h>
#include <sys/types.h>
#include <atomic> #include <atomic>
#include <cstdlib>
#include <memory> #include <memory>
#include <thread> #include <thread>
#include <string> #include <string>
#include <vector> #include <vector>
#include "absl/log/log.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"
#include "absl/synchronization/notification.h"
#include "absl/time/clock.h"
#include "absl/time/time.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/monitor_base.h" #include "sandboxed_api/sandbox2/monitor_base.h"
#include "sandboxed_api/sandbox2/notify.h" #include "sandboxed_api/sandbox2/notify.h"

View File

@ -21,15 +21,18 @@
#include <sys/types.h> #include <sys/types.h>
#include <unistd.h> #include <unistd.h>
#include <climits> #include <cerrno>
#include <memory> #include <cstddef>
#include <cstdint>
#include <string> #include <string>
#include <tuple>
#include <utility> #include <utility>
#include <vector> #include <vector>
#include "absl/container/flat_hash_set.h" #include "absl/container/flat_hash_set.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/strings/match.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/str_join.h" #include "absl/strings/str_join.h"
#include "absl/strings/str_split.h" #include "absl/strings/str_split.h"

View File

@ -15,7 +15,9 @@
#ifndef SANDBOXED_API_SANDBOX2_MOUNTTREE_H_ #ifndef SANDBOXED_API_SANDBOX2_MOUNTTREE_H_
#define SANDBOXED_API_SANDBOX2_MOUNTTREE_H_ #define SANDBOXED_API_SANDBOX2_MOUNTTREE_H_
#include <cstddef>
#include <string> #include <string>
#include <utility>
#include <vector> #include <vector>
#include "absl/status/status.h" #include "absl/status/status.h"

View File

@ -16,10 +16,13 @@
#include <unistd.h> #include <unistd.h>
#include <utility> #include <cstddef>
#include <string>
#include <vector>
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "absl/status/status.h"
#include "absl/strings/match.h" #include "absl/strings/match.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "sandboxed_api/testing.h" #include "sandboxed_api/testing.h"

View File

@ -27,9 +27,12 @@
#include <syscall.h> #include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <cstdint>
#include <cstring> #include <cstring>
#include <memory> #include <memory>
#include <string>
#include <utility> #include <utility>
#include <vector>
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "sandboxed_api/sandbox2/violation.pb.h" #include "sandboxed_api/sandbox2/violation.pb.h"

View File

@ -18,6 +18,7 @@
#ifndef SANDBOXED_API_SANDBOX2_NAMESPACE_H_ #ifndef SANDBOXED_API_SANDBOX2_NAMESPACE_H_
#define SANDBOXED_API_SANDBOX2_NAMESPACE_H_ #define SANDBOXED_API_SANDBOX2_NAMESPACE_H_
#include <sched.h>
#include <sys/types.h> #include <sys/types.h>
#include <cstdint> #include <cstdint>

View File

@ -14,11 +14,9 @@
#include "sandboxed_api/sandbox2/namespace.h" #include "sandboxed_api/sandbox2/namespace.h"
#include <fcntl.h>
#include <sys/socket.h>
#include <syscall.h>
#include <unistd.h> #include <unistd.h>
#include <cstdint>
#include <initializer_list> #include <initializer_list>
#include <memory> #include <memory>
#include <string> #include <string>
@ -27,8 +25,10 @@
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "absl/log/log.h" #include "absl/log/check.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/string_view.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/allow_all_syscalls.h" #include "sandboxed_api/sandbox2/allow_all_syscalls.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"

View File

@ -30,6 +30,7 @@ cc_library(
"//sandboxed_api/sandbox2:comms", "//sandboxed_api/sandbox2:comms",
"//sandboxed_api/util:fileops", "//sandboxed_api/util:fileops",
"@com_google_absl//absl/log", "@com_google_absl//absl/log",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor", "@com_google_absl//absl/status:statusor",
], ],
) )

View File

@ -18,11 +18,12 @@ add_library(sandbox2_network_proxy_server ${SAPI_LIB_TYPE}
server.h server.h
) )
add_library(sandbox2::network_proxy_server ALIAS sandbox2_network_proxy_server) add_library(sandbox2::network_proxy_server ALIAS sandbox2_network_proxy_server)
target_link_libraries(sandbox2_network_proxy_server PRIVATE target_link_libraries(sandbox2_network_proxy_server
sandbox2::comms PRIVATE absl::status
sapi::fileops sapi::fileops
sandbox2::network_proxy_filtering sapi::base
sapi::base PUBLIC sandbox2::comms
sandbox2::network_proxy_filtering
) )
# sandboxed_api/sandbox2/network_proxy:filtering # sandboxed_api/sandbox2/network_proxy:filtering

View File

@ -14,17 +14,16 @@
#include "sandboxed_api/sandbox2/network_proxy/client.h" #include "sandboxed_api/sandbox2/network_proxy/client.h"
#include <linux/net.h> #include <sys/socket.h>
#include <linux/seccomp.h>
#include <stdio.h>
#include <syscall.h> #include <syscall.h>
#include <unistd.h>
#include <cerrno> #include <cerrno>
#include <iostream> #include <cstdint>
#include <memory>
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/synchronization/mutex.h"
#include "sandboxed_api/sandbox2/util/syscall_trap.h" #include "sandboxed_api/sandbox2/util/syscall_trap.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"

View File

@ -16,6 +16,9 @@
#define SANDBOXED_API_SANDBOX2_NETWORK_PROXY_CLIENT_H_ #define SANDBOXED_API_SANDBOX2_NETWORK_PROXY_CLIENT_H_
#include <netinet/in.h> #include <netinet/in.h>
#include <sys/socket.h>
#include <cstdint>
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"

View File

@ -15,6 +15,15 @@
#include "sandboxed_api/sandbox2/network_proxy/filtering.h" #include "sandboxed_api/sandbox2/network_proxy/filtering.h"
#include <arpa/inet.h> #include <arpa/inet.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <algorithm>
#include <cerrno>
#include <cstdint>
#include <cstring>
#include <string>
#include <vector>
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"

View File

@ -17,8 +17,12 @@
#include <netinet/in.h> #include <netinet/in.h>
#include <cstdint>
#include <memory> #include <memory>
#include <string>
#include <vector>
#include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"

View File

@ -15,8 +15,12 @@
#include "sandboxed_api/sandbox2/network_proxy/filtering.h" #include "sandboxed_api/sandbox2/network_proxy/filtering.h"
#include <arpa/inet.h> #include <arpa/inet.h>
#include <linux/unistd.h> #include <netinet/in.h>
#include <string.h> #include <sys/socket.h>
#include <cstdint>
#include <cstring>
#include <string>
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"

View File

@ -14,19 +14,21 @@
#include "sandboxed_api/sandbox2/network_proxy/server.h" #include "sandboxed_api/sandbox2/network_proxy/server.h"
#include <arpa/inet.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <pthread.h>
#include <signal.h> #include <signal.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h> #include <sys/types.h>
#include <syscall.h>
#include <atomic>
#include <cerrno> #include <cerrno>
#include <cstring>
#include <memory> #include <memory>
#include <string>
#include <utility>
#include <vector>
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "sandboxed_api/util/fileops.h" #include "sandboxed_api/util/fileops.h"

View File

@ -15,7 +15,11 @@
#ifndef SANDBOXED_API_SANDBOX2_NETWORK_PROXY_SERVER_H_ #ifndef SANDBOXED_API_SANDBOX2_NETWORK_PROXY_SERVER_H_
#define SANDBOXED_API_SANDBOX2_NETWORK_PROXY_SERVER_H_ #define SANDBOXED_API_SANDBOX2_NETWORK_PROXY_SERVER_H_
#include <pthread.h>
#include <atomic>
#include <memory> #include <memory>
#include <string>
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/network_proxy/filtering.h" #include "sandboxed_api/sandbox2/network_proxy/filtering.h"

View File

@ -14,6 +14,7 @@
#include "sandboxed_api/sandbox2/notify.h" #include "sandboxed_api/sandbox2/notify.h"
#include <sys/types.h>
#include <syscall.h> #include <syscall.h>
#include <memory> #include <memory>
@ -32,7 +33,6 @@
#include "sandboxed_api/sandbox2/policybuilder.h" #include "sandboxed_api/sandbox2/policybuilder.h"
#include "sandboxed_api/sandbox2/sandbox2.h" #include "sandboxed_api/sandbox2/sandbox2.h"
#include "sandboxed_api/sandbox2/syscall.h" #include "sandboxed_api/sandbox2/syscall.h"
#include "sandboxed_api/sandbox2/util/bpf_helper.h"
#include "sandboxed_api/testing.h" #include "sandboxed_api/testing.h"
namespace sandbox2 { namespace sandbox2 {

View File

@ -18,14 +18,20 @@
#include <fcntl.h> #include <fcntl.h>
#include <linux/audit.h> #include <linux/audit.h>
#include <linux/ipc.h> #include <linux/bpf_common.h>
#include <linux/filter.h>
#include <linux/seccomp.h>
#include <sched.h> #include <sched.h>
#include <syscall.h> #include <syscall.h>
#include <cstdint>
#include <optional>
#include <string> #include <string>
#include <vector>
#include "absl/flags/flag.h" #include "absl/flags/flag.h"
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/strings/string_view.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/bpfdisassembler.h" #include "sandboxed_api/sandbox2/bpfdisassembler.h"
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"

Some files were not shown because too many files have changed in this diff Show More