StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

#Cleanup: Consistently use std::make_unique

Browse Source 
PiperOrigin-RevId: 480597371
Change-Id: I145586382ad7a7694384cc672986132376a47465
This commit is contained in:
Christian Blichmann 2022-10-12 05:22:51 -07:00 committed by Copybara-Service
parent cb8efdc270
commit 79b6784b82
73 changed files with 131 additions and 213 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
contrib/jsonnet/jsonnet_tests.cc
View File

@ -47,13 +47,13 @@ class JsonnetTest : public ::testing::Test {
sapi::file::JoinPath(binary_path, "tests_output", "dummy_input");
// Set up sandbox and api.
sandbox_ = absl::make_unique<JsonnetBaseSandbox>(input_path, output_path);
sandbox_ = std::make_unique<JsonnetBaseSandbox>(input_path, output_path);
ASSERT_THAT(sandbox_->Init(), sapi::IsOk());
api_ = absl::make_unique<JsonnetApi>(sandbox_.get());
api_ = std::make_unique<JsonnetApi>(sandbox_.get());
// Initialize library's main structure.
SAPI_ASSERT_OK_AND_ASSIGN(JsonnetVm * vm_ptr, api_->c_jsonnet_make());
vm_ = absl::make_unique<sapi::v::RemotePtr>(vm_ptr);
vm_ = std::make_unique<sapi::v::RemotePtr>(vm_ptr);
}
void TearDown() override {
@ -98,7 +98,7 @@ void JsonnetTest::ReadInput(const char* filename) {
SAPI_ASSERT_OK_AND_ASSIGN(char* input_ptr,
api_->c_read_input(0, in_file_var.PtrBefore()));
input_ = absl::make_unique<sapi::v::RemotePtr>(input_ptr);
input_ = std::make_unique<sapi::v::RemotePtr>(input_ptr);
input_was_read_ = true;
}
@ -140,7 +140,7 @@ void JsonnetTest::EvaluateJsonnetCode(Evaluation type, bool expected_correct) {
ASSERT_THAT(error.GetValue(), testing::Eq(1));
}
output_ = absl::make_unique<sapi::v::RemotePtr>(output_ptr);
output_ = std::make_unique<sapi::v::RemotePtr>(output_ptr);
jsonnet_vm_was_used_ = true;
}

4
contrib/libzip/utils/utils_zip.cc
View File

@ -61,7 +61,7 @@ absl::Status LibZip::OpenRemote() {
SAPI_RETURN_IF_ERROR(sandbox_->TransferToSandboxee(&rfd_));
SAPI_ASSIGN_OR_RETURN(void* zipsource, CreateSourceFromFd(rfd_));
zipsource_ = absl::make_unique<sapi::v::RemotePtr>(zipsource);
zipsource_ = std::make_unique<sapi::v::RemotePtr>(zipsource);
sapi::v::NullPtr null_ptr;
absl::StatusOr<zip_t*> status_or_zip =
@ -74,7 +74,7 @@ absl::Status LibZip::OpenRemote() {
SAPI_RETURN_IF_ERROR(api_.zip_source_keep(&(*zipsource_)));
zip_ = absl::make_unique<sapi::v::RemotePtr>(*status_or_zip);
zip_ = std::make_unique<sapi::v::RemotePtr>(*status_or_zip);
return absl::OkStatus();
}

1
contrib/lodepng/examples/CMakeLists.txt
View File

@ -51,7 +51,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
)
target_link_libraries(main_unit_test PRIVATE
sapi_contrib::lodepng
absl::memory
absl::strings
absl::time
sapi::flags

2
oss-internship-2020/libarchive/examples/sapi_minitar.cc
View File

@ -322,7 +322,7 @@ absl::Status ExtractArchive(const char* filename, int do_extract, int flags,
// We should only delete it if the do_extract flag is true which
// means that this struct is instantiated only in that case.
auto cleanup_ptr =
do_extract ? absl::make_unique<ExtractTempDirectoryCleanup>(tmp_dir)
do_extract ? std::make_unique<ExtractTempDirectoryCleanup>(tmp_dir)
: nullptr;
std::string filename_absolute = MakeAbsolutePathAtCWD(filename);

3
sandboxed_api/BUILD.bazel
View File

@ -88,7 +88,6 @@ cc_library(
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/base:dynamic_annotations",
"@com_google_absl//absl/container:flat_hash_map",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
@ -157,7 +156,6 @@ cc_library(
"//sandboxed_api/sandbox2:comms",
"//sandboxed_api/util:status",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
@ -207,7 +205,6 @@ cc_test(
"//sandboxed_api/examples/sum:sum-sapi",
"//sandboxed_api/examples/sum:sum-sapi_embed",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_benchmark//:benchmark",
"@com_google_googletest//:gtest_main",

2
sandboxed_api/CMakeLists.txt
View File

@ -77,7 +77,6 @@ add_library(sapi::sapi ALIAS sapi_sapi)
target_link_libraries(sapi_sapi
PRIVATE absl::dynamic_annotations
absl::flat_hash_map
absl::memory
absl::status
absl::statusor
absl::str_format
@ -209,7 +208,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING AND NOT CMAKE_CROSSCOMPILING)
sapi_test.cc
)
target_link_libraries(sapi_test PRIVATE
absl::memory
absl::status
absl::statusor
benchmark

2
sandboxed_api/examples/hello_sapi/hello_transacted.cc
View File

@ -66,7 +66,7 @@ class CustomHelloSandbox : public HelloSandbox {
int main() {
std::cout << "Calling into a sandboxee to add two numbers...\n";
sapi::BasicTransaction transaction(absl::make_unique<CustomHelloSandbox>());
sapi::BasicTransaction transaction(std::make_unique<CustomHelloSandbox>());
absl::Status status =
transaction.Run([](sapi::Sandbox* sandbox) -> absl::Status {

5
sandboxed_api/examples/stringop/BUILD.bazel
View File

@ -14,12 +14,12 @@
# Description: Example using dynamic length structures for Sandboxed API
package(default_visibility = ["//sandboxed_api:__subpackages__"])
load("//sandboxed_api/bazel:build_defs.bzl", "sapi_platform_copts")
load("//sandboxed_api/bazel:proto.bzl", "sapi_proto_library")
load("//sandboxed_api/bazel:sapi.bzl", "sapi_library")
package(default_visibility = ["//sandboxed_api:__subpackages__"])
licenses(["notice"])
sapi_proto_library(
@ -77,7 +77,6 @@ cc_test(
"//sandboxed_api/util:flags",
"//sandboxed_api/util:status",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/time",
"@com_google_googletest//:gtest_main",

1
sandboxed_api/examples/stringop/CMakeLists.txt
View File

@ -72,7 +72,6 @@ if(SAPI_BUILD_TESTING)
)
set_target_properties(sapi_main_stringop PROPERTIES OUTPUT_NAME main_stringop)
target_link_libraries(sapi_main_stringop PRIVATE
absl::memory
absl::strings
absl::time
glog::glog

5
sandboxed_api/examples/stringop/main_stringop.cc
View File

@ -16,11 +16,12 @@
#include <sys/stat.h>
#include <sys/types.h>
#include <memory>
#include <glog/logging.h>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/time/time.h"
#include "sandboxed_api/examples/stringop/sandbox.h"
@ -40,7 +41,7 @@ using ::testing::StrEq;
// Tests using a simple transaction (and function pointers):
TEST(StringopTest, ProtobufStringDuplication) {
sapi::BasicTransaction st(absl::make_unique<StringopSapiSandbox>());
sapi::BasicTransaction st(std::make_unique<StringopSapiSandbox>());
EXPECT_THAT(st.Run([](sapi::Sandbox* sandbox) -> absl::Status {
StringopApi api(sandbox);
stringop::StringDuplication proto;

1
sandboxed_api/examples/sum/BUILD.bazel
View File

@ -84,7 +84,6 @@ cc_binary(
"//sandboxed_api:vars",
"//sandboxed_api/util:flags",
"//sandboxed_api/util:logging",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/strings",
],

1
sandboxed_api/examples/sum/CMakeLists.txt
View File

@ -79,7 +79,6 @@ add_executable(sapi_main_sum
set_target_properties(sapi_main_sum PROPERTIES OUTPUT_NAME main_sum)
add_executable(sapi::main_sum ALIAS sapi_main_sum)
target_link_libraries(sapi_main_sum PRIVATE
absl::memory
absl::strings
glog::glog
sapi::base

13
sandboxed_api/examples/sum/main_sum.cc
View File

@ -16,9 +16,10 @@
#include <sys/stat.h>
#include <sys/types.h>
#include <memory>
#include <glog/logging.h>
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/examples/sum/sandbox.h"
@ -212,7 +213,7 @@ int main(int argc, char* argv[]) {
absl::Status status;
sapi::BasicTransaction st{absl::make_unique<SumSapiSandbox>()};
sapi::BasicTransaction st{std::make_unique<SumSapiSandbox>()};
// Using the simple transaction (and function pointers):
CHECK(st.Run(test_addition, 1, 1, 2).ok());
CHECK(st.Run(test_addition, 1336, 1, 1337).ok());
@ -257,14 +258,14 @@ int main(int argc, char* argv[]) {
CHECK(status.ok()) << status.message();
// Using overloaded transaction class:
SumTransaction sapi_crash{absl::make_unique<SumSapiSandbox>(), /*crash=*/true,
SumTransaction sapi_crash{std::make_unique<SumSapiSandbox>(), /*crash=*/true,
/*violate=*/false,
/*time_out=*/false};
status = sapi_crash.Run();
LOG(INFO) << "Final run result for crash: " << status;
CHECK(status.code() == absl::StatusCode::kUnavailable);
SumTransaction sapi_violate{absl::make_unique<SumSapiSandbox>(),
SumTransaction sapi_violate{std::make_unique<SumSapiSandbox>(),
/*crash=*/false,
/*violate=*/true,
/*time_out=*/false};
@ -272,7 +273,7 @@ int main(int argc, char* argv[]) {
LOG(INFO) << "Final run result for violate: " << status;
CHECK(status.code() == absl::StatusCode::kUnavailable);
SumTransaction sapi_timeout{absl::make_unique<SumSapiSandbox>(),
SumTransaction sapi_timeout{std::make_unique<SumSapiSandbox>(),
/*crash=*/false,
/*violate=*/false,
/*time_out=*/true};
@ -280,7 +281,7 @@ int main(int argc, char* argv[]) {
LOG(INFO) << "Final run result for timeout: " << status;
CHECK(status.code() == absl::StatusCode::kUnavailable);
SumTransaction sapi{absl::make_unique<SumSapiSandbox>(), /*crash=*/false,
SumTransaction sapi{std::make_unique<SumSapiSandbox>(), /*crash=*/false,
/*violate=*/false, /*time_out=*/false};
for (int i = 0; i < 32; ++i) {
status = sapi.Run();

14
sandboxed_api/sandbox.cc
View File

@ -21,12 +21,12 @@
#include <algorithm>
#include <cstdarg>
#include <cstdio>
#include <memory>
#include <glog/logging.h>
#include "absl/base/casts.h"
#include "absl/base/dynamic_annotations.h"
#include "absl/base/macros.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h"
@ -164,8 +164,8 @@ absl::Status Sandbox::Init() {
forkserver_executor_ =
(embed_lib_fd >= 0)
? absl::make_unique<sandbox2::Executor>(embed_lib_fd, args, envs)
: absl::make_unique<sandbox2::Executor>(lib_path, args, envs);
? std::make_unique<sandbox2::Executor>(embed_lib_fd, args, envs)
: std::make_unique<sandbox2::Executor>(lib_path, args, envs);
fork_client_ = forkserver_executor_->StartForkServer();
@ -180,7 +180,7 @@ absl::Status Sandbox::Init() {
auto s2p = ModifyPolicy(&policy_builder);
// Spawn new process from the forkserver.
auto executor = absl::make_unique<sandbox2::Executor>(fork_client_.get());
auto executor = std::make_unique<sandbox2::Executor>(fork_client_.get());
executor
// The client.cc code is capable of enabling sandboxing on its own.
@ -197,15 +197,15 @@ absl::Status Sandbox::Init() {
// Modify the executor, e.g. by setting custom limits and IPC.
ModifyExecutor(executor.get());
s2_ = absl::make_unique<sandbox2::Sandbox2>(std::move(executor),
std::move(s2p), CreateNotifier());
s2_ = std::make_unique<sandbox2::Sandbox2>(std::move(executor),
std::move(s2p), CreateNotifier());
s2_awaited_ = false;
auto res = s2_->RunAsync();
comms_ = s2_->comms();
pid_ = s2_->pid();
rpc_channel_ = absl::make_unique<RPCChannel>(comms_);
rpc_channel_ = std::make_unique<RPCChannel>(comms_);
if (!res) {
Terminate();

20
sandboxed_api/sandbox2/BUILD.bazel
View File

@ -110,7 +110,6 @@ cc_library(
":syscall",
":util",
"//sandboxed_api:config",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
@ -159,7 +158,6 @@ cc_library(
":logserver",
":logsink",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
],
)
@ -251,7 +249,6 @@ cc_library(
"//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:status",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
@ -291,7 +288,6 @@ cc_library(
"//sandboxed_api/util:fileops",
"//sandboxed_api/util:status",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/strings",
"@com_google_absl//absl/types:span",
@ -393,7 +389,6 @@ cc_library(
"//sandboxed_api/util:strerror",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/container:flat_hash_map",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
],
)
@ -443,7 +438,6 @@ cc_library(
"//sandboxed_api/util:strerror",
"@com_google_absl//absl/container:flat_hash_map",
"@com_google_absl//absl/container:flat_hash_set",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
@ -523,7 +517,6 @@ cc_library(
"//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:strerror",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_absl//absl/strings:str_format",
],
@ -546,7 +539,6 @@ cc_test(
"//sandboxed_api/util:fileops",
"//sandboxed_api/util:status_matchers",
"//sandboxed_api/util:temp_file",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main",
],
@ -563,7 +555,6 @@ cc_library(
":comms",
":forkserver",
":sanitizer",
"@com_google_absl//absl/memory",
],
)
@ -602,7 +593,6 @@ cc_library(
":util",
"//sandboxed_api/util:status",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
@ -622,7 +612,6 @@ cc_test(
"//sandboxed_api:config",
"//sandboxed_api:testing",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_googletest//:gtest_main",
],
)
@ -654,7 +643,6 @@ cc_library(
"@com_google_absl//absl/base:config",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/base:dynamic_annotations",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
@ -716,7 +704,6 @@ cc_test(
"//sandboxed_api:testing",
"//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_googletest//:gtest_main",
],
)
@ -736,7 +723,6 @@ cc_test(
":sandbox2",
"//sandboxed_api:testing",
"//sandboxed_api/sandbox2/util:bpf_helper",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main",
],
@ -761,7 +747,6 @@ cc_test(
"//sandboxed_api:config",
"//sandboxed_api:testing",
"//sandboxed_api/sandbox2/util:bpf_helper",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main",
],
@ -788,7 +773,6 @@ cc_test(
"//sandboxed_api:testing",
"//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main",
],
@ -812,7 +796,6 @@ cc_test(
"//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/container:flat_hash_set",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main",
],
@ -851,7 +834,6 @@ cc_test(
"//sandboxed_api/util:status_matchers",
"//sandboxed_api/util:temp_file",
"@com_google_absl//absl/cleanup",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
"@com_google_googletest//:gtest_main",
@ -870,7 +852,6 @@ cc_test(
"//sandboxed_api:testing",
"//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_googletest//:gtest_main",
],
)
@ -906,7 +887,6 @@ cc_test(
"//sandboxed_api:testing",
"//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:status_matchers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",

32
sandboxed_api/sandbox2/CMakeLists.txt
View File

@ -73,7 +73,6 @@ add_library(sandbox2_result ${SAPI_LIB_TYPE}
add_library(sandbox2::result ALIAS sandbox2_result)
target_link_libraries(sandbox2_result PRIVATE
absl::base
absl::memory
absl::strings
sapi::config
sandbox2::regs
@ -104,8 +103,7 @@ add_library(sandbox2_logserver ${SAPI_LIB_TYPE}
)
add_library(sandbox2::logserver ALIAS sandbox2_logserver)
target_link_libraries(sandbox2_logserver
PRIVATE absl::memory
sandbox2::comms
PRIVATE sandbox2::comms
sandbox2::logserver_proto
sapi::base
PUBLIC glog::glog
@ -134,7 +132,6 @@ add_library(sandbox2_ipc ${SAPI_LIB_TYPE}
add_library(sandbox2::ipc ALIAS sandbox2_ipc)
target_link_libraries(sandbox2_ipc PRIVATE
absl::core_headers
absl::memory
absl::strings
sandbox2::comms
sandbox2::logserver
@ -227,8 +224,7 @@ add_library(sandbox2_global_forkserver ${SAPI_LIB_TYPE}
)
add_library(sandbox2::global_forkserver ALIAS sandbox2_global_forkserver)
target_link_libraries(sandbox2_global_forkserver
PRIVATE absl::memory
absl::strings
PRIVATE absl::strings
absl::status
absl::statusor
glog::glog
@ -273,7 +269,6 @@ add_library(sandbox2_executor ${SAPI_LIB_TYPE}
add_library(sandbox2::executor ALIAS sandbox2_executor)
target_link_libraries(sandbox2_executor
PRIVATE absl::core_headers
absl::memory
sandbox2::forkserver_proto
sandbox2::ipc
sandbox2::limits
@ -308,7 +303,6 @@ target_link_libraries(sandbox2_sandbox2
PRIVATE absl::core_headers
absl::cleanup
absl::flat_hash_set
absl::memory
absl::optional
absl::span
absl::str_format
@ -361,7 +355,6 @@ add_library(sandbox2_client ${SAPI_LIB_TYPE}
add_library(sandbox2::client ALIAS sandbox2_client)
target_link_libraries(sandbox2_client
PRIVATE absl::core_headers
absl::memory
absl::strings
sandbox2::sanitizer
sapi::strerror
@ -402,7 +395,6 @@ add_library(sandbox2::forkserver ALIAS sandbox2_forkserver)
target_link_libraries(sandbox2_forkserver PRIVATE
absl::flat_hash_map
absl::flat_hash_set
absl::memory
absl::status
absl::statusor
absl::str_format
@ -473,7 +465,6 @@ add_library(sandbox2_namespace ${SAPI_LIB_TYPE}
add_library(sandbox2::namespace ALIAS sandbox2_namespace)
target_link_libraries(sandbox2_namespace PRIVATE
absl::core_headers
absl::memory
absl::str_format
absl::strings
protobuf::libprotobuf
@ -495,8 +486,7 @@ add_library(sandbox2_forkingclient ${SAPI_LIB_TYPE}
)
add_library(sandbox2::forkingclient ALIAS sandbox2_forkingclient)
target_link_libraries(sandbox2_forkingclient
PRIVATE absl::memory
glog::glog
PRIVATE glog::glog
sandbox2::sanitizer
sapi::base
PUBLIC sandbox2::client
@ -540,7 +530,6 @@ add_library(sandbox2_buffer ${SAPI_LIB_TYPE}
add_library(sandbox2::buffer ALIAS sandbox2_buffer)
target_link_libraries(sandbox2_buffer
PRIVATE absl::core_headers
absl::memory
absl::status
absl::strings
sapi::strerror
@ -586,8 +575,7 @@ add_library(sandbox2_comms ${SAPI_LIB_TYPE}
)
add_library(sandbox2::comms ALIAS sandbox2_comms)
target_link_libraries(sandbox2_comms
PRIVATE absl::memory
absl::status
PRIVATE absl::status
absl::statusor
absl::str_format
absl::strings
@ -692,7 +680,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_namespace
)
target_link_libraries(sandbox2_namespace_test PRIVATE
absl::memory
absl::strings
sandbox2::comms
sapi::config
@ -720,7 +707,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_buffer
)
target_link_libraries(sandbox2_buffer_test PRIVATE
absl::memory
sandbox2::buffer
sandbox2::comms
sapi::config
@ -801,7 +787,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_minimal
)
target_link_libraries(sandbox2_limits_test PRIVATE
absl::memory
sandbox2::bpf_helper
sapi::config
sandbox2::limits
@ -827,7 +812,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_pidcomms
)
target_link_libraries(sandbox2_notify_test PRIVATE
absl::memory
absl::strings
sandbox2::bpf_helper
sandbox2::comms
@ -856,7 +840,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_policy
)
target_link_libraries(sandbox2_policy_test PRIVATE
absl::memory
absl::strings
sandbox2::bpf_helper
sapi::config
@ -885,7 +868,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_tsync
)
target_link_libraries(sandbox2_sandbox2_test PRIVATE
absl::memory
absl::strings
sandbox2::bpf_helper
sapi::config
@ -911,7 +893,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_close_fds
)
target_link_libraries(sandbox2_sanitizer_test PRIVATE
absl::memory
absl::strings
sandbox2::bpf_helper
sandbox2::client
@ -955,7 +936,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
)
target_link_libraries(sandbox2_stack_trace_test PRIVATE
absl::cleanup
absl::memory
absl::status
absl::strings
sandbox2::bpf_helper
@ -985,7 +965,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_ipc
)
target_link_libraries(sandbox2_ipc_test PRIVATE
absl::memory
sandbox2::bpf_helper
sandbox2::comms
sandbox2::ipc
@ -1011,8 +990,7 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
sandbox2::testcase_print_fds
)
target_link_libraries(sandbox2_policybuilder_test
PRIVATE absl::memory
absl::strings
PRIVATE absl::strings
sandbox2::bpf_helper
sandbox2::comms
sapi::testing

5
sandboxed_api/sandbox2/buffer.cc
View File

@ -19,18 +19,17 @@
#include <unistd.h>
#include <cerrno>
#include <memory>
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/sandbox2/util.h"
namespace sandbox2 {
// Creates a new Buffer that is backed by the specified file descriptor.
absl::StatusOr<std::unique_ptr<Buffer>> Buffer::CreateFromFd(int fd) {
auto buffer = absl::WrapUnique(new Buffer{});
auto buffer = std::make_unique<Buffer>();
struct stat stat_buf;
if (fstat(fd, &stat_buf) != 0) {

6
sandboxed_api/sandbox2/buffer.h
View File

@ -28,7 +28,11 @@ namespace sandbox2 {
// The executor must distrust the content of this buffer, like everything
// else that comes under control of the sandboxee.
class Buffer final {
private:
struct Tag {};
public:
Buffer(Tag tag = {}) {}
~Buffer();
Buffer(const Buffer&) = delete;
@ -53,8 +57,6 @@ class Buffer final {
int fd() const { return fd_; }
private:
Buffer() = default;
uint8_t* buf_ = nullptr;
int fd_ = -1;
size_t size_ = 0;

5
sandboxed_api/sandbox2/buffer_test.cc
View File

@ -27,7 +27,6 @@
#include <glog/logging.h>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h"
@ -108,7 +107,7 @@ TEST(BufferTest, TestWithSandboxeeMapFd) {
SKIP_SANITIZERS_AND_COVERAGE;
const std::string path = GetTestSourcePath("sandbox2/testcases/buffer");
std::vector<std::string> args = {path, "1"};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
auto policy = BufferTestcasePolicy();
SAPI_ASSERT_OK_AND_ASSIGN(auto buffer,
@ -141,7 +140,7 @@ TEST(BufferTest, TestWithSandboxeeSendRecv) {
SKIP_SANITIZERS_AND_COVERAGE;
const std::string path = GetTestSourcePath("sandbox2/testcases/buffer");
std::vector<std::string> args = {path, "2"};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
Sandbox2 s2(std::move(executor), BufferTestcasePolicy());
ASSERT_THAT(s2.RunAsync(), IsTrue());

5
sandboxed_api/sandbox2/client.cc
View File

@ -35,7 +35,6 @@
#include "absl/base/attributes.h"
#include "absl/base/macros.h"
#include "absl/container/flat_hash_map.h"
#include "absl/memory/memory.h"
#include "absl/strings/numbers.h"
#include "absl/strings/str_cat.h"
#include "absl/strings/str_join.h"
@ -277,12 +276,12 @@ bool Client::HasMappedFD(const std::string& name) {
void Client::SendLogsToSupervisor() {
// This LogSink will register itself and send all logs to the executor until
// the object is destroyed.
logsink_ = absl::make_unique<LogSink>(GetMappedFD(LogSink::kLogFDName));
logsink_ = std::make_unique<LogSink>(GetMappedFD(LogSink::kLogFDName));
}
NetworkProxyClient* Client::GetNetworkProxyClient() {
if (proxy_client_ == nullptr) {
proxy_client_ = absl::make_unique<NetworkProxyClient>(
proxy_client_ = std::make_unique<NetworkProxyClient>(
GetMappedFD(NetworkProxyClient::kFDName));
}
return proxy_client_.get();

2
sandboxed_api/sandbox2/comms.cc
View File

@ -34,11 +34,11 @@
#include <cstdlib>
#include <cstring>
#include <functional>
#include <memory>
#include "google/protobuf/message.h"
#include "absl/base/config.h"
#include "absl/base/dynamic_annotations.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h"

1
sandboxed_api/sandbox2/examples/crc4/BUILD.bazel
View File

@ -37,7 +37,6 @@ cc_binary(
"//sandboxed_api/util:flags",
"//sandboxed_api/util:logging",
"//sandboxed_api/util:runfiles",
"@com_google_absl//absl/memory",
"@com_google_glog//:glog",
],
)

1
sandboxed_api/sandbox2/examples/crc4/CMakeLists.txt
View File

@ -21,7 +21,6 @@ add_dependencies(sandbox2_crc4sandbox
sandbox2::crc4bin
)
target_link_libraries(sandbox2_crc4sandbox PRIVATE
absl::memory
sandbox2::bpf_helper
sandbox2::comms
sapi::runfiles

3
sandboxed_api/sandbox2/examples/crc4/crc4sandbox.cc
View File

@ -29,7 +29,6 @@
#include <glog/logging.h>
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h"
@ -105,7 +104,7 @@ int main(int argc, char* argv[]) {
args.push_back("-call_syscall_not_allowed");
}
std::vector<std::string> envs = {};
auto executor = absl::make_unique<sandbox2::Executor>(path, args, envs);
auto executor = std::make_unique<sandbox2::Executor>(path, args, envs);
executor
// Sandboxing is enabled by the binary itself (i.e. the crc4bin is capable

1
sandboxed_api/sandbox2/examples/custom_fork/BUILD.bazel
View File

@ -34,7 +34,6 @@ cc_binary(
"//sandboxed_api/util:flags",
"//sandboxed_api/util:logging",
"//sandboxed_api/util:runfiles",
"@com_google_absl//absl/memory",
],
)

1
sandboxed_api/sandbox2/examples/custom_fork/CMakeLists.txt
View File

@ -22,7 +22,6 @@ add_dependencies(sandbox2_custom_fork_sandbox
)
target_link_libraries(sandbox2_custom_fork_sandbox PRIVATE
absl::core_headers
absl::memory
sandbox2::comms
sandbox2::forkserver
sapi::runfiles

5
sandboxed_api/sandbox2/examples/custom_fork/custom_fork_sandbox.cc
View File

@ -25,7 +25,6 @@
#include <glog/logging.h>
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h"
@ -58,7 +57,7 @@ std::unique_ptr<sandbox2::Policy> GetPolicy() {
static int SandboxIteration(sandbox2::ForkClient* fork_client, int32_t i) {
// Now, start the sandboxee as usual, just use a different Executor
// constructor, which takes pointer to the ForkClient.
auto executor = absl::make_unique<sandbox2::Executor>(fork_client);
auto executor = std::make_unique<sandbox2::Executor>(fork_client);
// Set limits as usual.
executor
@ -110,7 +109,7 @@ int main(int argc, char* argv[]) {
"sandbox2/examples/custom_fork/custom_fork_bin");
std::vector<std::string> args = {path};
std::vector<std::string> envs = {};
auto fork_executor = absl::make_unique<sandbox2::Executor>(path, args, envs);
auto fork_executor = std::make_unique<sandbox2::Executor>(path, args, envs);
// Start the fork-server (which is here: the custom_fork_bin process calling
// sandbox2::Client::WaitAndFork() in a loop).
//

2
sandboxed_api/sandbox2/examples/network/network_sandbox.cc
View File

@ -186,7 +186,7 @@ int main(int argc, char* argv[]) {
std::vector<std::string> args = {path};
std::vector<std::string> envs = {};
auto executor = absl::make_unique<sandbox2::Executor>(path, args, envs);
auto executor = std::make_unique<sandbox2::Executor>(path, args, envs);
executor
// Sandboxing is enabled by the binary itself (i.e. the crc4bin is capable
// of enabling sandboxing on its own).

2
sandboxed_api/sandbox2/examples/network_proxy/networkproxy_sandbox.cc
View File

@ -139,7 +139,7 @@ int main(int argc, char* argv[]) {
}
std::vector<std::string> envs = {};
auto executor = absl::make_unique<sandbox2::Executor>(path, args, envs);
auto executor = std::make_unique<sandbox2::Executor>(path, args, envs);
executor
// Sandboxing is enabled by the binary itself (i.e. the networkproxy_bin

1
sandboxed_api/sandbox2/examples/static/BUILD.bazel
View File

@ -37,7 +37,6 @@ cc_binary(
"//sandboxed_api/util:flags",
"//sandboxed_api/util:logging",
"//sandboxed_api/util:runfiles",
"@com_google_absl//absl/memory",
],
)

1
sandboxed_api/sandbox2/examples/static/CMakeLists.txt
View File

@ -21,7 +21,6 @@ add_dependencies(sandbox2_static_sandbox
sandbox2::static_bin
)
target_link_libraries(sandbox2_static_sandbox PRIVATE
absl::memory
sandbox2::bpf_helper
sapi::runfiles
sandbox2::sandbox2

3
sandboxed_api/sandbox2/examples/static/static_sandbox.cc
View File

@ -30,7 +30,6 @@
#include <glog/logging.h>
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/limits.h"
@ -134,7 +133,7 @@ int main(int argc, char* argv[]) {
const std::string path = sapi::internal::GetSapiDataDependencyFilePath(
"sandbox2/examples/static/static_bin");
std::vector<std::string> args = {path};
auto executor = absl::make_unique<sandbox2::Executor>(path, args);
auto executor = std::make_unique<sandbox2::Executor>(path, args);
executor
// Sandboxing is enabled by the sandbox itself. The sandboxed binary is

1
sandboxed_api/sandbox2/examples/tool/BUILD.bazel
View File

@ -36,7 +36,6 @@ cc_binary(
"//sandboxed_api/util:fileops",
"//sandboxed_api/util:flags",
"//sandboxed_api/util:logging",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_absl//absl/strings:str_format",
"@com_google_absl//absl/time",

1
sandboxed_api/sandbox2/examples/tool/CMakeLists.txt
View File

@ -19,7 +19,6 @@ add_executable(sandbox2_sandbox2tool
set_target_properties(sandbox2_sandbox2tool PROPERTIES OUTPUT_NAME sandbox2tool)
add_executable(sandbox2::sandbox2tool ALIAS sandbox2_sandbox2tool)
target_link_libraries(sandbox2_sandbox2tool PRIVATE
absl::memory
absl::strings
absl::time
sandbox2::bpf_helper

3
sandboxed_api/sandbox2/examples/tool/sandbox2tool.cc
View File

@ -36,7 +36,6 @@
#include <glog/logging.h>
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "absl/strings/str_format.h"
#include "absl/strings/str_split.h"
#include "absl/time/time.h"
@ -123,7 +122,7 @@ int main(int argc, char* argv[]) {
if (absl::GetFlag(FLAGS_sandbox2tool_keep_env)) {
envp = sandbox2::util::CharPtrArray(environ).ToStringVector();
}
auto executor = absl::make_unique<sandbox2::Executor>(argv[1], args, envp);
auto executor = std::make_unique<sandbox2::Executor>(argv[1], args, envp);
sapi::file_util::fileops::FDCloser recv_fd1;
if (absl::GetFlag(FLAGS_sandbox2tool_redirect_fd1)) {

1
sandboxed_api/sandbox2/examples/zlib/BUILD.bazel
View File

@ -29,7 +29,6 @@ cc_binary(
"//sandboxed_api/util:flags",
"//sandboxed_api/util:logging",
"//sandboxed_api/util:runfiles",
"@com_google_absl//absl/memory",
],
)

1
sandboxed_api/sandbox2/examples/zlib/CMakeLists.txt
View File

@ -21,7 +21,6 @@ add_dependencies(sandbox2_zpipe_sandbox
sandbox2::zpipe
)
target_link_libraries(sandbox2_zpipe_sandbox PRIVATE
absl::memory
sandbox2::bpf_helper
sandbox2::comms
sapi::logging

3
sandboxed_api/sandbox2/examples/zlib/zpipe_sandbox.cc
View File

@ -28,7 +28,6 @@
#include <glog/logging.h>
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/limits.h"
@ -94,7 +93,7 @@ int main(int argc, char* argv[]) {
args.push_back("-d");
}
std::vector<std::string> envs = {};
auto executor = absl::make_unique<sandbox2::Executor>(path, args, envs);
auto executor = std::make_unique<sandbox2::Executor>(path, args, envs);
executor
// Kill sandboxed processes with a signal (SIGXFSZ) if it writes more than

4
sandboxed_api/sandbox2/executor.cc
View File

@ -23,9 +23,9 @@
#include <climits>
#include <cstddef>
#include <memory>
#include <string_view>
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/strings/match.h"
#include "absl/strings/str_cat.h"
@ -193,7 +193,7 @@ std::unique_ptr<ForkClient> Executor::StartForkServer() {
if (!process.ok()) {
return nullptr;
}
return absl::make_unique<ForkClient>(process->main_pid, ipc_.comms());
return std::make_unique<ForkClient>(process->main_pid, ipc_.comms());
}
void Executor::SetUpServerSideCommsFd() {

5
sandboxed_api/sandbox2/forkingclient.cc
View File

@ -16,9 +16,10 @@
#include <unistd.h>
#include <memory>
#include <glog/logging.h>
#include "sandboxed_api/sandbox2/sanitizer.h"
#include "absl/memory/memory.h"
namespace sandbox2 {
@ -33,7 +34,7 @@ pid_t ForkingClient::WaitAndFork() {
CHECK_NE(n, -1) << "sanitizer::GetNumberOfThreads failed";
CHECK_EQ(n, 1) << "Too many threads (" << n
<< ") during sandbox2::Client::WaitAndFork()";
fork_server_worker_ = absl::make_unique<ForkServer>(comms_);
fork_server_worker_ = std::make_unique<ForkServer>(comms_);
}
return fork_server_worker_->ServeRequest();
}

2
sandboxed_api/sandbox2/forkserver.cc
View File

@ -34,11 +34,11 @@
#include <cstdlib>
#include <cstring>
#include <fstream>
#include <memory>
#include <string>
#include "absl/container/flat_hash_map.h"
#include "absl/container/flat_hash_set.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/match.h"

4
sandboxed_api/sandbox2/global_forkclient.cc
View File

@ -26,12 +26,12 @@
#include <csignal>
#include <cstdlib>
#include <memory>
#include <string>
#include <vector>
#include <glog/logging.h>
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/ascii.h"
@ -187,7 +187,7 @@ absl::StatusOr<std::unique_ptr<GlobalForkClient>> StartGlobalForkServer() {
}
close(sv[0]);
return absl::make_unique<GlobalForkClient>(sv[1], pid);
return std::make_unique<GlobalForkClient>(sv[1], pid);
}
void WaitForForkserver(pid_t pid) {

7
sandboxed_api/sandbox2/ipc.cc
View File

@ -19,16 +19,15 @@
#include <sys/socket.h>
#include <thread>
#include <memory>
#include <glog/logging.h>
#include "absl/memory/memory.h"
#include "sandboxed_api/sandbox2/logserver.h"
#include "sandboxed_api/sandbox2/logsink.h"
namespace sandbox2 {
void IPC::SetUpServerSideComms(int fd) {
comms_ = absl::make_unique<Comms>(fd);
}
void IPC::SetUpServerSideComms(int fd) { comms_ = std::make_unique<Comms>(fd); }
void IPC::MapFd(int local_fd, int remote_fd) {
VLOG(3) << "Will send: " << local_fd << ", to overwrite: " << remote_fd;

8
sandboxed_api/sandbox2/ipc_test.cc
View File

@ -14,11 +14,11 @@
#include "sandboxed_api/sandbox2/ipc.h"
#include <memory>
#include <utility>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/policy.h"
@ -46,7 +46,7 @@ TEST_P(IPCTest, MapFDByNamePreExecve) {
const int fd = GetParam();
const std::string path = GetTestSourcePath("sandbox2/testcases/ipc");
std::vector<std::string> args = {path, "1", std::to_string(fd)};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
Comms comms(executor->ipc()->ReceiveFd(fd, "ipc_test"));
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
@ -83,7 +83,7 @@ TEST_P(IPCTest, MapFDByNamePostExecve) {
const int fd = GetParam();
const std::string path = GetTestSourcePath("sandbox2/testcases/ipc");
std::vector<std::string> args = {path, "2", std::to_string(fd)};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
executor->set_enable_sandbox_before_exec(false);
Comms comms(executor->ipc()->ReceiveFd(fd, "ipc_test"));
@ -118,7 +118,7 @@ TEST(IPCTest, NoMappedFDsPreExecve) {
SKIP_SANITIZERS_AND_COVERAGE;
const std::string path = GetTestSourcePath("sandbox2/testcases/ipc");
std::vector<std::string> args = {path, "3"};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()

11
sandboxed_api/sandbox2/limits_test.cc
View File

@ -22,7 +22,6 @@
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/policy.h"
@ -41,7 +40,7 @@ using ::sapi::GetTestSourcePath;
TEST(LimitsTest, RLimitASMmapUnderLimit) {
const std::string path = GetTestSourcePath("sandbox2/testcases/limits");
std::vector<std::string> args = {path, "1"}; // mmap(1 MiB)
auto executor = absl::make_unique<sandbox2::Executor>(path, args);
auto executor = std::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
@ -60,7 +59,7 @@ TEST(LimitsTest, RLimitASMmapUnderLimit) {
TEST(LimitsTest, RLimitASMmapAboveLimit) {
const std::string path = GetTestSourcePath("sandbox2/testcases/limits");
std::vector<std::string> args = {path, "2"}; // mmap(100 MiB)
auto executor = absl::make_unique<sandbox2::Executor>(path, args);
auto executor = std::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
@ -79,7 +78,7 @@ TEST(LimitsTest, RLimitASMmapAboveLimit) {
TEST(LimitsTest, RLimitASAllocaSmallUnderLimit) {
const std::string path = GetTestSourcePath("sandbox2/testcases/limits");
std::vector<std::string> args = {path, "3"}; // alloca(1 MiB)
auto executor = absl::make_unique<sandbox2::Executor>(path, args);
auto executor = std::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
@ -98,7 +97,7 @@ TEST(LimitsTest, RLimitASAllocaSmallUnderLimit) {
TEST(LimitsTest, RLimitASAllocaBigUnderLimit) {
const std::string path = GetTestSourcePath("sandbox2/testcases/limits");
std::vector<std::string> args = {path, "4"}; // alloca(8 MiB)
auto executor = absl::make_unique<sandbox2::Executor>(path, args);
auto executor = std::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
@ -117,7 +116,7 @@ TEST(LimitsTest, RLimitASAllocaBigUnderLimit) {
TEST(LimitsTest, RLimitASAllocaBigAboveLimit) {
const std::string path = GetTestSourcePath("sandbox2/testcases/limits");
std::vector<std::string> args = {path, "5"}; // alloca(100 MiB)
auto executor = absl::make_unique<sandbox2::Executor>(path, args);
auto executor = std::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,

9
sandboxed_api/sandbox2/monitor.cc
View File

@ -48,7 +48,6 @@
#include "absl/cleanup/cleanup.h"
#include "absl/container/flat_hash_set.h"
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/strings/match.h"
#include "absl/strings/str_cat.h"
@ -895,8 +894,8 @@ void Monitor::ActionProcessSyscallViolation(Regs* regs, const Syscall& syscall,
LogSyscallViolation(syscall);
notify_->EventSyscallViolation(syscall, violation_type);
SetExitStatusCode(Result::VIOLATION, syscall.nr());
result_.SetSyscall(absl::make_unique<Syscall>(syscall));
SetAdditionalResultInfo(absl::make_unique<Regs>(*regs));
result_.SetSyscall(std::make_unique<Syscall>(syscall));
SetAdditionalResultInfo(std::make_unique<Regs>(*regs));
// Rewrite the syscall argument to something invalid (-1).
// The process will be killed anyway so this is just a precaution.
auto status = regs->SkipSyscallReturnValue(-ENOSYS);
@ -1060,7 +1059,7 @@ void Monitor::EventPtraceExit(pid_t pid, int event_msg) {
WIFSIGNALED(event_msg) && WTERMSIG(event_msg) == SIGSYS;
// Fetch the registers as we'll need them to fill the result in any case
auto regs = absl::make_unique<Regs>(pid);
auto regs = std::make_unique<Regs>(pid);
if (is_seccomp || pid == pid_) {
auto status = regs->Fetch();
if (!status.ok()) {
@ -1248,7 +1247,7 @@ void Monitor::LogSyscallViolationExplanation(const Syscall& syscall) const {
void Monitor::EnableNetworkProxyServer() {
int fd = ipc_->ReceiveFd(NetworkProxyClient::kFDName);
network_proxy_server_ = absl::make_unique<NetworkProxyServer>(
network_proxy_server_ = std::make_unique<NetworkProxyServer>(
fd, &policy_->allowed_hosts_.value(), pthread_self());
network_proxy_thread_ = std::thread(&NetworkProxyServer::Run,

4
sandboxed_api/sandbox2/namespace.cc
View File

@ -29,9 +29,9 @@
#include <cstdio>
#include <cstring>
#include <memory>
#include <utility>
#include "absl/memory/memory.h"
#include "absl/strings/str_cat.h"
#include "absl/strings/str_format.h"
#include "absl/strings/string_view.h"
@ -230,7 +230,7 @@ void Namespace::InitializeNamespaces(uid_t uid, gid_t gid, int32_t clone_flags,
if (avoid_pivot_root) {
// We want to bind-mount chrooted to real root, so that symlinks work.
// Reference to main root is kept to escape later from the chroot
root_fd = absl::make_unique<file_util::fileops::FDCloser>(
root_fd = std::make_unique<file_util::fileops::FDCloser>(
TEMP_FAILURE_RETRY(open("/", O_PATH)));
SAPI_RAW_CHECK(root_fd->get() != -1, "creating fd for main root");

3
sandboxed_api/sandbox2/namespace_test.cc
View File

@ -26,7 +26,6 @@
#include <glog/logging.h>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/strings/numbers.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/config.h"
@ -54,7 +53,7 @@ using ::testing::Ne;
int RunSandboxeeWithArgsAndPolicy(const std::string& sandboxee,
std::initializer_list<std::string> args,
std::unique_ptr<Policy> policy) {
Sandbox2 sandbox(absl::make_unique<Executor>(sandboxee, args),
Sandbox2 sandbox(std::make_unique<Executor>(sandboxee, args),
std::move(policy));
Result result = sandbox.Run();

2
sandboxed_api/sandbox2/network_proxy/BUILD.bazel
View File

@ -29,7 +29,6 @@ cc_library(
":filtering",
"//sandboxed_api/sandbox2:comms",
"//sandboxed_api/util:fileops",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",
"@com_google_glog//:glog",
@ -47,7 +46,6 @@ cc_library(
"//sandboxed_api/sandbox2:comms",
"//sandboxed_api/util:status",
"//sandboxed_api/util:strerror",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/strings",
"@com_google_absl//absl/synchronization",

4
sandboxed_api/sandbox2/network_proxy/CMakeLists.txt
View File

@ -19,7 +19,6 @@ add_library(sandbox2_network_proxy_server ${SAPI_LIB_TYPE}
)
add_library(sandbox2::network_proxy_server ALIAS sandbox2_network_proxy_server)
target_link_libraries(sandbox2_network_proxy_server PRIVATE
absl::memory
sandbox2::comms
sapi::fileops
sandbox2::network_proxy_filtering
@ -33,8 +32,7 @@ add_library(sandbox2_network_proxy_filtering ${SAPI_LIB_TYPE}
)
add_library(sandbox2::network_proxy_filtering ALIAS sandbox2_network_proxy_filtering)
target_link_libraries(sandbox2_network_proxy_filtering
PRIVATE absl::memory
absl::status
PRIVATE absl::status
sandbox2::comms
sapi::fileops
sapi::base

2
sandboxed_api/sandbox2/network_proxy/client.cc
View File

@ -22,9 +22,9 @@
#include <cerrno>
#include <iostream>
#include <memory>
#include <glog/logging.h>
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/config.h"

4
sandboxed_api/sandbox2/network_proxy/server.cc
View File

@ -24,9 +24,9 @@
#include <cerrno>
#include <cstring>
#include <memory>
#include <glog/logging.h>
#include "absl/memory/memory.h"
#include "absl/status/statusor.h"
#include "sandboxed_api/util/fileops.h"
@ -37,7 +37,7 @@ namespace file_util = ::sapi::file_util;
NetworkProxyServer::NetworkProxyServer(int fd, AllowedHosts* allowed_hosts,
pthread_t monitor_thread_id)
: violation_occurred_(false),
comms_{absl::make_unique<Comms>(fd)},
comms_{std::make_unique<Comms>(fd)},
fatal_error_(false),
monitor_thread_id_(monitor_thread_id),
allowed_hosts_(allowed_hosts) {}

13
sandboxed_api/sandbox2/notify_test.cc
View File

@ -24,7 +24,6 @@
#include <glog/logging.h>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/strings/str_join.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/executor.h"
@ -108,8 +107,8 @@ TEST(NotifyTest, AllowPersonality) {
SKIP_SANITIZERS_AND_COVERAGE;
const std::string path = GetTestSourcePath("sandbox2/testcases/personality");
std::vector<std::string> args = {path};
Sandbox2 s2(absl::make_unique<Executor>(path, args), NotifyTestcasePolicy(),
absl::make_unique<PersonalityNotify>(/*allow=*/true));
Sandbox2 s2(std::make_unique<Executor>(path, args), NotifyTestcasePolicy(),
std::make_unique<PersonalityNotify>(/*allow=*/true));
auto result = s2.Run();
ASSERT_THAT(result.final_status(), Eq(Result::OK));
@ -121,8 +120,8 @@ TEST(NotifyTest, DisallowPersonality) {
SKIP_SANITIZERS_AND_COVERAGE;
const std::string path = GetTestSourcePath("sandbox2/testcases/personality");
std::vector<std::string> args = {path};
Sandbox2 s2(absl::make_unique<Executor>(path, args), NotifyTestcasePolicy(),
absl::make_unique<PersonalityNotify>(/*allow=*/false));
Sandbox2 s2(std::make_unique<Executor>(path, args), NotifyTestcasePolicy(),
std::make_unique<PersonalityNotify>(/*allow=*/false));
auto result = s2.Run();
ASSERT_THAT(result.final_status(), Eq(Result::VIOLATION));
@ -134,11 +133,11 @@ TEST(NotifyTest, PrintPidAndComms) {
SKIP_SANITIZERS_AND_COVERAGE;
const std::string path = GetTestSourcePath("sandbox2/testcases/pidcomms");
std::vector<std::string> args = {path};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
executor->set_enable_sandbox_before_exec(false);
Sandbox2 s2(std::move(executor), NotifyTestcasePolicy(),
absl::make_unique<PidCommsNotify>());
std::make_unique<PidCommsNotify>());
auto result = s2.Run();
ASSERT_THAT(result.final_status(), Eq(Result::OK));

2
sandboxed_api/sandbox2/policy_test.cc
View File

@ -20,11 +20,11 @@
#include <cerrno>
#include <cstdlib>
#include <memory>
#include <string>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/strings/string_view.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/executor.h"

6
sandboxed_api/sandbox2/policybuilder.cc
View File

@ -33,6 +33,7 @@
#include <csignal>
#include <cstdint>
#include <deque>
#include <memory>
#include <utility>
#include "absl/memory/memory.h"
@ -43,6 +44,7 @@
#include "absl/strings/string_view.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/namespace.h"
#include "sandboxed_api/sandbox2/policy.h"
#include "sandboxed_api/sandbox2/util/bpf_helper.h"
#include "sandboxed_api/util/path.h"
#include "sandboxed_api/util/status_macros.h"
@ -987,7 +989,7 @@ absl::StatusOr<std::unique_ptr<Policy>> PolicyBuilder::TryBuild() {
return absl::FailedPreconditionError(
"Cannot set hostname without network namespaces.");
}
output->SetNamespace(absl::make_unique<Namespace>(
output->SetNamespace(std::make_unique<Namespace>(
allow_unrestricted_networking_, std::move(mounts_), hostname_,
allow_mount_propagation_));
} else {
@ -1009,7 +1011,7 @@ absl::StatusOr<std::unique_ptr<Policy>> PolicyBuilder::TryBuild() {
output->user_policy_handles_bpf_ = user_policy_handles_bpf_;
output->user_policy_handles_ptrace_ = user_policy_handles_ptrace_;
auto pb_description = absl::make_unique<PolicyBuilderDescription>();
auto pb_description = std::make_unique<PolicyBuilderDescription>();
StoreDescription(pb_description.get());
output->policy_builder_description_ = std::move(pb_description);

1
sandboxed_api/sandbox2/policybuilder.h
View File

@ -29,7 +29,6 @@
#include <glog/logging.h>
#include "absl/base/macros.h"
#include "absl/container/flat_hash_set.h"
#include "absl/memory/memory.h"
#include "absl/status/statusor.h"
#include "absl/strings/string_view.h"
#include "absl/types/span.h"

4
sandboxed_api/sandbox2/policybuilder_test.cc
View File

@ -17,13 +17,13 @@
#include <syscall.h>
#include <unistd.h>
#include <memory>
#include <string>
#include <utility>
#include <glog/logging.h>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/match.h"
@ -174,7 +174,7 @@ std::string PolicyBuilderTest::Run(const std::vector<std::string>& args,
builder.AllowUnrestrictedNetworking();
}
auto executor = absl::make_unique<sandbox2::Executor>(args[0], args);
auto executor = std::make_unique<sandbox2::Executor>(args[0], args);
if constexpr (sapi::sanitizers::IsAny()) {
executor->limits()->set_rlimit_as(RLIM64_INFINITY);
}

4
sandboxed_api/sandbox2/result.cc
View File

@ -29,12 +29,12 @@ Result& Result::operator=(const Result& other) {
reason_code_ = other.reason_code_;
stack_trace_ = other.stack_trace_;
if (other.regs_) {
regs_ = absl::make_unique<Regs>(*other.regs_);
regs_ = std::make_unique<Regs>(*other.regs_);
} else {
regs_.reset(nullptr);
}
if (other.syscall_) {
syscall_ = absl::make_unique<Syscall>(*other.syscall_);
syscall_ = std::make_unique<Syscall>(*other.syscall_);
} else {
syscall_.reset(nullptr);
}

1
sandboxed_api/sandbox2/result.h
View File

@ -26,7 +26,6 @@
#include <string>
#include <utility>
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/regs.h"

5
sandboxed_api/sandbox2/sandbox2.cc
View File

@ -20,7 +20,6 @@
#include <memory>
#include <string>
#include "absl/memory/memory.h"
#include "absl/status/statusor.h"
#include "absl/synchronization/mutex.h"
#include "absl/time/time.h"
@ -118,9 +117,9 @@ void Sandbox2::set_walltime_limit(absl::Duration limit) const {
void Sandbox2::Launch() {
monitor_ =
absl::make_unique<Monitor>(executor_.get(), policy_.get(), notify_.get());
std::make_unique<Monitor>(executor_.get(), policy_.get(), notify_.get());
monitor_thread_ =
absl::make_unique<std::thread>(&Monitor::Run, monitor_.get());
std::make_unique<std::thread>(&Monitor::Run, monitor_.get());
// Wait for the Monitor to set-up the sandboxee correctly (or fail while
// doing that). From here on, it is safe to use the IPC object for

3
sandboxed_api/sandbox2/sandbox2.h
View File

@ -25,7 +25,6 @@
#include <glog/logging.h>
#include "absl/base/macros.h"
#include "absl/memory/memory.h"
#include "absl/status/statusor.h"
#include "absl/synchronization/mutex.h"
#include "sandboxed_api/sandbox2/comms.h"
@ -51,7 +50,7 @@ class Sandbox2 final {
CHECK(executor_ != nullptr);
CHECK(policy_ != nullptr);
if (notify_ == nullptr) {
notify_ = absl::make_unique<Notify>();
notify_ = std::make_unique<Notify>();
}
}

15
sandboxed_api/sandbox2/sandbox2_test.cc
View File

@ -24,7 +24,6 @@
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/executor.h"
@ -52,7 +51,7 @@ TEST(SandboxCoreDumpTest, AbortWithoutCoreDumpReturnsSignaled) {
std::vector<std::string> args = {
path,
};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
@ -74,7 +73,7 @@ TEST(TsyncTest, TsyncNoMemoryChecks) {
const std::string path = GetTestSourcePath("sandbox2/testcases/tsync");
auto executor =
absl::make_unique<Executor>(path, std::vector<std::string>{path});
std::make_unique<Executor>(path, std::vector<std::string>{path});
executor->set_enable_sandbox_before_exec(false);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
@ -102,7 +101,7 @@ TEST(ExecutorTest, ExecutorFdConstructor) {
std::vector<std::string> args = {absl::StrCat("FD:", fd)};
std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(fd, args, envs);
auto executor = std::make_unique<Executor>(fd, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
@ -123,7 +122,7 @@ TEST(RunAsyncTest, SandboxeeExternalKill) {
std::vector<std::string> args = {path};
std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs);
auto executor = std::make_unique<Executor>(path, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
@ -146,7 +145,7 @@ TEST(RunAsyncTest, SandboxeeTimeoutWithStacktraces) {
std::vector<std::string> args = {path};
std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs);
auto executor = std::make_unique<Executor>(path, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
@ -167,7 +166,7 @@ TEST(RunAsyncTest, SandboxeeTimeoutDisabledStacktraces) {
std::vector<std::string> args = {path};
std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs);
auto executor = std::make_unique<Executor>(path, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
@ -186,7 +185,7 @@ TEST(StarvationTest, MonitorIsNotStarvedByTheSandboxee) {
std::vector<std::string> args = {path};
std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs);
auto executor = std::make_unique<Executor>(path, args, envs);
executor->limits()->set_walltime_limit(absl::Seconds(5));
SAPI_ASSERT_OK_AND_ASSIGN(

4
sandboxed_api/sandbox2/sanitizer_test.cc
View File

@ -20,6 +20,7 @@
#include <unistd.h>
#include <cstdlib>
#include <memory>
#include <utility>
#include <vector>
@ -27,7 +28,6 @@
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/container/flat_hash_set.h"
#include "absl/memory/memory.h"
#include "absl/strings/numbers.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/sandbox2/comms.h"
@ -116,7 +116,7 @@ TEST(SanitizerTest, TestSandboxedBinary) {
absl::StrCat(STDERR_FILENO),
absl::StrCat(Comms::kSandbox2ClientCommsFD),
};
auto executor = absl::make_unique<Executor>(path, args);
auto executor = std::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()

6
sandboxed_api/sandbox2/stack_trace_test.cc
View File

@ -18,6 +18,7 @@
#include <cstdio>
#include <functional>
#include <memory>
#include <string>
#include <utility>
@ -25,7 +26,6 @@
#include "gtest/gtest.h"
#include "absl/cleanup/cleanup.h"
#include "sandboxed_api/util/flag.h"
#include "absl/memory/memory.h"
#include "absl/strings/match.h"
#include "absl/strings/str_cat.h"
#include "sandboxed_api/sandbox2/executor.h"
@ -97,7 +97,7 @@ void SymbolizationWorksCommon(
modify_policy(&policybuilder);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, policybuilder.TryBuild());
Sandbox2 s2(absl::make_unique<Executor>(path, args), std::move(policy));
Sandbox2 s2(std::make_unique<Executor>(path, args), std::move(policy));
auto result = s2.Run();
ASSERT_THAT(result.final_status(), Eq(Result::SIGNALED));
@ -198,7 +198,7 @@ TEST(StackTraceTest, SymbolizationTrustedFilesOnly) {
.AddFile(path)
.AddLibrariesForBinary(path)
.TryBuild());
Sandbox2 s2(absl::make_unique<Executor>(path, args), std::move(policy));
Sandbox2 s2(std::make_unique<Executor>(path, args), std::move(policy));
auto result = s2.Run();
ASSERT_THAT(result.final_status(), Eq(Result::SIGNALED));

20
sandboxed_api/sapi_test.cc
View File

@ -14,12 +14,12 @@
#include <fcntl.h>
#include <memory>
#include <thread> // NOLINT(build/c++11)
#include "benchmark/benchmark.h"
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "sandboxed_api/examples/stringop/sandbox.h"
#include "sandboxed_api/examples/stringop/stringop-sapi.sapi.h"
@ -68,7 +68,7 @@ absl::Status InvokeStringReversal(Sandbox* sandbox) {
// Minimal case for measuring the minimum overhead of restarting the sandbox.
void BenchmarkSandboxRestartOverhead(benchmark::State& state) {
for (auto _ : state) {
BasicTransaction st(absl::make_unique<StringopSandbox>());
BasicTransaction st(std::make_unique<StringopSandbox>());
// Invoke nop() to make sure that our sandbox is running.
EXPECT_THAT(st.Run(InvokeNop), IsOk());
}
@ -76,7 +76,7 @@ void BenchmarkSandboxRestartOverhead(benchmark::State& state) {
BENCHMARK(BenchmarkSandboxRestartOverhead);
void BenchmarkSandboxRestartForkserverOverhead(benchmark::State& state) {
sapi::BasicTransaction st(absl::make_unique<StringopSandbox>());
sapi::BasicTransaction st(std::make_unique<StringopSandbox>());
for (auto _ : state) {
EXPECT_THAT(st.Run(InvokeNop), IsOk());
EXPECT_THAT(st.sandbox()->Restart(true), IsOk());
@ -85,7 +85,7 @@ void BenchmarkSandboxRestartForkserverOverhead(benchmark::State& state) {
BENCHMARK(BenchmarkSandboxRestartForkserverOverhead);
void BenchmarkSandboxRestartForkserverOverheadForced(benchmark::State& state) {
sapi::BasicTransaction st{absl::make_unique<StringopSandbox>()};
sapi::BasicTransaction st{std::make_unique<StringopSandbox>()};
for (auto _ : state) {
EXPECT_THAT(st.Run(InvokeNop), IsOk());
EXPECT_THAT(st.sandbox()->Restart(false), IsOk());
@ -95,7 +95,7 @@ BENCHMARK(BenchmarkSandboxRestartForkserverOverheadForced);
// Reuse the sandbox. Used to measure the overhead of the call invocation.
void BenchmarkCallOverhead(benchmark::State& state) {
BasicTransaction st(absl::make_unique<StringopSandbox>());
BasicTransaction st(std::make_unique<StringopSandbox>());
for (auto _ : state) {
EXPECT_THAT(st.Run(InvokeNop), IsOk());
}
@ -104,7 +104,7 @@ BENCHMARK(BenchmarkCallOverhead);
// Make use of protobufs.
void BenchmarkProtobufHandling(benchmark::State& state) {
BasicTransaction st(absl::make_unique<StringopSandbox>());
BasicTransaction st(std::make_unique<StringopSandbox>());
for (auto _ : state) {
EXPECT_THAT(st.Run(InvokeStringReversal), IsOk());
}
@ -113,7 +113,7 @@ BENCHMARK(BenchmarkProtobufHandling);
// Measure overhead of synchronizing data.
void BenchmarkIntDataSynchronization(benchmark::State& state) {
auto sandbox = absl::make_unique<StringopSandbox>();
auto sandbox = std::make_unique<StringopSandbox>();
ASSERT_THAT(sandbox->Init(), IsOk());
long current_val = 0; // NOLINT
@ -141,7 +141,7 @@ BENCHMARK(BenchmarkIntDataSynchronization);
TEST(SapiTest, HasStackTraces) {
SKIP_SANITIZERS_AND_COVERAGE;
auto sandbox = absl::make_unique<StringopSandbox>();
auto sandbox = std::make_unique<StringopSandbox>();
ASSERT_THAT(sandbox->Init(), IsOk());
StringopApi api(sandbox.get());
EXPECT_THAT(api.violate(), StatusIs(absl::StatusCode::kUnavailable));
@ -172,7 +172,7 @@ int LeakFileDescriptor(sapi::Sandbox* sandbox, const char* path) {
// Make sure that restarting the sandboxee works (= fresh set of FDs).
TEST(SandboxTest, RestartSandboxFD) {
sapi::BasicTransaction st{absl::make_unique<SumSandbox>()};
sapi::BasicTransaction st{std::make_unique<SumSandbox>()};
auto test_body = [](sapi::Sandbox* sandbox) -> absl::Status {
// Open some FDs and check their value.
@ -191,7 +191,7 @@ TEST(SandboxTest, RestartSandboxFD) {
}
TEST(SandboxTest, RestartTransactionSandboxFD) {
sapi::BasicTransaction st{absl::make_unique<SumSandbox>()};
sapi::BasicTransaction st{std::make_unique<SumSandbox>()};
EXPECT_THAT(st.Run([](sapi::Sandbox* sandbox) -> absl::Status {
EXPECT_THAT(LeakFileDescriptor(sandbox, "/proc/self/exe"), Eq(3));

2
sandboxed_api/tools/clang_generator/BUILD.bazel
View File

@ -36,7 +36,6 @@ cc_library(
"//sandboxed_api/util:status",
"@com_google_absl//absl/container:btree",
"@com_google_absl//absl/container:flat_hash_set",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/random",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
@ -94,7 +93,6 @@ cc_binary(
"//sandboxed_api/util:file_helpers",
"//sandboxed_api/util:fileops",
"//sandboxed_api/util:status",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/strings",
"@com_google_absl//absl/strings:str_format",

1
sandboxed_api/tools/clang_generator/CMakeLists.txt
View File

@ -43,7 +43,6 @@ target_link_libraries(sapi_generator PUBLIC
sapi::base
absl::btree
absl::flat_hash_set
absl::memory
absl::random_random
absl::status
absl::statusor

2
sandboxed_api/tools/clang_generator/emitter_test.cc
View File

@ -15,10 +15,10 @@
#include "sandboxed_api/tools/clang_generator/emitter.h"
#include <initializer_list>
#include <memory>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/status/statusor.h"
#include "absl/strings/string_view.h"
#include "sandboxed_api/testing.h"

2
sandboxed_api/tools/clang_generator/generator.h
View File

@ -15,10 +15,10 @@
#ifndef SANDBOXED_API_TOOLS_CLANG_GENERATOR_GENERATOR_H_
#define SANDBOXED_API_TOOLS_CLANG_GENERATOR_GENERATOR_H_
#include <memory>
#include <string>
#include "absl/container/flat_hash_set.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/string_view.h"

1
sandboxed_api/tools/clang_generator/generator_tool.cc
View File

@ -17,7 +17,6 @@
#include <string>
#include <vector>
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/strings/match.h"
#include "absl/strings/str_format.h"

1
sandboxed_api/util/BUILD.bazel
View File

@ -211,7 +211,6 @@ cc_test(
deps = [
":status",
":status_matchers",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/status",
"@com_google_absl//absl/status:statusor",
"@com_google_absl//absl/strings",

8
sandboxed_api/util/status_macros_test.cc
View File

@ -14,11 +14,11 @@
#include "sandboxed_api/util/status_macros.h"
#include <memory>
#include <string>
#include "gmock/gmock.h"
#include "gtest/gtest.h"
#include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h"
#include "absl/strings/str_cat.h"
@ -88,7 +88,7 @@ TEST(AssignOrReturn, MovesUniquePtr) {
auto func = []() -> absl::Status {
std::unique_ptr<int> ptr;
SAPI_ASSIGN_OR_RETURN(
ptr, absl::StatusOr<std::unique_ptr<int>>(absl::make_unique<int>(1)));
ptr, absl::StatusOr<std::unique_ptr<int>>(std::make_unique<int>(1)));
EXPECT_EQ(*ptr, 1);
return absl::UnknownError("EXPECTED");
};
@ -112,10 +112,10 @@ TEST(AssignOrReturn, MovesUniquePtrRepeatedlyToSingleVariable) {
auto func = []() -> absl::Status {
std::unique_ptr<int> ptr;
SAPI_ASSIGN_OR_RETURN(
ptr, absl::StatusOr<std::unique_ptr<int>>(absl::make_unique<int>(1)));
ptr, absl::StatusOr<std::unique_ptr<int>>(std::make_unique<int>(1)));
EXPECT_EQ(*ptr, 1);
SAPI_ASSIGN_OR_RETURN(
ptr, absl::StatusOr<std::unique_ptr<int>>(absl::make_unique<int>(2)));
ptr, absl::StatusOr<std::unique_ptr<int>>(std::make_unique<int>(2)));
EXPECT_EQ(*ptr, 2);
return absl::UnknownError("EXPECTED");
};

4
sandboxed_api/var_proto.h
View File

@ -19,10 +19,10 @@
#include <cinttypes>
#include <cstdint>
#include <memory>
#include <vector>
#include "absl/base/macros.h"
#include "absl/memory/memory.h"
#include "absl/status/statusor.h"
#include "absl/utility/utility.h"
#include "sandboxed_api/proto_helper.h"
@ -65,7 +65,7 @@ class Proto : public Var {
ABSL_DEPRECATED("Use GetMessage() instead")
std::unique_ptr<T> GetProtoCopy() const {
if (auto proto = GetMessage(); proto.ok()) {
return absl::make_unique<T>(*std::move(proto));
return std::make_unique<T>(*std::move(proto));
}
return nullptr;
}