mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
Update zlib examples
- Link `zipe.c` statically (safe) - Update policy to allow any use of `stat()` PiperOrigin-RevId: 428971638 Change-Id: Ib0f5f496ea2389582986b41a8830592e6c1d4390
This commit is contained in:
parent
ddef30148c
commit
aefdb94575
|
@ -36,7 +36,7 @@ sapi_library(
|
|||
cc_binary(
|
||||
name = "main_zlib",
|
||||
srcs = ["main_zlib.cc"],
|
||||
copts = sapi_platform_copts(["-Wframe-larger-than=65536"]),
|
||||
copts = sapi_platform_copts(),
|
||||
deps = [
|
||||
":zlib-sapi",
|
||||
":zlib-sapi_embed",
|
||||
|
|
|
@ -17,7 +17,7 @@ add_sapi_library(zlib-sapi
|
|||
FUNCTIONS deflateInit_
|
||||
deflate
|
||||
deflateEnd
|
||||
INPUTS ${ZLIB_INCLUDE_DIRS}/zlib.h
|
||||
INPUTS "${ZLIB_INCLUDE_DIRS}/zlib.h"
|
||||
LIBRARY ZLIB::ZLIB
|
||||
LIBRARY_NAME Zlib
|
||||
NAMESPACE "sapi::zlib"
|
||||
|
|
|
@ -37,9 +37,6 @@ cc_binary(
|
|||
name = "zpipe",
|
||||
srcs = ["zpipe.c"],
|
||||
copts = sapi_platform_copts(),
|
||||
features = [
|
||||
"fully_static_link", # link libc statically
|
||||
],
|
||||
linkstatic = 1,
|
||||
features = ["fully_static_link"],
|
||||
deps = ["@net_zlib//:zlib"],
|
||||
)
|
||||
|
|
|
@ -24,7 +24,6 @@ target_link_libraries(sandbox2_zpipe_sandbox PRIVATE
|
|||
absl::memory
|
||||
sandbox2::bpf_helper
|
||||
sandbox2::comms
|
||||
# sandbox2::ipc
|
||||
sapi::runfiles
|
||||
sandbox2::sandbox2
|
||||
sapi::base
|
||||
|
@ -38,5 +37,6 @@ add_executable(sandbox2_zpipe
|
|||
set_target_properties(sandbox2_zpipe PROPERTIES OUTPUT_NAME zpipe)
|
||||
add_executable(sandbox2::zpipe ALIAS sandbox2_zpipe)
|
||||
target_link_libraries(sandbox2_zpipe PRIVATE
|
||||
-static
|
||||
ZLIB::ZLIB
|
||||
)
|
||||
|
|
|
@ -54,7 +54,7 @@ std::unique_ptr<sandbox2::Policy> GetPolicy() {
|
|||
// Allow write on STDOUT / STDERR.
|
||||
.AddPolicyOnSyscall(__NR_write,
|
||||
{ARG_32(0), JEQ32(1, ALLOW), JEQ32(2, ALLOW)})
|
||||
.AllowSyscall(__NR_fstat)
|
||||
.AllowStat()
|
||||
.AllowStaticStartup()
|
||||
.AllowSystemMalloc()
|
||||
.AllowExit()
|
||||
|
|
Loading…
Reference in New Issue
Block a user