Commit Graph

55 Commits

Author SHA1 Message Date
Christian Blichmann
0750216bc1 Make stack trace test more resilient against optimizer
This fixes tests for PPC, where the tail-call optimization would consistently
remove 'violate()' from the stack trace.

PiperOrigin-RevId: 371103794
Change-Id: Ifb1a7d588a455041a6b0f3c763276ed44de47e60
2021-04-29 06:01:24 -07:00
Wiktor Garbacz
1be4d04f4e Avoid tail-call optimization in "violate" testcase
PiperOrigin-RevId: 364523883
Change-Id: I5e43534d7db37b4c16f18fc3326714664ab0ae00
2021-03-23 03:51:09 -07:00
Christian Blichmann
03bf9f72c0 Replace usage of deprecated functions within Sandboxed API
PiperOrigin-RevId: 363637782
Change-Id: I804d60fb3990f891416f06d36cb71b094daf3e37
2021-03-18 05:39:50 -07:00
Christian Blichmann
55a8373ec3 Avoid sanitizer macros use Abseil's where necessary
Using C++17 means we can get rid of many `#ifdef`s by using `if constexpr`.
This way, we ensure that both branches compile and still retain zero runtime
overhead.

Note that open source builds of Sandboxed API do not ship with sanitizer
configurations yet. This will be added in follow-up changes.

PiperOrigin-RevId: 354932160
Change-Id: I3678dffc47ea873919f0a8c01f3a7d999fc29a5b
2021-02-01 07:11:15 -08:00
Christian Blichmann
75bbd0e1c1 Internal change
Only externally visible changes should be a few changed includes as well as
some formatting changes.

PiperOrigin-RevId: 353226662
Change-Id: Iebf5be13774efcbd94c5d5a17b9b27e47275b229
2021-01-22 06:01:34 -08:00
Anton D. Kachalov
0e8d16e011 Enable shared libraries build and cross-compilation
This allows resource-constrained environments to benefit from the
space savings of dynamic linking. This is not meant to be used in
the general case.

PiperOrigin-RevId: 347398828
Change-Id: Ia634959148a31159878f48c44255dd733424a2b8
2020-12-14 09:16:14 -08:00
Wiktor Garbacz
742fafa433 Prefixed (unique) names for executables in cmake
PiperOrigin-RevId: 347335966
Change-Id: Ic8cc22b882fa489d37b636406a1a5fe51745d808
2020-12-14 01:13:31 -08:00
Christian Blichmann
eaff70b558 Use actual ptrace() arguments in example
The semantics of the example remain unchanged. This change is in preparation
for the new Clang based header generator, which will parse most files in C++
mode. `ptrace`'s first argument cannot me implicitly converted from `int` in
C++.

PiperOrigin-RevId: 343280691
Change-Id: Ibc5318b19a48f1dad441e7dcdc318dc5ea6837f6
2020-11-19 06:47:31 -08:00
Christian Blichmann
88c980218f Build fixes for recent Bazel versions
We need to add the `oss-internship-2020` and `examples/hello_sapi`
directories to `.bazelignore`, so that `bazel build ...` works on a clean
working copy. This is because the Bazel builds in these directories use their
own `WORKSPACE.bazel` and this does not nest well, leading to all kinds of
hard to debug errors.

PiperOrigin-RevId: 333728800
Change-Id: Ie2e68dd39bf6f8eb21af29d8ae3ae12971b408db
2020-09-25 07:25:31 -07:00
Wiktor Garbacz
f91f843f50 Use size_t/uintptr_t instead of uintptr_t or uint64_t where appropriate
PiperOrigin-RevId: 332449107
Change-Id: I623c320c7f31bb73b92799dfbeb9a1e8ce0cdb3b
2020-09-18 07:45:03 -07:00
Christian Blichmann
fdf0483ca0 Migrate to open-source absl::StatusOr<>
This removes our own fork of `absl::StatusOr<>`. Sandboxed API still includes
a custom matcher for Googletest, as that is not open source yet. For
compatibility, the `statusor.h` header is still retained and now aliases
`sapi::StatusOr<>` to `absl::StatusOr<>`.

PiperOrigin-RevId: 329916309
Change-Id: I0544b73a9e312dce499bc4128c28457e04ab9929
2020-09-03 07:40:48 -07:00
Sandboxed API Team
23da55c19a Internal BUILD refactoring
PiperOrigin-RevId: 329720214
Change-Id: I25fbb94dea17db3bdca6438d17508fa304d9706f
2020-09-03 07:40:33 -07:00
Sandboxed API Team
cfac8eb2d9 Internal cleanup migrating StatusOr.
PiperOrigin-RevId: 329250595
Change-Id: I0447d8154a57b1132981b116f02b4d5bceedfd4c
2020-08-31 00:13:54 -07:00
Christian Blichmann
b76cb15f26 Rename accessors, move away from time_t API
- `GetPid()` -> `pid()`
- `GetRpcChannel()` -> `rpc_channel()`
- `IsActive()` -> `is_active()`
- Suggest `SetWallTimeLimit(time_t)` -> `SetWallTimeLimit(absl::Duration)`

In addition, remove the protected zero-argument contructor.

PiperOrigin-RevId: 325390292
Change-Id: Iba044ad5ce44e78c4064c0a09faaa4227c4d19a5
2020-08-07 00:30:28 -07:00
Christian Blichmann
5f35b4fc8c Fix mix-up in main_zlib.cc
The example compresses from stdin to stdout, not vice versa.

PiperOrigin-RevId: 320941406
Change-Id: I41c7fed1b7f6306541567c0df46a8590844db69b
2020-07-13 06:12:35 -07:00
Christian Blichmann
c3861819bc Update Hello SAPI's WORKSPACE for newer Bazel versions
Bazel 3.x now requires specifying `commit`, `tag` or `branch` in its
`git_repository` rule.

PiperOrigin-RevId: 320572176
Change-Id: I81048d997f595202f4dfbd3c1e9c8321240a28a3
2020-07-10 02:50:00 -07:00
Christian Blichmann
726cabe2f7 Fix up generated header include paths
The "hello_sapi" example lives in a different WORKSPACE as it is intended to
show how to embed SAPI in your own projects. However, this is not compatible
with simply running `bazel build //sandboxed_api/...` after checkout.

This change simply replace `copts = ["-I."]` with `includes = ["."]`, so that
generated headers can be found reliably, regardless of how the example is
compiled.

PiperOrigin-RevId: 313782756
Change-Id: Iac26e828146b01545c81d9500f5f68fa0f2d4ddf
2020-05-29 08:13:58 -07:00
Copybara-Service
dd4e81bccb Merge pull request #39 from cblichmann:master
PiperOrigin-RevId: 311518877
Change-Id: Ib29354cb55ed6289d0aa303189c12222b9f92ea8
2020-05-14 06:17:42 -07:00
Christian Blichmann
2c8c9a489a
Add external embedding example
This change contains a "hello world"-style example library to be
sandboxed. It consists of a stand-alone CMake and Bazel project that
uses Sandboxed API as its dependency.

To use Sandboxed API in an external project, it should be enough to
copy the files in the `sandboxed_api/examples/hello_sapi` directory
as a starting point.
2020-05-14 11:40:02 +02:00
Christian Blichmann
d6b8e0b3e3 CMake: Fix inclusion and paths for external embedding
When using SAPI from an external project via CMake, the small zlib patch
cannot be found during the config phase.

This change also fixes an oversight in that the tests depend on some of
the example code.

Regardless embedding code should set `SAPI_ENABLE_EXAMPLES` to `OFF`.
Disabling tests by setting `SAPI_ENABLE_TESTS` to `OFF` stays optional.

PiperOrigin-RevId: 311290454
Change-Id: Ibe105895859b793b20f47c89b1a9e11cbfef2e2f
2020-05-13 02:09:33 -07:00
Christian Blichmann
aafc597630 Add zlib as dependency for examples
Similar to what the Bazel build does, this change adds zlib as an additional
dependency when `SAPI_ENABLE_EXAMPLES` is set to `ON`.

PiperOrigin-RevId: 309203959
Change-Id: I201a9e6415789afb1e058bc48cebbc0fc0004fe9
2020-04-30 04:57:33 -07:00
Christian Blichmann
496672c333 Cleanup calls to sapi::StatusOr<>::ValueOrDie()
PiperOrigin-RevId: 304398197
Change-Id: I85d09457a5e27f65c0792fe93aebbd8219801ef6
2020-04-02 07:42:45 -07:00
Christian Blichmann
f44cca6c98 Fix path to generated proto sources when embedding
When embedding SAPI in an external CMake project, the version of
`protobuf_generate_cpp` that we lifted from upstream protobuf produces
the wrong generated file paths.

For example, given this project structure:

```
/parent/
+-- myproject/
+-- myproject_build/  <- CMake build directory
+-- sandboxed-api/    <- Checkout from GitHub
```

And a CMake file in `myproject/CMakeLists.txt` that embeds SAPI like
this:

```
cmake_minimum_required(VERSION 3.12)
project(SandboxedTest LANGUAGES CXX)
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_CXX_STANDARD_REQUIRED ON)

add_subdirectory(
  ${PROJECT_SOURCE_DIR}/../sandboxed-api
  ${PROJECT_BINARY_DIR}/sandboxed-api
)
```

Then `protobuf_generate_cpp` correctly invokes the protoc compiler to
generate
`/parent/myproject_build/sandboxed-api/sandboxed_api/proto_arg.proto.pb.cc'.
However, the path of the generated source file that is passed to the C++
compiler will be
`/parent/myproject_build/sandboxed-api/sandboxed_api/../../myproject_build/sandboxed-api/sandboxed_api/proto_arg.pb.cc`.
Note the duplicated project build directory component in the
canonicalized version:
`/parent/myproject_build/myproject_build/sandboxed-api/sandboxed_api/proto_arg.pb.cc`.

This change simple omits the computation of any relative file paths and
simply uses `_pb_PROTOC_OUT_DIR` which defauls to
`CMAKE_CURRENT_BINARY_DIR`, which should always contain the correct
path.

Signed-off-by: Christian Blichmann <mail@blichmann.eu>
2020-03-18 18:47:02 +01:00
Christian Blichmann
f6c3db4c6e Replace sapi::Status with absl::Status
PiperOrigin-RevId: 297614681
Change-Id: I89fe1357a172ed4d28df6dd84b80fee364ce1c14
2020-02-27 09:24:12 -08:00
Christian Blichmann
5d81c822d8 Automated rollback of commit e56f562fe2.
PiperOrigin-RevId: 296178631
Change-Id: I0f871aeecd70e9d2f99c7d52d94c6043a1668325
2020-02-20 04:26:37 -08:00
Maciej Szawłowski
fc514451e0 Internal BUILD changes
PiperOrigin-RevId: 296174640
Change-Id: I94c8e36d76d6cbb2b9d65f35d8700018b62d3db1
2020-02-20 04:26:23 -08:00
Sandboxed API Team
e56f562fe2 Automated rollback of commit 4eede550e7.
PiperOrigin-RevId: 295946052
Change-Id: Ie8c23fe8eec99ab52245ae7f482f1e6b99ec010e
2020-02-19 05:19:15 -08:00
Christian Blichmann
4eede550e7 Prepare for upcoming changes in Abseil
- Move canonical errors into status.

PiperOrigin-RevId: 295941935
Change-Id: I9408d21b6d34239b0ef3f3cd24975f39f1405505
2020-02-19 04:43:29 -08:00
Christian Blichmann
d578b18c22 Modernize the transaction API
PiperOrigin-RevId: 295712938
Change-Id: Iaf4c9668bb0b48555679fef822fe424277540d1f
2020-02-18 05:27:38 -08:00
Christian Blichmann
441201884a Update license header with recommended best practices
PiperOrigin-RevId: 290250533
Change-Id: Ic34b253446463cf971a055b70a242df93a598ee3
2020-01-17 05:05:29 -08:00
Kevin Hamacher
3cbd871454 Allow sandboxee c-strings to be read as std::string
PiperOrigin-RevId: 281960106
Change-Id: I54256dda2b6b0374d0f2ce3f762370478b912683
2019-11-22 07:00:03 -08:00
Kevin Hamacher
a193cb4ed7 sandboxed_api: Expose strlen in the rpc channel
PiperOrigin-RevId: 281958333
Change-Id: If15d7d5b915fec3c5521ef53ee44c58d7482d1bc
2019-11-22 06:44:31 -08:00
Christian Blichmann
c6b8e301e4 This fixes broken _proto_cc_cc_proto build target suffixes.
These where inadvertently introduced in an internal cleanup change.

This change also removes a C++17-ism in var_proto.h. To make things easier for
downstream projects, we should stick to C++11 for the time being.

PiperOrigin-RevId: 271117700
Change-Id: I4eaacec88be16e1a561d3f77a61acce0a1af0b9d
2019-09-25 07:13:58 -07:00
Sandboxed API Team
ce46cb3fef internal BUILD file cleanup.
PiperOrigin-RevId: 270906748
Change-Id: I6a79c2f84a1d8a9fcb91061caa5f9e538fa83cba
2019-09-24 08:12:21 -07:00
Kevin Hamacher
51d1a0e8ba Rollback of an internal change
PiperOrigin-RevId: 270874732
Change-Id: I69538a0a37ba008a41220fe9d77b3e59f8d06610
2019-09-24 04:11:52 -07:00
Sandboxed API Team
6131774256 internal BUILD file cleanup
PiperOrigin-RevId: 270833113
Change-Id: Ie8b2ab2486b7ca224f37d5fc3a07674d15e1b458
2019-09-23 22:24:27 -07:00
Sandboxed API Team
b390354794 internal BUILD file cleanup
PiperOrigin-RevId: 270833110
Change-Id: Ifc075bd59cf9e25d0c4ecc165592906f05875ee8
2019-09-23 22:23:57 -07:00
Sandboxed API Team
ad2521a1e8 Internal cleanup
PiperOrigin-RevId: 270631972
Change-Id: Ifd8db261bd5380fd14357a283fb9fd67c7d25fa0
2019-09-23 02:31:54 -07:00
Christian Blichmann
0aa7183502 Refactor the tests and strings example a bit
PiperOrigin-RevId: 268865491
Change-Id: Ie16e5f17e2eb22e25821c34edf0068cb81bcc2fe
2019-09-13 02:28:42 -07:00
Wiktor Garbacz
2e22b13b39 Enable namespaces by default
PiperOrigin-RevId: 268417712
Change-Id: I496d76e8a90665627b9be2bb5f9872a5df1c84e4
2019-09-11 02:39:49 -07:00
Christian Blichmann
d91879f752 Ensure compatibility with CMake 3.10
This fixes some CMake-3.12+-isms, like `list(JOIN ...)` and setting link
properties on OBJECT libraries.

PiperOrigin-RevId: 265033725
Change-Id: I0ee1ec0e1b1097ea8226ad6fdeff794a97c2881b
2019-08-23 05:08:55 -07:00
Christian Blichmann
b7cbc36071 Follow-up to 3c51348 fixing linker issues with gflags and glog
The temporary solution for binaries/tests that fully statically linked is to
link against `gflags` using `-Wl,--whole-archive`. This will no longer be
necessary, once Abseil ships with logging. Then we can (finally) use Abseil
flags and use a logging library that does not depend on a different flags
library.

PiperOrigin-RevId: 260705702
Change-Id: I8562faaff59f9c3e0e1d331186d2806d387438fb
2019-07-30 06:48:38 -07:00
Christian Blichmann
3c51348aaf Enable CMake projects to consume Sandboxed API via add_subdirectory()
This change moves away from a classical superbuild which downloads and builds
at build time. Instead, we now follow a "Fetch Content" workflow (available as
FetchContent in CMake 3.11+) and download dependencies at config time.

Rationale: Superbuild projects have the disadvantage that projects cannot
directly access their individual declared targets. This is not a problem with
regular libraries, as those are usually/supposed to be installed. With
Sandboxed API, this is not desirable, as it has dependencies like Abseil and
glog, which are almost always consumed by including their source tree using
add_subdirectory().

Fixes #10 and makes external embedding easier.

PiperOrigin-RevId: 260129870
Change-Id: I70f295f29a6e4fc8c330512c94b01ef10c017166
2019-07-26 05:51:08 -07:00
Christian Blichmann
1b93745d00 Honor SAPI_ENABLE_TESTS in examples
PiperOrigin-RevId: 259927061
Change-Id: I7ae2156630c60e54ba0d9933d03816d750db31f3
2019-07-25 05:11:58 -07:00
Christian Blichmann
6d33c1f908 Add CMake options to exclude examples and tests from build
PiperOrigin-RevId: 258136393
Change-Id: Ifb2d7a24f93cd1d2782b4e4d6ac2c34a0d1c2bff
2019-07-15 04:42:58 -07:00
Christian Blichmann
b219661be0 Add basic CMake support for SAPI, build examples
* Implement add_sapi_library() similar to the Bazel rule
* Fix SuperBuild so that glog properly depends on gflags (needed for --logtostderr)
* Raise minimum required version of CMake to 3.10 (Ubuntu 18.04 LTS)
* Update sum sandbox policy to allow to get IDs and PIDs

PiperOrigin-RevId: 258124160
Change-Id: I64c2f8b27a3e842874adca9100bfce20a2b74f17
2019-07-15 02:53:43 -07:00
Christian Blichmann
ab35eb49af Make embedding the sandbox code the default
PiperOrigin-RevId: 257778382
Change-Id: Ib6dc472355092c08b905e42978efe7f47703c128
2019-07-12 04:07:11 -07:00
Christian Blichmann
6ca744b959 Fix old 'google' namespace in example
PiperOrigin-RevId: 254203473
Change-Id: I04401074585769f3692f320f5aa0dbbecb51ebcc
2019-06-20 08:37:56 -07:00
Christian Blichmann
9b78e331fa Use newer gflags namespace for command-line flags
PiperOrigin-RevId: 251639941
Change-Id: I3037ce9510a3bc62cf5c899c64f2e7d344a8b4ee
2019-06-05 07:39:38 -07:00
Christian Blichmann
ffd4e1270a Internal change
PiperOrigin-RevId: 251590551
Change-Id: Ic69f8f5f798006c0d096357b7a746cdc4ce530a3
2019-06-05 00:26:14 -07:00