StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity
1,284 Commits 1 Branch 3 Tags 144 MiB
0a0bf05dc3
Commit Graph

811 Commits

Author SHA1 Message Date
Christian Blichmann
1c7dfdac12 Bazel: Remove obsolete WORKSPACE dependencies 
PiperOrigin-RevId: 536368855
Change-Id: Ied2eb8bdaebb9d780691563198799ae240146d73
 2023-05-30 05:34:47 -07:00
Wiktor Garbacz
7ba0a794d1 Fix check for init process 
PiperOrigin-RevId: 532473530
Change-Id: Ia5f84073e372a63f70425d0fa68ac178019e80be
 2023-05-16 08:51:15 -07:00
Christian Blichmann
1bf9437f95 Add GitHub workflow to build Clang tool based header generator 
Drive-by:
- Add flags to link libgcc and libstdc++ statically into the binary, making it
  "mostly static"
PiperOrigin-RevId: 532349354
Change-Id: I0a86eb29b6a40aec4cec3cffeaf9511726ee4dc8
 2023-05-15 23:45:57 -07:00
Sandboxed API Team
70e3d9f560 ...remove deprecated SetWallTimeLimit variant. 
PiperOrigin-RevId: 531477563
Change-Id: I84ca9823ae5f7a0002049ac69b42527872a7ce66
 2023-05-12 05:22:52 -07:00
Christian Blichmann
b6cc0ce80d CMake: Make the path to the Clang tool configurable 
Set `SAPI_CLANG_TOOL_EXECUTABLE` to specify the location of a pre-built Clang
tool based header generator.

PiperOrigin-RevId: 531425738
Change-Id: I723d19122cc738d9906c8c568d156d44c58d9746
 2023-05-12 00:29:55 -07:00
Christian Blichmann
4925df5419 CMake: Add option to link the Clang libraries statically into the header generator 
Tested on Debian 10.13 with `LLVM-{11,12,13,14,15,16,17}` packages from https://apt.llvm.org/.

PiperOrigin-RevId: 531211601
Change-Id: I91babb5d85be2a22a4b17d757a5f626de6c03881
 2023-05-11 08:36:11 -07:00
Christian Blichmann
a078043f8e CMake: Increase minimum required LLVM version to 11 
LLVM 11 is now preseent in all major stable Linux distributions.

PiperOrigin-RevId: 531204137
Change-Id: I6f20aea425915023ea6113c17ff5a038a74aa919
 2023-05-11 08:04:59 -07:00
Christian Blichmann
bfa0186f72 CMake: Rename option to enable the Clang tool based header generator 
`SAPI_ENABLE_GENERATOR` => `SAPI_ENABLE_CLANG_TOOL`

This prepares further changes in this area.

PiperOrigin-RevId: 531201213
Change-Id: I56bd450e6ed2dd1dbbf45db2825a75c56d277037
 2023-05-11 07:52:50 -07:00
Wiktor Garbacz
9b307fc204 Remove leftover stack_trace sources from sandbox2 target 
PiperOrigin-RevId: 531168602
Change-Id: Ib9c0942e5ba9cf0d577f88a6091245ca02d5674e
 2023-05-11 04:59:29 -07:00
Wiktor Garbacz
5b12071ba0 Remove WaitForSanitizers from ptrace monitor & add to global forkserver 
This makes should ensure global forkserver will be single threaded before forking the sandboxees as it does not go through WaitAndFork.

Waiting for sanitizers is not needed in the monitor and should reduce latency
by 1 second for all sanitizer builds. Currently it'll always wait up to 1 seconds for the process to become single-threaded, which will never happen as monitor itself is running in a separate thread.

PiperOrigin-RevId: 530878018
Change-Id: Ie9f663848502f2738721861b0ba2dc6f3cc9f1c9
 2023-05-10 05:06:18 -07:00
Kevin Hamacher
fb1571c801 Automated rollback of commit f6fd27618b. 
PiperOrigin-RevId: 529395980
Change-Id: I6a5d451ed84f8d4a522777815c6cc2d7d7a8923c
 2023-05-04 06:53:48 -07:00
Christian Blichmann
7e9f6c3df3 Fix typo 
PiperOrigin-RevId: 529325261
Change-Id: Ia663900a55d51805e330d989ed0965dc4e8f9b17
 2023-05-04 00:46:53 -07:00
Oliver Kunz
9ab20c5411 Implements the ability to control who is allowed to enable unrestricted networking. 
PiperOrigin-RevId: 529309275
Change-Id: Icd88a4469b0c36af96638d44f9e909085c7120d5
 2023-05-03 23:29:34 -07:00
Sandboxed API Team
f6fd27618b Automated rollback of commit 8c53262539. 
PiperOrigin-RevId: 529101664
Change-Id: Ica452c6ee8f54b78be09fa830a09d6a89800cf44
 2023-05-03 08:45:11 -07:00
Kevin Hamacher
8c53262539 Allow forkserver to use waitpid as alternative to sa_nochldwait 
PiperOrigin-RevId: 529074278
Change-Id: If63015586673610e111ee589995e5264523be7a7
 2023-05-03 06:41:07 -07:00
Wiktor Garbacz
a5bad44fac Fix wrong pytype annotation 
PiperOrigin-RevId: 520972266
Change-Id: Ib5775e01bf3389e7d123480b3bb3b7a4f33a07b0
 2023-03-31 11:30:33 -07:00
Wiktor Garbacz
0caa3e740c Do not expose forkserver.h 
PiperOrigin-RevId: 520562657
Change-Id: I89fbe3012a5e63a50c46fd4f1e4ade8d36616c0b
 2023-03-30 00:49:44 -07:00
Wiktor Garbacz
5efae5cdf5 Do not exit from within ForkServer to get more precise coverage data 
PiperOrigin-RevId: 520273079
Change-Id: I3f37d9eacc2c284c45f37842e1e63364cf64faf2
 2023-03-29 02:22:16 -07:00
Wiktor Garbacz
a4d602298b Dump coverage prior to execveat 
PiperOrigin-RevId: 520002416
Change-Id: Ic792b0b71b8e7b2f00b669db9b6831acd8341c5c
 2023-03-28 05:50:43 -07:00
Wiktor Garbacz
1755ba08e1 Internal Code Change 
PiperOrigin-RevId: 519725866
Change-Id: Ibac005b875127ae68e28346fb78e74e789cff01e
 2023-03-27 08:14:10 -07:00
Sandboxed API Team
9f2ba9d6a1 Comms constructor for non abstract sockets 
Allows to create a Comms with unix domain sockets that are not abstract. This allows to use Comms to talk across network namespaces

PiperOrigin-RevId: 518854724
Change-Id: I4fd65466bba9512f448b73bde367f38a0fbb584d
 2023-03-23 07:34:32 -07:00
Sandboxed API Team
18894d57f9 Add a helper method to allow the eventfd* family of syscalls. 
PiperOrigin-RevId: 518565738
Change-Id: I2a3efe069ab1da65dd5f7cdcd3762637b7274b49
 2023-03-22 07:46:56 -07:00
Wiktor Garbacz
b50bc23138 Remove no longer needed friend declaration 
Drive-by dependencies cleanup

PiperOrigin-RevId: 518551045
Change-Id: I132dfc42945f500e8efec58a4d58d3bee4d1f191
 2023-03-22 06:27:21 -07:00
Wiktor Garbacz
8a38e4de47 Copy environ in sandbox2_test to get better coverage data 
PiperOrigin-RevId: 518544187
Change-Id: Id13a5503060817e1dead7ee4a5e310d322de3a5e
 2023-03-22 05:47:00 -07:00
Wiktor Garbacz
99931c2ad6 Move abort into ExecuteProcess and mark it noreturn 
PiperOrigin-RevId: 518528953
Change-Id: Ieaa03af484188bb35f9734d69d987eabbdcc23ab
 2023-03-22 04:07:10 -07:00
Sandboxed API Team
b62d103426 Internal change 
PiperOrigin-RevId: 518204712
Change-Id: Idcb8cc7b20198dcc0f3692aa0c89e9c620b9d65d
 2023-03-21 01:49:22 -07:00
Wiktor Garbacz
9867ce3beb Make SAPI_RAW_LOG(FATAL, ...) noreturn 
PiperOrigin-RevId: 517941912
Change-Id: I655aaf7101c566f8f01c1a5296539186701a10de
 2023-03-20 05:43:28 -07:00
Wiktor Garbacz
10b89d4d33 Add missing LOAD_SYSCALL_NR 
PiperOrigin-RevId: 516777043
Change-Id: Icccb8260c7e54299c5aa2ddfee4086232e2b8ffb
 2023-03-15 03:29:56 -07:00
Wiktor Garbacz
690b31a038 Fix the poll in wait_for_sandboxee branch 
PiperOrigin-RevId: 516544270
Change-Id: Ibb10611b9b7713ac6513199b6213c15d22772ea5
 2023-03-14 09:19:30 -07:00
Wiktor Garbacz
5a2bdd436d Fix poll in unotify monitor 
Fixes incorrect timeout calculation and increases the wakeup interval.
Also makes poll behave correctly in presence of signals.

PiperOrigin-RevId: 516514260
Change-Id: I035701e1bb351f9ad26157b59b13b4f300cc229a
 2023-03-14 07:04:18 -07:00
Wiktor Garbacz
cb63dfead5 Add tests for util.cc 
PiperOrigin-RevId: 516439597
Change-Id: I2ac88b6188738e47f0e0bdb04382a50aa5aa9366
 2023-03-14 00:04:14 -07:00
Wiktor Garbacz
10d44614fd Partial support for sandbox2::Notify in UnotifyMonitor 
PiperOrigin-RevId: 515562555
Change-Id: Ie73c34bc7e35942b307c458cfef80510e0b734c3
 2023-03-10 00:59:37 -08:00
Wiktor Garbacz
a31584ff49 Add explicit cast to fix build error 
PiperOrigin-RevId: 515263097
Change-Id: Ib5b6c28587be889b5e2ef8d013fa57cbb0d8ffd3
 2023-03-09 01:03:36 -08:00
Wiktor Garbacz
e031c11bdc Update naming and lambda capture for stack size 
PiperOrigin-RevId: 515254988
Change-Id: I394dc039bcfcbd2ccd7c705a91974f4183b28c39
 2023-03-09 00:14:39 -08:00
Wiktor Garbacz
0d3d5d4bcb Seccomp_unotify based monitor 
Unotify based monitor should bring big performance wins
if the sandboxee heavily uses threading or signals.
Some of the features are not supported in that mode:
- execveat is always allowed instead of just the initial one
- stack traces are not collected on normal exit or if the process is terminated by signal

PiperOrigin-RevId: 515040101
Change-Id: Ia5574d34b4ff7e91e3601edb8c9cb913e011fbf6
 2023-03-08 08:09:34 -08:00
Sandboxed API Team
80cc894c39 Allow sched_getaffinity with sanitizers 
PiperOrigin-RevId: 515024410
Change-Id: I7c48d701b0c3ecab41c3363f8cb46a1c8fa6d97e
 2023-03-08 06:51:19 -08:00
Wiktor Garbacz
e3b2d232b4 Add test for bpf disassembler 
Also always handle the new return values.

PiperOrigin-RevId: 514698931
Change-Id: Ib4ce06e4f17c438271a0452053d3b0bc368e9970
 2023-03-07 05:04:09 -08:00
Wiktor Garbacz
e46a526865 Add explicit casts to avoid build failures 
PiperOrigin-RevId: 514698583
Change-Id: I0ebf2c14a74330ead3a362a48d1776060ea70fbe
 2023-03-07 05:02:45 -08:00
Wiktor Garbacz
a8db8bfcf7 PTHREAD_STACK_MIN is not always a constexpr 
PiperOrigin-RevId: 514695823
Change-Id: Iecf16f0bd563d85f80b0697d14293ff2d3133aef
 2023-03-07 04:47:53 -08:00
Wiktor Garbacz
9f657e6a62 Consistently exclude examples from coverage runs 
PiperOrigin-RevId: 514443652
Change-Id: Ia020371928e94d8b9bd98a9318c5d884f96c9f86
 2023-03-06 10:03:12 -08:00
Christian Blichmann
17553b2206 syscall_trap: Add missing includes use C++ ones 
PiperOrigin-RevId: 514385399
Change-Id: Iceca365c862ce7ee03a61153eb1da2a9571a9719
 2023-03-06 07:11:24 -08:00
Wiktor Garbacz
526401166e Migrate namespaces related tests out of policybuilder_test 
PiperOrigin-RevId: 514325688
Change-Id: I9c581d14da3ac9fe5c3c0b43e156d8ad8d90c73f
 2023-03-06 07:08:49 -08:00
Wiktor Garbacz
64b52ff3b5 Fix stack_trace_test for ARM64 
When symbolize.cc is built with unwind tables function from the lib calling into symbolize.cc might be duplicated in stack trace (libunwind fallback to LR)

PiperOrigin-RevId: 514324815
Change-Id: I76ee4ccf5aaf388924714284d9896fa367f5f752
 2023-03-06 07:07:55 -08:00
Wiktor Garbacz
550b26587f Implement DangerDefaultAllowAll using DefaultAction(AllowAllSyscalls()) 
PiperOrigin-RevId: 513861597
Change-Id: I6e4038648a005bbe57ca33a4c0466f5af2184da8
 2023-03-03 10:26:32 -08:00
Wiktor Garbacz
e09c2bc215 Run more tests with coverage and sanitizers contd 
PiperOrigin-RevId: 513815467
Change-Id: I31d0df2c69b20eb126aaa8dde7f45fa7c0e1e6a8
 2023-03-03 06:51:06 -08:00
Wiktor Garbacz
6827dc0059 Remove superfluous set_rlimit_as(RLIM64_INFINITY) 
Address space limit is set to infinite by default.

PiperOrigin-RevId: 513755637
Change-Id: I42e79b21bc9b0f4b52e461994fef2ed104752957
 2023-03-03 01:14:31 -08:00
Wiktor Garbacz
cd945565f5 Run more tests with coverage and sanitizers 
Running with a permissive test policy should not interfere with sanitizers
or coverage.
Most tests should run with such a permissive policy.
The exception are tests which actually tests policy enforcement.

PiperOrigin-RevId: 513548936
Change-Id: I9a4c2cc8074997cff08cc22d15f4736219ce4d63
 2023-03-02 08:46:07 -08:00
Wiktor Garbacz
a613dda7f2 Test stack unwinding more thoroughly 
Check unwinding recursive calls.
Verify we can unwind in absence of unwind tables.

PiperOrigin-RevId: 513506498
Change-Id: Ib87240b7481dae3a4513c944e17a7924a54926e9
 2023-03-02 05:09:49 -08:00
Wiktor Garbacz
0033c4563f Remove unused UnwindResult.ip, reuse RunLibUnwindAndSymbolizer 
PiperOrigin-RevId: 513482530
Change-Id: I50b24619af77a245088d489052f41f370a4d720b
 2023-03-02 02:40:15 -08:00
Wiktor Garbacz
d74dac096a Rework stack_trace_test 
PiperOrigin-RevId: 513467290
Change-Id: Iab630412052fa5e7333514f3864ebdfb7f10e1ef
 2023-03-02 01:25:38 -08:00
Wiktor Garbacz
5a8a25e9ac Change the default action instead of appending ALLOW 
Also create a visibility restricted version of the function.

PiperOrigin-RevId: 513209752
Change-Id: I031fe62d5ccd81995536479b9af890ad111e336c
 2023-03-01 05:36:24 -08:00
Wiktor Garbacz
fbfbd13adf Add frame pointer unwinding fallback 
PiperOrigin-RevId: 513193320
Change-Id: I0ade55e0d1fae6d33794ccd064766a18f0c86cd6
 2023-03-01 03:55:15 -08:00
Juan Vazquez
e11109c9ee Internal change 
PiperOrigin-RevId: 512922245
Change-Id: Ibc6d769f2f6b15971b95878c8fdb8d4664fbf2df
 2023-02-28 07:01:07 -08:00
Juan Vazquez
6aa97f5394 Internal changes 
PiperOrigin-RevId: 512905076
Change-Id: I780e8d6bfcfc94da5e8744146e6c1de153c329f9
 2023-02-28 05:34:07 -08:00
Juan Vazquez
bd14f6818d Add field to track policy source location 
PiperOrigin-RevId: 512070278
Change-Id: I959a57e296d9b999c4ee3086bc814d7d55484722
 2023-02-24 07:55:23 -08:00
Wiktor Garbacz
e1246332d1 Rename and move CreateDirRecursive 
PiperOrigin-RevId: 510186053
Change-Id: I0e68cc8fff44780ab98f1d57f829ff900790eed5
 2023-02-16 10:44:01 -08:00
Wiktor Garbacz
6db17e7ab3 Use namespaced policy in most tests 
Drive-by some test cleanups.

PiperOrigin-RevId: 510134967
Change-Id: I40328a644690865c5cc0a0eb265222ebf7ff83e0
 2023-02-16 07:12:46 -08:00
Wiktor Garbacz
71692bb50b Decouple sandboxed stack tracing 
This allows to split monitor & stack_trace related targets.
Also move stack traces related functionality into MonitorBase.

PiperOrigin-RevId: 510112916
Change-Id: I60eabf9c9b3204dc369713edd8ae05fded306875
 2023-02-16 06:07:15 -08:00
Wiktor Garbacz
d2dbbbae76 Remove redundant tests 
UID/GID is checked in namespace test and open fds in santizier test

PiperOrigin-RevId: 510084559
Change-Id: I1aac4d30d44aa2390447f24d228afbb1c3b04e2b
 2023-02-16 02:28:52 -08:00
Wiktor Garbacz
3f53e81d0b Remove unused dependency 
PiperOrigin-RevId: 509890467
Change-Id: I0189fca5efa93a9e67f6f07eac44793cd17dcfc3
 2023-02-15 11:35:14 -08:00
Wiktor Garbacz
e4c0d91e69 Remove leftover debug log 
PiperOrigin-RevId: 509473001
Change-Id: I37e1ca609489ed9e2f3303efda3d955ad8408237
 2023-02-14 02:51:21 -08:00
Wiktor Garbacz
a5d12903dd Extract SandboxeeProcess and move it down the call chain 
PiperOrigin-RevId: 507718207
Change-Id: Ia1f6fc2f09abbde5311f8dc0f596aa605989140d
 2023-02-07 02:22:45 -08:00
Wiktor Garbacz
f289855867 Update IfThenChange after monitor split 
PiperOrigin-RevId: 506591092
Change-Id: Idf3c0d00e88c622a565fe056b2b12fca27c4b819
 2023-02-02 05:17:03 -08:00
Wiktor Garbacz
34b2f6bc90 Remove AllowUnsafeKeepCapabilities() 
PiperOrigin-RevId: 506586347
Change-Id: I859a1f695ffbcf3b982a26df425c6b4e03c62da1
 2023-02-02 04:47:02 -08:00
Wiktor Garbacz
8f24f2a4f0 Split PtraceMonitor into separate file 
PiperOrigin-RevId: 505660957
Change-Id: I6b8fcbb86c9fef294b6d19e2d1ec7120415f843b
 2023-01-30 05:09:20 -08:00
Wiktor Garbacz
97d67019d2 Split out policybuilder target 
PiperOrigin-RevId: 505053801
Change-Id: Ic0ea4aa2334394e310af6d3a11f961bd4866f9dc
 2023-01-27 01:24:51 -08:00
Wiktor Garbacz
4450c5513f Bazel: Do not expose regs.h 
PiperOrigin-RevId: 505047592
Change-Id: I207cf46c3f75d0a24cf753888e0cdba53d4193b0
 2023-01-27 00:43:38 -08:00
Wiktor Garbacz
f636cd86d6 Split PtraceMonitor out of Monitor 
This is a preparatory step to introduce a Sandbox2 mode that does not use ptrace.

PiperOrigin-RevId: 503919613
Change-Id: I446adecc66e697c592ad938627fbfdbea12516e1
 2023-01-23 01:42:28 -08:00
Sandboxed API Team
93ef7eb380 Explicitly close the output stream. 
PiperOrigin-RevId: 503904221
Change-Id: Iee1899d80190a314c9c83f0a69e5fac76494cd92
 2023-01-23 00:06:57 -08:00
Sandboxed API Team
8c107936da Internal BUILD changes 
PiperOrigin-RevId: 503417314
Change-Id: Ib368f5600ef39d2ee37fc8c71108d6d11f109328
 2023-01-20 05:14:47 -08:00
Sandboxed API Team
adb90a14a0 Internal BUILD changes 
PiperOrigin-RevId: 503412719
Change-Id: Idecf094c8c7c8956a9f000204c90ed83d6df599d
 2023-01-20 04:43:10 -08:00
Wiktor Garbacz
8bf9868ec3 Protobuf doesn't directly support heterogeneous lookup with absl::string_view 
If the platform does not have `std::string_view` (i.e. `absl::string_view` is not an alias of `std::string_view`) the lookup will cause build failure.

PiperOrigin-RevId: 503159858
Change-Id: Ide8229ae0219d1cb6f3b36aba26da8d53183bc4b
 2023-01-19 07:32:03 -08:00
Wiktor Garbacz
2f64d3d925 stack_trace: pass fd to sandboxee's memory instead of using process_vm_readv 
Libunwind sandbox no longer needs to join sandboxee's userns.
This cleans up a lot of special handling for the libunwind sandbox.

PiperOrigin-RevId: 503140778
Change-Id: I020ea3adda05ae6ff74137b668a5fa7509c138f8
 2023-01-19 05:44:50 -08:00
Wiktor Garbacz
f87b6feb18 stack_trace: do not add common libraries when not a custom fork-server 
Avoids duplicate entries warnings and tightens the namespace.
Drive-by: modernize the policy.
PiperOrigin-RevId: 503108939
Change-Id: If34d23dd83ca39682799dfb36bd0b9b9ceb19fdc
 2023-01-19 02:47:49 -08:00
Sandboxed API Team
bc6937ac82 Add logging of stack traces of all threads that were terminated by a signal or 
when the sandboxee did not exit normally.
Disabled by default, enabled with a flag.

PiperOrigin-RevId: 502807175
Change-Id: Icb5236cbfac0168a2d855c68967f7a1e8bd13fe3
 2023-01-18 01:45:01 -08:00
Wiktor Garbacz
58c3f80d57 Allow MADV_HUGEPAGE used by tcmalloc 
PiperOrigin-RevId: 501815420
Change-Id: I22d6408e4e6ca375823b7b9448547cc082fe5421
 2023-01-13 04:41:22 -08:00
Wiktor Garbacz
2ae5370cfb Full syscall info in Result::ToString 
PiperOrigin-RevId: 501522999
Change-Id: I90c63984c053a5e7deaf4b7619e70c360cc892bb
 2023-01-12 03:57:44 -08:00
Dmitri Gribenko
858c407521 Replace llvm::makeArrayRef with ArrayRef constructors. 
LLVM upstream is about to deprecate and remove llvm::makeArrayRef.

PiperOrigin-RevId: 501106516
Change-Id: Ice610c7e0190dc8608339de1b88b7a05e7771871
 2023-01-10 15:14:03 -08:00
Sandboxed API Team
f086c39f42 Update clients of PolicyBuilder to support architectures other than x86_64. 
PiperOrigin-RevId: 500181306
Change-Id: Ibf3e5e3ac6214394f2d9ab10cf30de6d8396988d
 2023-01-06 14:31:59 -08:00
Sandboxed API Team
1871b173c4 Add __NR_faccessat2 to the list of syscalls allowed by AllowAccess(). 
PiperOrigin-RevId: 500105471
Change-Id: Ic43c608a511617ba9ca8c2cba440cd709ae80a19
 2023-01-06 00:16:46 -08:00
Sandboxed API Team
756176f206 On new process, check for the clone3 syscall. 
PiperOrigin-RevId: 499918752
Change-Id: I7279e76593976c224a15be901834bf6225aebe85
 2023-01-05 10:02:09 -08:00
Sandboxed API Team
90ee0a7464 Update clients of PolicyBuilder to support architectures other than x86_64. 
PiperOrigin-RevId: 499424110
Change-Id: I6e7ed7436db84a65b1920f78dfc00cb2f9894b3c
 2023-01-04 01:44:20 -08:00
Wiktor Garbacz
00d42577d5 Use CLONE_VM for starting the global forkserver 
PiperOrigin-RevId: 499192311
Change-Id: I054385e9cab5e4987b0f34ab3b763244356405c2
 2023-01-03 05:36:40 -08:00
Wiktor Garbacz
2d52191c24 Define PR_SET_VMA* if undefined 
PiperOrigin-RevId: 497161397
Change-Id: I65fc11a7ccf34ffe225a03a0444275145fa43b4f
 2022-12-22 07:39:44 -08:00
Wiktor Garbacz
fc721da2b9 More precise sycall_defs 
PiperOrigin-RevId: 497137823
Change-Id: I374054659ce94e6b53819b999d9ed25df18b4ebd
 2022-12-22 05:00:48 -08:00
Wiktor Garbacz
89a8f35f0e Use new helpers in policy_test 
PiperOrigin-RevId: 496904765
Change-Id: Id2e4a901ed29c780542423608c55d01ef19eee9a
 2022-12-21 06:17:07 -08:00
Wiktor Garbacz
7625c3dd24 Use AllowDup helper in AddNetworkProxyPolicy 
PiperOrigin-RevId: 496898835
Change-Id: I76968c5c9b25a9e41865b3fad20463661195f581
 2022-12-21 05:36:28 -08:00
Sandboxed API Team
aff27f4559 Update PolicyBuilder to include wrappers for more syscall families that differ between platforms. 
New wrappers:

- `AllowEpollWait` (`epoll_wait`, `epoll_pwait`, `epoll_pwait2`)
- `AllowInotifyInit` (`inotify_init`, `inotify_init1`)
- `AllowSelect` (`select`, `pselect6`)
- `AllowDup` (`dup`, `dup2`, `dup3`)
- `AllowPipe` (`pipe`, `pipe2`)
- `AllowChmod` (`chmod`, `fchmod`, `fchmodat`)
- `AllowChown` (`chown`, `lchown`, `fchown`, `fchownat`)
- `AllowReadlink` (`readlink`, `readlinkat`)
- `AllowLink` (`link`, `linkat`)
- `AllowSymlink` (`symlink`, `symlinkat`)
- `AllowMkdir` (`mkdir`, `mkdirat`)
- `AllowUtime` (`utime`, `utimes`, `futimens`, `utimensat`)
- `AllowAlarm` (`alarm`, `setitimer`)
- `AllowGetPGIDs` (`getpgid`, `getpgrp`)
- `AllowPoll` (`poll`, `ppoll`)

Updated wrappers:

- `AllowOpen` now includes `creat`. `openat` already grants the ability to create files, and is the designated replacement for `creat` on newer platforms.
- `AllowStat` now includes `fstatfs` and `fstatfs64`. The comment already claimed that these syscalls were included; I believe they were omitted by accident.
- `AllowUnlink` now includes `rmdir`. `unlinkat` already grants the ability to remove empty directories, and is the designated replacement for `rmdir` on newer platforms.

PiperOrigin-RevId: 495045432
Change-Id: I41eccb74fda250b27586b6b7fe4c480332e48846
 2022-12-13 09:32:17 -08:00
Wiktor Garbacz
5b3450ac8d Internal change 
PiperOrigin-RevId: 494153465
Change-Id: Ice7f3e7b95f8de1348ccb281bbfa6fc7164b3353
 2022-12-09 06:14:19 -08:00
Wiktor Garbacz
ee58a410d9 Handle S2 unwinding by trapping ptrace 
PiperOrigin-RevId: 491893277
Change-Id: I427a2e485173c73fffead43e29511460c58c4f04
 2022-11-30 06:00:29 -08:00
Wiktor Garbacz
bd5769d40a Use SyscallTrap in NetworkProxy 
PiperOrigin-RevId: 491891500
Change-Id: I2e70dbc44aa264247c217ca88a4de1c0867383fd
 2022-11-30 05:47:44 -08:00
Wiktor Garbacz
5bf9b1aef0 Introduce SyscallTrap helper class 
PiperOrigin-RevId: 491887840
Change-Id: I5b189969da33e042a3ba38fe14025a758103f160
 2022-11-30 05:21:12 -08:00
Wiktor Garbacz
77c80b7213 unwind: Skip Mapping Symbols on ARM 
ARM documentation for Mapping Symbols:
https://developer.arm.com/documentation/dui0803/a/Accessing-and-managing-symbols-with-armlink/About-mapping-symbols

PiperOrigin-RevId: 491836684
Change-Id: I2e259e66f2253d80902aa763f2637f3f6fdea414
 2022-11-30 00:16:37 -08:00
Wiktor Garbacz
755f29b35e Correct unwinding stop condition 
On successful completion, `unw_step()` returns a positive value
  if the updated cursor refers to a valid stack frame,
  or `0` if the previous stack frame was the last frame in the
  chain. On error, the negative value of one of the error-codes
  below is returned.

PiperOrigin-RevId: 491588164
Change-Id: Ie361023ef69eed6c895856832a8208f2791f644d
 2022-11-29 03:24:31 -08:00
Christian Blichmann
92a8247777 Bazel: Add full support for virtual includes 
This change adds support for using the `includes`, `include_prefix` and
`strip_include_prefix` attributes of the `cc_library()` rule. Without it,
the libtooling based header generator will not be able to find all
necessary includes as it is much stricter than the current libclang based
one in that regard.

PiperOrigin-RevId: 491574088
Change-Id: Icb9f7d2719472ee1afa5df85b185c527a3c64994
 2022-11-29 02:17:48 -08:00
Wiktor Garbacz
e5971312eb Internal change 
PiperOrigin-RevId: 491554561
Change-Id: Ic83cb27aea18da4a86486faff5e868716d9eac90
 2022-11-29 00:48:47 -08:00
Sandboxed API Team
11b89c0317 Internal compatible_with change 
PiperOrigin-RevId: 491371995
Change-Id: I3f0430d6678992642557320a8fa3cf738a7c5fab
 2022-11-28 09:55:57 -08:00
Christian Blichmann
d31e691705 clang_generator: Implement limit_scan_depth feature 
PiperOrigin-RevId: 490517864
Change-Id: I93c5df370501f9af745b53791ae8ac2a18220ff9
 2022-11-23 09:09:50 -08:00
Christian Blichmann
e223ef4790 clang_generator: Skip Abseil internal functions 
PiperOrigin-RevId: 490513265
Change-Id: I7ddcdf612772167756039cb8f59b5b3aa60ed2ef
 2022-11-23 08:47:47 -08:00
Christian Blichmann
cded8655d3 clang_generator: Skip dependent types 
PiperOrigin-RevId: 490508865
Change-Id: Ic1d49a4abfde4cd02f08dd24c3f7a20058ef4965
 2022-11-23 08:32:19 -08:00