Commit Graph

326 Commits

Author SHA1 Message Date
Anton D. Kachalov
0e8d16e011 Enable shared libraries build and cross-compilation
This allows resource-constrained environments to benefit from the
space savings of dynamic linking. This is not meant to be used in
the general case.

PiperOrigin-RevId: 347398828
Change-Id: Ia634959148a31159878f48c44255dd733424a2b8
2020-12-14 09:16:14 -08:00
Christian Blichmann
319493f5f0 Remove FsDescription proto
FS checks are an internal feature that has been deprecated for a while in
favor of user namespaces.

PiperOrigin-RevId: 347378761
Change-Id: I1d7956cecd6db47b2b96fdedaada0b2a36f9b112
2020-12-14 07:12:59 -08:00
Christian Blichmann
c3ac45be3e Reimplement raw logging to avoid Abseil internals
The defined raw logging macros should be compatible with Abseil and
we can remove our version once Abseil releases theirs.

PiperOrigin-RevId: 347354273
Change-Id: I178a89cfd2e19bcd707a06fa9dfd7b767e2b654b
2020-12-14 03:34:02 -08:00
Anton D. Kachalov
8bf410f0bb Add gmouse@ to authors.
PiperOrigin-RevId: 347336942
Change-Id: Iaa8aef0084882ced82fb1331841bb2aa21753004
2020-12-14 03:33:52 -08:00
Wiktor Garbacz
742fafa433 Prefixed (unique) names for executables in cmake
PiperOrigin-RevId: 347335966
Change-Id: Ic8cc22b882fa489d37b636406a1a5fe51745d808
2020-12-14 01:13:31 -08:00
Sandboxed API Team
13ff7a42da Avoid double insertion of interpreter value.
PiperOrigin-RevId: 346985006
Change-Id: Id18346702cee973e487cc608ccf2bd08f40a0da6
2020-12-11 06:11:43 -08:00
Christian Blichmann
2a9320dbac Update/simplify linker flags for testcases
- Bazel: Use "incompatible" flag to fix fully static linking. The flag will
  become the default in Bazel 4.0.
- Bazel: Deduplicate features into `FULLY_STATIC_FEATURES` variable
- CMake: Remove the testcase properties. `sapi::base` already sets
  `POSITION_INDEPENDENT_CODE`. Note that `-pie` is incompatible with `-static`
  and `-static-pie` requires GCC 8 and GLIBC 2.27.

PiperOrigin-RevId: 346952478
Change-Id: I7a317c90a3bec9691b13df1a00e3fddf4481df4d
2020-12-11 01:12:05 -08:00
Wiktor Garbacz
81a68382d8 Use file helpers in minielf_test
PiperOrigin-RevId: 346949861
Change-Id: Ib323a9ecd8fd8f268f09b028d13b220d3d8b60d1
2020-12-11 00:48:23 -08:00
Sandboxed API Team
d4d58361e9 Bump Abseil-cpp version to 2020-11-19.
PiperOrigin-RevId: 346793646
Change-Id: I5dc41ed78439d117f46b08f609459e761392e802
2020-12-10 08:52:22 -08:00
Wiktor Garbacz
6d98090962 Do not fail if forkserver is disabled by env when lib_ctor is used
PiperOrigin-RevId: 346743575
Change-Id: I948aad88120746e15535e3c5270581a31a0b3d29
2020-12-10 02:49:54 -08:00
Christian Blichmann
2869e3f598 Fix missing argument in call to open() in namespace test
Calling `open()` with `O_CREAT` requires 3 arguments.

PiperOrigin-RevId: 346739861
Change-Id: I38167e9184f4755e48307eaa674277069bd4ccf8
2020-12-10 02:19:21 -08:00
Sandboxed API Team
c7d8e83d60 Declare global forkserver start mode flag in header file so it can be overridden in code more easily.
PiperOrigin-RevId: 346588150
Change-Id: I1013b928a45bab164e7db28d49be8504353dc064
2020-12-09 10:53:41 -08:00
Christian Blichmann
7ce4b24cb5 Update OSS build transform to move .github to the right place
PiperOrigin-RevId: 346538768
Change-Id: I3b25d67d1646a9bbbe4a7feefbb124f0f0679d70
2020-12-09 06:37:13 -08:00
Christian Blichmann
a2fa269080 Add GitHub workflow for CMake build
PiperOrigin-RevId: 346521211
Change-Id: Idf60be85aa3983ad625bcef53b48e8d0b797ed4a
2020-12-09 04:14:37 -08:00
Sandboxed API Team
3323ddc129 Permit sandboxee's bpf() to fail
The default policy causes immediate termination of a sandboxee that
calls `bpf`(2).

This does not allow for try-call use of `bpf()` to test for optional
features.

To support such try-call use cases, sandboxes would like to say:

```
  sandbox2::PolicyBuilder builder;
  builder.BlockSyscallWithErrno(__NR_bpf, EPERM);
```

but this doesn't work because the default policy unconditionally treats
`bpf()` as a sandbox violation.

Remove the bpf violation check from the policy if `bpf()` is explicitly
blocked with an errno.

PiperOrigin-RevId: 345239389
Change-Id: I7fcfd3a938c610c8679edf8e1fa0238b32cc9db4
2020-12-02 08:38:32 -08:00
Wiktor Garbacz
da64459e3f Allow shutting down the global forkserver
PiperOrigin-RevId: 345198374
Change-Id: I3b5c49f6e5abb76d2b0a57078ffeb0609e0be008
2020-12-02 03:05:37 -08:00
Christian Blichmann
6587e571f1 Skip entries with zero inode when parsing /proc/PID/maps
This also skips all entries that point to deleted files.

PiperOrigin-RevId: 344244273
Change-Id: Ic47c6ab0dff4eaf4b4dea2779c45685922adc608
2020-11-25 06:46:39 -08:00
Wiktor Garbacz
5001778443 Use binary search in syscall defs
The lookup is not on the hot path and this removes the SYSCALLS_UNUSED macros.

PiperOrigin-RevId: 344240762
Change-Id: I324bd798945851ac0b92e257206525eab4ec36e5
2020-11-25 06:15:29 -08:00
Wiktor Garbacz
f6247aad9d Fix SyscallTable::get to return proper table
PiperOrigin-RevId: 344236195
Change-Id: Ie370c1a771f1896c98ea387c0a84231a433c9d8c
2020-11-25 05:37:18 -08:00
Kevin Hamacher
510b5079ed Internal Change
PiperOrigin-RevId: 343296855
Change-Id: I995fa76f306fca8524a187f7fd1cbc498a92a885
2020-11-19 08:37:41 -08:00
Christian Blichmann
eaff70b558 Use actual ptrace() arguments in example
The semantics of the example remain unchanged. This change is in preparation
for the new Clang based header generator, which will parse most files in C++
mode. `ptrace`'s first argument cannot me implicitly converted from `int` in
C++.

PiperOrigin-RevId: 343280691
Change-Id: Ibc5318b19a48f1dad441e7dcdc318dc5ea6837f6
2020-11-19 06:47:31 -08:00
Christian Blichmann
c2631d88ae Improve syscall argument printing for x86-64
Updates syscall arguments mostly according to this list and more recent kernel sources:
https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md#x86_64-64_bit

The list includes some more syscalls that were recently added.

Follow-up changes will do the same for x86-32, POWER and AArch64.

PiperOrigin-RevId: 341016698
Change-Id: If1771fd37a47b227ca8f572704a64190e4621a38
2020-11-06 02:55:13 -08:00
Wiktor Garbacz
5fb18d3c9d Add policy on both mmap & mmap2
PiperOrigin-RevId: 341007959
Change-Id: I3c2e74cc973d2603cf7b3a858fa8aabd05c41137
2020-11-06 01:30:18 -08:00
Wiktor Garbacz
f8a2729c32 Start global fork-server on demand
Allow disabling global fork-server with a flag.

PiperOrigin-RevId: 340860588
Change-Id: I184603dc3a81eb90f715053e14fb3b8d66a6f104
2020-11-05 08:48:03 -08:00
Christian Blichmann
c99076bf94 Replace std::unique_ptr<uint8_t[]> with vector
No need for the smart pointer indirection when an `std::vector` can also hold
the BPF policy.

PiperOrigin-RevId: 340809220
Change-Id: I8a63567e8042d9ff875cba739e8552db87b6901a
2020-11-05 02:03:46 -08:00
Christian Blichmann
7c30aebe2d Use Abseil hash maps instead of std::map<T>
PiperOrigin-RevId: 340807499
Change-Id: I2689bd1d32be45e3085dcc7a0ba4b8fedd7d53b0
2020-11-05 01:49:14 -08:00
Peter Lundblad
2955d20c9f Enable log forwarding from sandboxee if enabled by the supervisor.
If the sandboxer calls `IPC::EnableLogServer()` (and modifies the sandbox policy
accordingly), sandbox logs will be sent back to the sandboxer.

PiperOrigin-RevId: 340663308
Change-Id: I5e8d89314178dfd1b49fc25b8cd2dd02642be43a
2020-11-04 09:24:50 -08:00
Christian Blichmann
2acec65a58 Add an AllowAccess() convenience function to PolicyBuilder
Drive-by: Apply convenience functions in policies.
PiperOrigin-RevId: 340404977
Change-Id: I906106b61c1837d23ddaff15d8792ec79d3d3189
2020-11-03 02:21:21 -08:00
Christian Blichmann
728355da87 Emit non-type template args as part of forward decls
This change allows us to emit forward declarations to classes that are
templated. For headers generated by the proto compiler this is sometimes
necessary.

Note:
- This will only emit types for a single level of template instantiations.
  That is, template template arguments are not supported.
- Typedefs only occurring in template arguments will be fully desugared
  and thus will not be available under their aliased name in the generated
  API code. This is consistent with the Python based generator (which
  does not emit these at all and relies on text extraction).

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2020-10-28 16:48:04 +01:00
Sandboxed API Team
ea379ef4d6 Cleans up statusor.h includes.
PiperOrigin-RevId: 339050213
Change-Id: Iea5747f907b294503cdb37e1c25cf787c7e83dcf
2020-10-26 09:08:41 -07:00
Christian Blichmann
609a370634 Build fixes and parameter passing for the Clang header generator
PiperOrigin-RevId: 338994867
Change-Id: I40f03738ae38bac4bf217c24bd935d5d3572c1f2
2020-10-26 01:42:47 -07:00
Christian Blichmann
19a8e38a51 Support AArch64 and PPC64 in third party dependencies
PiperOrigin-RevId: 338992825
Change-Id: I2f77ea8379e55007a22ad0461efc98f41a01ad44
2020-10-26 01:22:23 -07:00
Maciej Szawłowski
28bb32add6 Allow empty sapi_embedded_dir flag in the header generator - empty sapi_embedded_name still disallowed
PiperOrigin-RevId: 338656398
Change-Id: Ib2ca3d63ff9bed654669d948286f73d430753a20
2020-10-23 05:36:01 -07:00
Christian Blichmann
040d76be28 Simplify libunwind build files
Sandbox2 and SAPI only use the `unwind-ptrace-wrapped` target.

PiperOrigin-RevId: 338450188
Change-Id: Iee7d7aeda244cad90dae8b5228316f506efc3deb
2020-10-22 05:03:15 -07:00
Sandboxed API Team
834d356bce Cleans up statusor.h includes.
PiperOrigin-RevId: 337370254
Change-Id: Ibcbc2921f96d32675720ddc7adb621dd53894dfa
2020-10-15 13:25:30 -07:00
Wiktor Garbacz
29e5d03201 Use string_view instead of char* in CStr ctor
PiperOrigin-RevId: 337045297
Change-Id: If97b405cc2bf1904456bf502fc7d027c7df2ac7a
2020-10-14 02:04:05 -07:00
Christian Blichmann
afa232cc17 Clang generator: Remember "seen" types when collecting related types
This change includes a small refactoring to remember which types the generator
has already seen during header generations. Otherwise we may loop indefinitely
on certain complex types. One such type is `std::FILE` in Clang's libc++.

PiperOrigin-RevId: 335589238
Change-Id: I5bbe03b6c7fc89c743163f5534075d7912ed4e58
2020-10-06 01:04:49 -07:00
Christian Blichmann
b74cf8839b Minor ForkClient improvements
- Use a `constexpr inline` string constant for the forkserver env var
- Add annotation for the comms channel mutex

PiperOrigin-RevId: 335395005
Change-Id: Ic058c19c3704f182aa7ed7b8e8964b2fc5082800
2020-10-05 05:10:16 -07:00
Wiktor Garbacz
83a08daff7 Change int64 to size_t in Buffer
PiperOrigin-RevId: 334802978
Change-Id: I7e421b1a6a98138139003cc4dc2a548ebe366e3e
2020-10-01 06:45:38 -07:00
Christian Blichmann
575f24f5df Internal change
PiperOrigin-RevId: 334569306
Change-Id: Ibf1b3a24b57b02ce1c5e6106e5331520dfdf7112
2020-10-01 06:45:25 -07:00
Maciej Szawłowski
d806e0df3b Deferred cursor.mangled_name access - on some versions of libclang this causes sigsegv when accessing certain cursor's mangled_name
PiperOrigin-RevId: 334360148
Change-Id: I27ef72b1938052d68b65f99d05d34dcb9f7433f8
2020-09-29 05:48:27 -07:00
Sandboxed API Team
376ca05c56 Allow sandboxes to specify custom notifiers.
PiperOrigin-RevId: 334154462
Change-Id: Ia62242913731ab017a9bf8733a77a647582af243
2020-09-28 07:38:30 -07:00
Christian Blichmann
88c980218f Build fixes for recent Bazel versions
We need to add the `oss-internship-2020` and `examples/hello_sapi`
directories to `.bazelignore`, so that `bazel build ...` works on a clean
working copy. This is because the Bazel builds in these directories use their
own `WORKSPACE.bazel` and this does not nest well, leading to all kinds of
hard to debug errors.

PiperOrigin-RevId: 333728800
Change-Id: Ie2e68dd39bf6f8eb21af29d8ae3ae12971b408db
2020-09-25 07:25:31 -07:00
Maciej Szawłowski
1b8e8aa757 Disallow empty sapi_embedded_dir flag in the header generator
Ignore cursors with types that are not implemented in python bindings

PiperOrigin-RevId: 333708345
Change-Id: I618a61c960247a9bdf89bc56dcac92e2d37b3220
2020-09-25 04:30:55 -07:00
Christian Blichmann
35f9268e23 Restructure the Clang based header generator
- Support multiple input files
- Better testability
- Support for the `--sapi_isystem` argument, same as the Python generator

PiperOrigin-RevId: 333686891
Change-Id: I3e618165c1bd58bb755e1193617fb0737c29ee77
2020-09-25 01:14:18 -07:00
Wiktor Garbacz
f91f843f50 Use size_t/uintptr_t instead of uintptr_t or uint64_t where appropriate
PiperOrigin-RevId: 332449107
Change-Id: I623c320c7f31bb73b92799dfbeb9a1e8ce0cdb3b
2020-09-18 07:45:03 -07:00
Wiktor Garbacz
c33f1fb03e Simplify casts
Drive-by: check for malloc failure in sapi:✌️:Array
PiperOrigin-RevId: 332446225
Change-Id: I375ea94845e04dffc3353d70737402daa66ae50a
2020-09-18 07:23:19 -07:00
Wiktor Garbacz
08a956a415 Use opaque void* instead of uint8_t* in Comms
PiperOrigin-RevId: 332441641
Change-Id: I09902e98726a0bd57b47d3454ddcb6ef05021d56
2020-09-18 06:48:57 -07:00
Wiktor Garbacz
9ffa5afba6 Remove unnecessary TLV struct
Drive-by: Zero-copy RecvString
PiperOrigin-RevId: 332412385
Change-Id: I169ffa78f016ec2d55c1a3677ea97beed095123c
2020-09-18 02:23:22 -07:00
Christian Blichmann
13c28403a6 Implement system include detection for CMake build
The Bazel build already queries the current toolchain for its system include
directories. This change brings feature parity and is necessary for systems
with unusual include locations.

PiperOrigin-RevId: 332195812
Change-Id: Ie81d614d21e90b4bd9edf2084ef80bf0d85dd750
2020-09-17 03:08:11 -07:00