Commit Graph

477 Commits

Author SHA1 Message Date
Sandboxed API Team
165c155a08 Delete deprecated sapi::Sandbox::GetComms and its remaining call sites.
PiperOrigin-RevId: 389716023
Change-Id: I092bc37f3f3bb40554b627f9dd528525b60d67a1
2021-08-09 13:49:45 -07:00
Sandboxed API Team
3f0875798d Delete deprecated sapi::Sandbox::GetPid and its remaining call sites.
PiperOrigin-RevId: 389713115
Change-Id: I1832e759016a581e10bf5bd8b5b70244b40ecd69
2021-08-09 13:36:15 -07:00
Wiktor Garbacz
0621e06a9c Allow recovering from global forkserver failure
PiperOrigin-RevId: 389164847
Change-Id: I40bc3b6d3bea28ee8954ea2a11a0427a6c05da35
2021-08-06 06:54:05 -07:00
Wiktor Garbacz
fe709502f4 Wait for global forkserver when shutting it down
Otherwise starting forkserver multiple times will result in zombie processes lingering around.

PiperOrigin-RevId: 388926497
Change-Id: Ia9947cce3d9e909edd709b0d3525e1ae8b8bbc51
2021-08-05 07:07:35 -07:00
Wiktor Garbacz
e88755256d Use FDCloser in Executor extensively
Also really own `exec_fd_` as previously if the executor is destructed without calling `StartSubProcess` the file descriptor would leak.

PiperOrigin-RevId: 388901766
Change-Id: I6bbb15ced37a0a832ec5a5228452a3d54ef46ee9
2021-08-05 04:16:11 -07:00
Wiktor Garbacz
80ad7bb2b0 Replace a CHECK with a warning
PiperOrigin-RevId: 388893117
Change-Id: I0b0ccf2045aea09d31ae1605b205aab456bd8550
2021-08-05 03:03:24 -07:00
Christian Blichmann
8b1dfd7343 Fix factory method sapi:✌️:Proto<>::FromMessage
This was missing a friend declaration in order to actually compile.
It's now being used in the "stringop" example, so we test it as well.

Drive-by:
- Do not copy the proto's bytes the constructor, but use `std::move`
PiperOrigin-RevId: 387774353
Change-Id: Ic8824af911ac744e2e68130e1f4673c4dddd4939
2021-07-30 03:55:17 -07:00
Christian Blichmann
fd20eb0b4d Reorder error logging before Terminate()
Calling `Terminate()` issues additional syscalls that may clobber the `errno`
value. Reordering the log statements ensures we actually log the initial error
in `read()`/`write()`.

PiperOrigin-RevId: 387576942
Change-Id: I0f9c8c6001e6dc4ca098abe02cd251029f92a737
2021-07-29 07:12:02 -07:00
Christian Blichmann
f14aeee0ad Internal change.
PiperOrigin-RevId: 387565158
Change-Id: I7b5293b614fae74abae1f9a347b0ef414028b8ea
2021-07-29 05:52:19 -07:00
Christian Blichmann
85c58dc2d7 Reduce logspam: Log Tomoyo LSM check only with VLOG
PiperOrigin-RevId: 387114844
Change-Id: Ib670799e3327fcc991ad012ccee20b96089c2f48
2021-07-27 08:32:10 -07:00
Christian Blichmann
ccd7b03026 Introduce sapi::OsErrorMessage() for error handling
This should make handling OS error less repetetive.

PiperOrigin-RevId: 387074642
Change-Id: I09b8c5e37e7f7b08341e22ba01ccda21a916a4bc
2021-07-27 04:10:04 -07:00
Paul Wankadia
bb6ae1d4ab Introduce AllowRestartableSequencesWithProcFiles() and tidy up.
1. In many cases, sandboxes need to allow /proc/stat and /proc/cpuinfo so that
get_nprocs(3) will work; otherwise, per-CPU logic can't determine how many CPUs
there are. Unfortunately, some of those sandboxes also disable namespaces. The
solution is to provide two functions: AllowRestartableSequencesWithProcFiles(),
which allows syscalls and files; and AllowRestartableSequences(), which allows
syscalls only. Sandboxes should usually call the former; sandboxes that disable
namespaces should instead call the latter and are responsible for allowing the
files via the deprecated Fs mechanism.

2. Make the mmap(2) policy evaluate prot AND flags, not prot OR flags.

3. Order the code and the comments identically for better readability.

PiperOrigin-RevId: 386414028
Change-Id: I016b1854ed1da9c9bcff7b351c5e0041093b8193
2021-07-23 02:23:22 -07:00
Christian Blichmann
9c21744460 Revert memfd file sealing for embeded files
Ideally, we'd seal the embedded SAPI binary using fcntl(). However, in rare
cases, adding the file seals `F_SEAL_SEAL | F_SEAL_SHRINK | F_SEAL_GROW |
F_SEAL_WRITE` results in `EBUSY` errors.

This is likely because of an interaction of `SEAL_WRITE` with pending writes
to the mapped memory region (see `memfd_wait_for_pins()` in Linux'
`mm/memfd.c`). Since `fsync()` is a no-op on memfds, it doesn't help to
ameliorate the problem.

On systems where it is enabled, ksmd might also be a source of pending writes.

PiperOrigin-RevId: 385741435
Change-Id: I21bd6a9039be4b6298774e837ce3628180ed91a8
2021-07-20 02:29:21 -07:00
Christian Blichmann
7b711b85e8 Rename static singleton accessor
PiperOrigin-RevId: 384699374
Change-Id: I674baffc77bc6b3815f94512058a14d37d164c6f
2021-07-14 08:00:59 -07:00
Wiktor Garbacz
34c7be759a Another round of file descriptor handling fixes
PiperOrigin-RevId: 384646707
Change-Id: Ia1b51a348bcb2a1426ba26a4ed045b0522168745
2021-07-14 01:33:34 -07:00
Christian Blichmann
5267d14248 Take a vector in Policy::AllowUnsafeKeepCapabilities()
The existing function signature took a `unique_ptr<>` owning a vector, and
took `nullptr` to mean an empty set of capabilities. This is more naturally
modeled by taking the vector directly and `std::move`-ing it.

PiperOrigin-RevId: 384214849
Change-Id: I177f04a06803ae00429b19a1f3f12e7be04d2908
2021-07-12 05:43:21 -07:00
Christian Blichmann
002cb9ae01 More efficient fork request handling and #Cleanup
- Assign to `*mutable_XXX()` instead of looping
- Use a const ref for capabilities

PiperOrigin-RevId: 384192675
Change-Id: I4db3d0c8ce0d7f6acc9fd486a2409962516b5fe7
2021-07-12 02:37:42 -07:00
Paul Wankadia
372b8e2696 Fix constant name in log message
PiperOrigin-RevId: 384187707
Change-Id: I3d322f6d00fa63fc7a2b33f8c7844c4291e4fef1
2021-07-12 01:56:42 -07:00
Christian Blichmann
a290ffc8bc Seal memfd in embed_file.cc
PiperOrigin-RevId: 383358851
Change-Id: I839a9b816f9c7f486908fbccdc3ecd621bd1c402
2021-07-07 00:58:57 -07:00
Wiktor Garbacz
424c543eb7 Automated rollback of commit 4a38f59728.
PiperOrigin-RevId: 381815277
Change-Id: I344c9bb1a505cc0a0dcf7e9ff979c172c484d963
2021-06-28 02:03:06 -07:00
Wiktor Garbacz
fe2ee5dfac Do not expose stack_trace.h in public API
PiperOrigin-RevId: 381412175
Change-Id: I30729c5af378c358e6400e4b7366d435518ae7d7
2021-06-25 00:03:54 -07:00
Wiktor Garbacz
fe08d724e4 Simplify the dup fix and add better error handling
Original fix might fail if RLIMIT_NOFILE is set to 1024.

PiperOrigin-RevId: 381034115
Change-Id: I39e33a90083533cf85eb04072604665c299b861f
2021-06-23 08:14:01 -07:00
Sandboxed API Team
4a38f59728 Automated rollback of commit a850aa44d2.
PiperOrigin-RevId: 380897565
Change-Id: Iacc50697a5ff25b79272a1549291bbf32152d3f6
2021-06-22 14:50:33 -07:00
Wiktor Garbacz
0ec4f07f96 Fix rare failure while starting the global forkserver
This bug only manifests if a lot of fds are open when global forkserver is started.
If the allocated exec_fd number was equal Comms::kSandbox2ClientCommsFD then it would be replaced by the comms fd and result in EACCESS at execveat.

PiperOrigin-RevId: 380805414
Change-Id: I31427fa929abfc60890477b55790cc14c749f7f5
2021-06-22 07:48:58 -07:00
Wiktor Garbacz
a850aa44d2 Better error handling in stacktraces
PiperOrigin-RevId: 380789060
Change-Id: I655428fd45bf305f787b75cc925d31c6ab60c074
2021-06-22 05:52:15 -07:00
Wiktor Garbacz
e5cfce71a3 Add new x86-64 syscalls
PiperOrigin-RevId: 377460610
Change-Id: I06833ca7fcc88447ed482e9e6914b9113781a114
2021-06-04 01:01:34 -07:00
Wiktor Garbacz
e87a052e61 Fix restarting global forkserver
PiperOrigin-RevId: 376643949
Change-Id: I5811e8b8a9f5e74cab21d021c8e83b2a4b91818a
2021-05-31 02:19:28 -07:00
Sandboxed API Team
aa568597b0 Add rt_sigprocmask to AllowLogForwarding
PiperOrigin-RevId: 376142747
Change-Id: I6470a6eea8a4e85b0921de6dc332097a6c9440a4
2021-05-27 04:40:28 -07:00
Christian Blichmann
d73f80cfa5 Enable AArch64 syscalls in examples
PiperOrigin-RevId: 375923215
Change-Id: I9523a074579975379b1a9d4644497268781499e1
2021-05-26 05:47:37 -07:00
Sandboxed API Team
f159359f65 Automated rollback of commit 5bb161b0db.
PiperOrigin-RevId: 375047066
Change-Id: I09ce8aafa92337c79a61f0f757ec66be2b2cefdc
2021-05-21 02:59:34 -07:00
Sandboxed API Team
5bb161b0db Automated rollback of commit e97ecfb955.
PiperOrigin-RevId: 375044368
Change-Id: Ib8bcf5d67e70fb37ef330c1433056343674a9f14
2021-05-21 02:38:05 -07:00
Christian Blichmann
e97ecfb955 Internal change
PiperOrigin-RevId: 375038366
Change-Id: I9180c2dc544d5ba12a73a67f5613e0c44e962505
2021-05-21 01:44:47 -07:00
Christian Blichmann
ab469deac3 Internal change
PiperOrigin-RevId: 374874118
Change-Id: Id669e3f099e058ada3effa62f9569daaf5b36f63
2021-05-20 08:17:10 -07:00
Wiktor Garbacz
78d749380b Fix a data race in Comms
PiperOrigin-RevId: 374397564
Change-Id: I630a7587242b7b25364aa66158d86d53aff5c343
2021-05-18 05:48:54 -07:00
Wiktor Garbacz
a986278550 Raw logging should not allocate memory
PiperOrigin-RevId: 374396461
Change-Id: I709103c7834d4803a26a0b292f342a3d629d332c
2021-05-18 05:37:38 -07:00
Christian Blichmann
2d3a040f64 Minor cleanup/formatting changes
PiperOrigin-RevId: 374164136
Change-Id: I505cbc3ac9f899ed965cde66aaae1aba55a90c64
2021-05-17 04:07:08 -07:00
Christian Blichmann
ca6ec4337d Add workaround for active Tomoyo LSM
Recenly, Debian based distribution kernels started activating the Tomoyo Linux
Security Module by default. Even if it is not used, this changes the behavior
of `/dev/fd` (pointing to `/proc/self/fd` by default), which Sandbox2 needs during
`execveat()`.

As a result, Sandbox2 and Sandboxed API always fail without one of the following
conditions
- `/proc` mounted within the sandboxee
- `/dev` mounted
- `/dev/fd` symlinked to `/proc/self/fd` in the sandboxee's mount namespace

Some code pointers to upstream Linux 5.12.2:
- https://elixir.bootlin.com/linux/v5.12.2/source/fs/exec.c#L1775
- https://elixir.bootlin.com/linux/v5.12.2/source/security/tomoyo/tomoyo.c#L107
- https://elixir.bootlin.com/linux/v5.12.2/source/security/tomoyo/domain.c#L729

To find out whether your system has Tomoyo enabled, use this command, similar to
what this change does in code:

```
$ cat /sys/kernel/security/lsm | grep tomoyo && echo "Tomoyo active"
capability,yama,apparmor,tomoyo
Tomoyo active
```

The config setting `CONFIG_DEFAULT_SECURITY` controls which LSMs are built into
the kernel by default.

PiperOrigin-RevId: 372919524
Change-Id: I2181819c04f15f57d96c44ea9977d0def4a1b623
2021-05-10 07:04:04 -07:00
Christian Blichmann
5c7903ecd9 Check for either violate() or ViolateIndirect() in stack trace
Depending on architecture and optimization level, the compiler may choose to
not generate full stack frames, even with no-inline and no tail-call
attributes.

PiperOrigin-RevId: 372339987
Change-Id: I42043131bbb6092ff234e80ae9047f7a2bf31161
2021-05-06 07:36:13 -07:00
Christian Blichmann
0750216bc1 Make stack trace test more resilient against optimizer
This fixes tests for PPC, where the tail-call optimization would consistently
remove 'violate()' from the stack trace.

PiperOrigin-RevId: 371103794
Change-Id: Ifb1a7d588a455041a6b0f3c763276ed44de47e60
2021-04-29 06:01:24 -07:00
Christian Blichmann
00a7cc5a33 Use sapi::file::GetContents() and light Mini-ELF refactoring
Plus some style fixes.

PiperOrigin-RevId: 370901533
Change-Id: If4f9d7c3157fdfc2ca4302b06cd95e96e7a8ebdd
2021-04-28 07:49:17 -07:00
Christian Blichmann
08e1e733a0 Update third-party dependencies
Also include-what-you-use the `signal.h` header.

PiperOrigin-RevId: 370433834
Change-Id: I934fe6fbf65091e365127db0fc4544499720841c
2021-04-26 05:00:30 -07:00
Christian Blichmann
ab7943abdc Simplify ptrace emulation and code style fixes
PiperOrigin-RevId: 369862187
Change-Id: Ia0759c320cde1c9e3798f0df5c2a0d50ca20fd71
2021-04-22 06:56:45 -07:00
Wiktor Garbacz
d9824dff16 Use absl::Span in BPF disassembler
PiperOrigin-RevId: 369636095
Change-Id: I13a8ae08ba354e54c502e0f6cdd35287fdfbb723
2021-04-21 05:33:12 -07:00
Catalin Patulea
4344bbceba Add optional VLOG(1) for additional process info on Syscall Violation.
PiperOrigin-RevId: 368900451
Change-Id: I331d0e239e2f3176c435bd42012d155d60d0b1ac
2021-04-16 12:43:08 -07:00
Christian Blichmann
be6c878b01 Internal change touching the generator rules
PiperOrigin-RevId: 368802693
Change-Id: Ia0102d1a92a49b807d4432ee3d0a6a02f528ef00
2021-04-16 01:38:08 -07:00
Catalin Patulea
d5bd1cb38f Pretty-print ptrace event name on WIFSTOPPED.
PiperOrigin-RevId: 368688417
Change-Id: I4368268f1b05148213010768a6d4eaa87211ea45
2021-04-15 12:02:11 -07:00
Wiktor Garbacz
c15b5cb123 Log more info for seccomp setup failure
PiperOrigin-RevId: 368618345
Change-Id: Ia1559ece8f83cf27623adab4baa141cd8cfdf143
2021-04-15 05:09:38 -07:00
Wiktor Garbacz
6a679a407d Automated rollback of commit 54ac8f86fc.
PiperOrigin-RevId: 368616441
Change-Id: I6ff53b730b44b5f08986be62b32fda13932ec19a
2021-04-15 04:54:14 -07:00
Wiktor Garbacz
54ac8f86fc Automated rollback of commit 2ff96ba0e7.
PiperOrigin-RevId: 368597960
Change-Id: Ifa6c8a57fbd7761fb5e121b589a49ad67333e7cd
2021-04-15 02:17:50 -07:00
Wiktor Garbacz
2ff96ba0e7 Add missing TSAN syscalls
PiperOrigin-RevId: 368427218
Change-Id: I73cd330028b805d8a86712936fb0c5103ce9914a
2021-04-14 07:39:13 -07:00
Wiktor Garbacz
bc6bb0c7e5 Fix Mounts::ResolvePath for dir nodes.
PiperOrigin-RevId: 368390904
Change-Id: I4f59e8d74b0d81497255cb0838d6d3132cae160b
2021-04-14 02:45:41 -07:00
Martijn Vels
2efaa463c9 Implement enabling RSEQ inside AllowTcMalloc in terms of AllowRestartableSequences()
PiperOrigin-RevId: 368208391
Change-Id: Ie1204cb3a0824ebe54b770e2669ae31f7932ed51
2021-04-13 07:14:55 -07:00
Christian Blichmann
5eb412ac32 Internal change
PiperOrigin-RevId: 368172152
Change-Id: Ie1479862473bfef7f08d555109a577d47bfbabc7
2021-04-13 01:58:11 -07:00
Wiktor Garbacz
00649577d9 Fix Reg<long double> for MSAN
On x86 `long double` has 10 bytes of meaningful data, but `sizeof(long double)` is 16 - the remaining bytes are random garbage.

Roll forward after fixing a bug in the original commit.

PiperOrigin-RevId: 368170639
Change-Id: I4a1d2d95b92eed6b71c37145726f7320cfc00ba0
2021-04-13 01:44:01 -07:00
Sandboxed API Team
141fe911f5 Automated rollback of commit 16880d4e3c.
PiperOrigin-RevId: 367459654
Change-Id: I93e13da18cb322c13f7c3e3a3ca4e301ccc49fdd
2021-04-08 10:38:01 -07:00
Wiktor Garbacz
16880d4e3c Fix Reg<long double> for MSAN
On x86 `long double` has 10 bytes of meaningful data, but `sizeof(long double)` is 16 - the remaining bytes are random garbage.

PiperOrigin-RevId: 367423349
Change-Id: I769b3444ce4fa60f941ccd2115b0b09ccc809f13
2021-04-08 07:10:37 -07:00
Christian Blichmann
17f561f221 Use explicit conversion to std::string for look up in Protobuf maps
This is needed for some compiler versions where `absl::string_view` == `std::string_view`.

PiperOrigin-RevId: 367392064
Change-Id: Id91d23510501df4745f386475ef9049d94062e1b
2021-04-08 02:51:29 -07:00
Christian Blichmann
55049983c4
Add more compiler variants to GitHub Actions
This changes the workflow definition so that we always try to install
compiler toolchains that we need.

See https://github.com/actions/virtual-environments/issues/2950 for more
context.

Drive-by:
- Mini fix to enable compilation under Clang 6.0

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2021-04-07 15:23:23 +02:00
Wiktor Garbacz
bc9d7a8db6 Properly handle unsigned-by-default char types
PiperOrigin-RevId: 364774936
Change-Id: I2e411555d98cad128945949ea3eedb045af0421d
2021-03-24 04:48:16 -07:00
Wiktor Garbacz
1be4d04f4e Avoid tail-call optimization in "violate" testcase
PiperOrigin-RevId: 364523883
Change-Id: I5e43534d7db37b4c16f18fc3326714664ab0ae00
2021-03-23 03:51:09 -07:00
Wiktor Garbacz
df840ae38f Fix order-dependent test.
PiperOrigin-RevId: 363639702
Change-Id: I39f7ca1b4a2c65fe027bcc6ed71b10c2dcf46ca0
2021-03-18 05:56:40 -07:00
Christian Blichmann
03bf9f72c0 Replace usage of deprecated functions within Sandboxed API
PiperOrigin-RevId: 363637782
Change-Id: I804d60fb3990f891416f06d36cb71b094daf3e37
2021-03-18 05:39:50 -07:00
Martijn Vels
753eacd314 Reduce requirements for restartable sequences
PiperOrigin-RevId: 361780465
Change-Id: I299bc55c94d60575e16f0ea6b5f82b8b793af1cb
2021-03-09 04:33:29 -08:00
Martijn Vels
b30d56e871 Add policy helper to allow restartable sequences
PiperOrigin-RevId: 360266444
Change-Id: I0a3d2d071972bf7d6e7114a428c6954ed4bcef5c
2021-03-01 13:39:42 -08:00
Wiktor Garbacz
9979faf752 Internal change
PiperOrigin-RevId: 359245243
Change-Id: I1acea38c070e4533a0860152c66f8dbcf8c6fb7a
2021-02-24 03:06:55 -08:00
Sandboxed API Team
508c7066a6 asan uses mmap() internally, so allow mmap() calls in asan builds
PiperOrigin-RevId: 358802336
Change-Id: I26fa891cc9fffcfd32f6b18a63b39d6f2282ff7d
2021-02-22 06:02:35 -08:00
Wiktor Garbacz
298271f0a7 Deprecate IPC::comms()
PiperOrigin-RevId: 358380648
Change-Id: Iaf8f7dc0890be0e7e910649c6f519504f6b0a1a5
2021-02-19 04:43:14 -08:00
Wiktor Garbacz
3d0fa1f891 Replace GetNode with ResolvePath in Mounts
Now unwinding will properly handle binaries inside bind-mounted directories.

Drive-by:
 - Get rid of n^2 path handling
 - Get rid of namespace alias
PiperOrigin-RevId: 358353666
Change-Id: Ieec7690ec6a1ae6d358de375220566b69e8cb094
2021-02-19 00:43:34 -08:00
Sandboxed API Team
ec64f47bba Adds IsRetryable() method to Result class, currently just returns false.
Also fixes signature of `stack_trace()` method.

PiperOrigin-RevId: 356992845
Change-Id: I627caa9861cf7c0eb3496154504f0d948c789fb9
2021-02-11 09:34:23 -08:00
Christian Blichmann
42f540bc7e Be more strict about target_link_libraries()
Bazel readily enforces header visiblity for each target, CMake is more lenient.

PiperOrigin-RevId: 355407845
Change-Id: Ic59fa2162db8456d4c5cf4205c0fe42cc79874a9
2021-02-03 09:01:31 -08:00
Sandboxed API Team
637dc471ac Avoid buffer overflows when the sandboxee shrinks a shared buffer.
PiperOrigin-RevId: 355336078
Change-Id: I36aa106b3044cbc20b30718a12bd35d147c339c6
2021-02-02 23:59:12 -08:00
Wiktor Garbacz
0bbcb495ee Remove unneeded Executor ctors
absl::Span<const T> has an implicit ctor from container types.
PiperOrigin-RevId: 355155858
Change-Id: I70aea6b276b5e51f7682cba45bb2d4514cb1bc90
2021-02-02 06:55:30 -08:00
Wiktor Garbacz
8cc018a242 Internal change
PiperOrigin-RevId: 355126142
Change-Id: Iba8e54095e94f55811a92243d8af85d893418909
2021-02-02 02:41:13 -08:00
Christian Blichmann
1840083919 Avoid complex designated initializer, initialize internal struct padding
The former is to fix compilation on GCC 7, the latter to satisfy MSAN.

PiperOrigin-RevId: 355114355
Change-Id: I5c89a65df16fe9338bcfa24b2e48c246d240ce62
2021-02-02 00:56:58 -08:00
Christian Blichmann
55a8373ec3 Avoid sanitizer macros use Abseil's where necessary
Using C++17 means we can get rid of many `#ifdef`s by using `if constexpr`.
This way, we ensure that both branches compile and still retain zero runtime
overhead.

Note that open source builds of Sandboxed API do not ship with sanitizer
configurations yet. This will be added in follow-up changes.

PiperOrigin-RevId: 354932160
Change-Id: I3678dffc47ea873919f0a8c01f3a7d999fc29a5b
2021-02-01 07:11:15 -08:00
Sandboxed API Team
6dcef3d5c9 Integrate LLVM at llvm/llvm-project@1c762a81d2
Updates LLVM usage to match
[1c762a81d20f](https://github.com/llvm/llvm-project/commit/1c762a81d20f)

PiperOrigin-RevId: 354567452
Change-Id: I29758805e7e2030d014bbc0007f5c548f119246f
2021-01-29 11:02:56 -08:00
Wiktor Garbacz
552a510777 Fix overload for Executor ctor calls with brace-initializers
PiperOrigin-RevId: 354319778
Change-Id: I7b47ef2de734683f9168ef80f8b29357532d51ff
2021-01-28 08:43:22 -08:00
Wiktor Garbacz
ec870c3d15 Simplify Executor ctor hierarchy
Also accept `absl::string_view` and `absl::Span<const std::string>` arguments.

Drive-by:
 - Move using declaration into namespace
PiperOrigin-RevId: 354271016
Change-Id: Iadd873377e51cac7fa3800aab1f9e85ff94bd4e9
2021-01-28 02:20:37 -08:00
Christian Blichmann
a617f4e8f0 Improvements to limits.h header
- Directly initialize member fields
- Reword comments

PiperOrigin-RevId: 354093192
Change-Id: I19852c3f2bd1b05ed280102b0bed1ea62d8c4adc
2021-01-27 08:05:25 -08:00
Christian Blichmann
6f33cef716 Allow FUTEX_WAKE for recent libc allocators
PiperOrigin-RevId: 353827808
Change-Id: I6d1509016297fd16bec0ae6ea263896a1af9dc37
2021-01-26 02:32:26 -08:00
Christian Blichmann
1459cc612e Cleanup, fix OSS Bazel build
Bazel 4.0.0 is less lenient in handling escape sequences.

PiperOrigin-RevId: 353827443
Change-Id: I972841464449ed2262a0ef486343ae1ed444ad3c
2021-01-26 02:29:08 -08:00
Wiktor Garbacz
b98bed9860 Internal change
PiperOrigin-RevId: 353233756
Change-Id: Ib658a3602097dc0288af592e21db373eb12e2077
2021-01-22 07:00:05 -08:00
Christian Blichmann
75bbd0e1c1 Internal change
Only externally visible changes should be a few changed includes as well as
some formatting changes.

PiperOrigin-RevId: 353226662
Change-Id: Iebf5be13774efcbd94c5d5a17b9b27e47275b229
2021-01-22 06:01:34 -08:00
Christian Blichmann
19fd11b91e Move GetInternalDataDependencyFilePath() into internal namespace
Implements #79

PiperOrigin-RevId: 351778836
Change-Id: I726837d8e75880bf5ddfb1a327249dd666adec53
2021-01-14 05:11:22 -08:00
Christian Blichmann
dbaf95c724 Move utility code into sandboxed_api/util
This change should make it less confusing where utility code comes from.
Having it in two places made sense when we were debating whether to publish
Sandbox2 separately, but not any longer.

Follow-up changes will move `sandbox2/util.h` and rename the remaining
`sandbox2/util` folder.

PiperOrigin-RevId: 351601640
Change-Id: I6256845261f610e590c25e2c59851cc51da2d778
2021-01-13 09:25:52 -08:00
Sandboxed API Team
b61b2a37b7 Add IsStarted() method to GlobalForkClient.
PiperOrigin-RevId: 351170872
Change-Id: I5544eb27962606a562ce79b97d508f841ec0dc56
2021-01-11 09:34:13 -08:00
Sandboxed API Team
3d737e3830 Automated rollback of commit 7440916b80.
PiperOrigin-RevId: 351144593
Change-Id: Ic1401e16dcf2b6b009a9f53395929e31a68cfa77
2021-01-11 06:58:30 -08:00
Maciej Szawłowski
7440916b80 Internal tests tweak.
PiperOrigin-RevId: 351138044
Change-Id: I98e27ca5f0ea456a906c5382aa22135f21c8a1d9
2021-01-11 06:07:45 -08:00
Wiktor Garbacz
451c24c1c4 Fix fd leak
Support swapping and move assignment in FDCloser

PiperOrigin-RevId: 351119550
Change-Id: I9865d2fcad029a440cab60328b8731f8e1dc340f
2021-01-11 03:33:27 -08:00
Wiktor Garbacz
6dd0a52561 Use unique var name in SAPI_RETURN_IF_ERROR to avoid name clashes
PiperOrigin-RevId: 350724380
Change-Id: I07c11b1897043df188bbef7934b5a41185a82a79
2021-01-08 02:09:40 -08:00
Copybara-Service
918a409126 Merge pull request #78 from cblichmann:gen2-clang-path
PiperOrigin-RevId: 350524271
Change-Id: I46080c86c8e03f13a7468a73d752e968d5e9b56d
2021-01-07 03:19:55 -08:00
Christian Blichmann
f9b4083dee
Header generator: Enable to find latest Clang
This also allows to install `libclang1` instead of `libclang1-dev` as
one of the build dependencies on Ubuntu/Debian.

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2021-01-07 11:15:13 +01:00
Wiktor Garbacz
195ac67c9d Fix dependencies in CMake build
PiperOrigin-RevId: 350313683
Change-Id: I133594e930cd3a710b6053de64bc94894d872241
2021-01-06 02:34:53 -08:00
Wiktor Garbacz
3e8a60c5b1 Fix raw_logging includes
PiperOrigin-RevId: 350142444
Change-Id: I15184e6e46594f7eecf75ff0a6f0961caa015f2d
2021-01-05 08:10:05 -08:00
Wiktor Garbacz
fe79c95a50 IWYU in sapi code generator
PiperOrigin-RevId: 350134692
Change-Id: I5389df8a02f6679a3881b20b599ff5d9fc81650e
2021-01-05 07:18:41 -08:00
Sandboxed API Team
142c35898c Allow TcMalloc to use membarrier syscall.
PiperOrigin-RevId: 348604579
Change-Id: Ibe54acc51597f36d1682368eb6baf1f8d45cf3dd
2020-12-22 02:50:16 -08:00
Anton D. Kachalov
d0c8224e61 Add support for ARM32 (hard float target)
This change enables support for 32-bit ARM, as used by embedded controllers and older phones.
Note: This does not support 32-bit sandboxees on AArch64. Both sandboxee and host code must have the same bitness.
PiperOrigin-RevId: 347835193
Change-Id: I6395882677530f9862f118d2dc10230a61049836
2020-12-16 09:18:25 -08:00
Chris Kennelly
324ab5974c Optimize calls to std::string::find() and friends for a single char.
The character literal overload is more efficient.

PiperOrigin-RevId: 347827459
Change-Id: I91ab1c5ea699886b6c15ad5016338063e0c98f40
2020-12-16 08:30:45 -08:00
Anton D. Kachalov
4763959227 Add pkg-config files generation.
PiperOrigin-RevId: 347812826
Change-Id: I1722d39759628ad976b99887c8406cff08195009
2020-12-16 06:46:03 -08:00
Christian Blichmann
507010781a Follow-up with more build fixes
Because any change that touches continuous integration needs a companion o.O

PiperOrigin-RevId: 347769780
Change-Id: I20525aaac2ce41c48f619b641baa31e880432e50
2020-12-16 00:09:28 -08:00