Sandboxed API Team
c6bab97690
Added more descriptive Syscall argument types, and an API for introspecting arguments.
...
PiperOrigin-RevId: 612904089
Change-Id: Ia0ef7b0559f7eed923981b13fa8224bc891e8c37
2024-03-05 11:07:06 -08:00
A. Cody Schuffelen
f708270f35
Add DefaultAction(TraceAllSyscalls)
variant to PolicyBuilder
...
This helps write the kind of 'log, but allow' policy described in
[`notify.h`](b9c84a1f75/sandboxed_api/sandbox2/notify.h (L57)
) for all system calls not mentioned explicitly. One use case is writing a "permissive mode" runtime to give more information during development.
PiperOrigin-RevId: 603766051
Change-Id: I3c72f433a1e21c330b5dd9f1ede2faa570b75b09
2024-02-02 13:01:37 -08:00
Wiktor Garbacz
1339d0b7f2
Remove unneeded include
...
PiperOrigin-RevId: 594408507
Change-Id: I7bbfa0c47243755ae8bc0a6f69efe66d881076a1
2023-12-29 01:30:29 -08:00
Wiktor Garbacz
0a992b683f
Add special handling for global forkserver
...
PiperOrigin-RevId: 590533638
Change-Id: Ibbb7685c58bae0ebf340eaa0186ecc794a5a5fea
2023-12-13 03:34:22 -08:00
Wiktor Garbacz
d95df64ebb
Add a test for custom forkserver
...
PiperOrigin-RevId: 590187497
Change-Id: I9e2d4a2ed585a78bd3cb44b3f78d91afd527f6ab
2023-12-12 06:53:33 -08:00
Wiktor Garbacz
227daf4a42
Do 1 level of recursion on libunwind crashes
...
PiperOrigin-RevId: 566617450
Change-Id: If5e3ce2e9763360c6cbd50145c432dfb62621136
2023-09-19 06:50:05 -07:00
Wiktor Garbacz
1cf45be7df
Refactor Comms to split out listening/connecting part
...
Deprecated APIs slated for removal after migration of internal
clients.
PiperOrigin-RevId: 566598245
Change-Id: I5d7b920f3a788d4eccc6e78f239b660ba903adcc
2023-09-19 05:14:09 -07:00
Wiktor Garbacz
92aeadddee
PolicyBuilder: test error conditions for AddPolicyOnSyscalls
...
PiperOrigin-RevId: 562768777
Change-Id: If756f83ea657cc6cd4c1283339a2909071a47493
2023-09-05 07:13:56 -07:00
Wiktor Garbacz
02d770adcc
NetworkProxyTest: test more error conditions
...
PiperOrigin-RevId: 562708702
Change-Id: Ifedcb0eb2bc84396627a0b53828e1e10e4c562ad
2023-09-05 02:17:25 -07:00
Wiktor Garbacz
5f9698612e
Better network proxy tests
...
Fix sending error on `connect` failure.
PiperOrigin-RevId: 562693682
Change-Id: I70c710a9001f22e172cbe4df328983bfa7188d3d
2023-09-05 00:57:27 -07:00
Wiktor Garbacz
3ea315858d
Remove mutexes from Comms
...
It was never fully thread-safe.
e.g. calling SendProtoBuf concurrently from 2 threads
could result in a data race.
Also not all users need the thread-safety thus it's better left off to be done externally by the ones that require it.
PiperOrigin-RevId: 562548941
Change-Id: Ie32dfca366be9e0c32841e55b688907f4f5f7704
2023-09-04 07:00:57 -07:00
Wiktor Garbacz
2c9ac02b68
Rework network_proxy related tests/examples
...
PiperOrigin-RevId: 561632543
Change-Id: I85843cc1cac8348273a5593339b38ae08e07592c
2023-08-31 06:06:09 -07:00
Wiktor Garbacz
dc25251af9
Enable sandboxed stack traces for coverage
...
PiperOrigin-RevId: 561611676
Change-Id: I852eec8fc3728da1ae0b4bca8ccc9a628b8b5adc
2023-08-31 04:05:49 -07:00
Wiktor Garbacz
09a48bac06
Reduce CHECK-failures in unotify monitor
...
This also fixes a CHECK-failure in Join() when waiting for sandboxee
times out.
PiperOrigin-RevId: 561282248
Change-Id: I5568c3b9e6b8dce531167c267f7896996326d2e2
2023-08-30 02:56:16 -07:00
Wiktor Garbacz
4a6b0d4633
Always override forkservers comms_fd in sandboxee
...
PiperOrigin-RevId: 561276110
Change-Id: I8bd1ce7e2f363b5e371a431b1e6db6534023e401
2023-08-30 02:20:56 -07:00
Wiktor Garbacz
37f00991b9
Final round of IWYU fixes for Sandbox2
...
PiperOrigin-RevId: 560077736
Change-Id: Id810db20b0042b8cd4f8f7a352b2cc571de51b71
2023-08-25 06:50:29 -07:00
Wiktor Garbacz
127176d72f
Bulk IWYU and build_cleaner fixes
...
PiperOrigin-RevId: 559733768
Change-Id: Ia38f4c176e9f0abbfdb3a8f1109f482d8870eb0f
2023-08-24 06:23:36 -07:00
Wiktor Garbacz
6986af58bb
IWYU fixes
...
PiperOrigin-RevId: 559444773
Change-Id: If92cdc4f978a22bfdbd61b0c9e0b43ea272bca8d
2023-08-23 09:04:00 -07:00
Wiktor Garbacz
9dcc9db919
Replace StrError with PLOG
...
PiperOrigin-RevId: 559380593
Change-Id: Ia7d2bcb3908b5e739ac5c4aaec1559fb6f86f383
2023-08-23 04:09:02 -07:00
Sandboxed API Team
41003aae83
Automated rollback of commit 1e26cd50dc
.
...
PiperOrigin-RevId: 559102360
Change-Id: I5dd175d5f0b9ece602f5c26454ad1f1e2e3a60fc
2023-08-22 07:12:09 -07:00
Wiktor Garbacz
1e26cd50dc
Always override forkservers comms_fd in sandboxee
...
PiperOrigin-RevId: 558721787
Change-Id: I331efd38b0571877b53cdc14190bae0ed639ce3f
2023-08-21 02:15:52 -07:00
Wiktor Garbacz
b258535161
Treat libunwind sandbox as a ~regular sandboxee
...
This removes dependency on unwind from forkserver,
which should reduce binary size for all the custom forkservers (also the SAPI generated ones).
Unwind was only ever used by the global forkserver anyhow
PiperOrigin-RevId: 557921074
Change-Id: Iea4904da0506fee5a00f970538f512cba7b02326
2023-08-17 13:32:44 -07:00
Wiktor Garbacz
0a0bf05dc3
Readd VLOGs removed by mistake
...
PiperOrigin-RevId: 557739843
Change-Id: I21497028fc26388fec8a45ee1bfa2f11cf9022d2
2023-08-17 01:13:21 -07:00
Wiktor Garbacz
7a57d32711
forkserver: Remove waitpid flag
...
It was superseded by sandboxee rusage when using unotify monitor
PiperOrigin-RevId: 557396642
Change-Id: I41f84149227f62d4b7727030f9359834a9b61dbc
2023-08-16 01:33:12 -07:00
Wiktor Garbacz
3079d2b4e0
Make Policy a simple copyable type
...
PiperOrigin-RevId: 555146979
Change-Id: I83d7260d65d4291c418e6c8e80385cbdc8fbc758
2023-08-09 06:44:22 -07:00
Wiktor Garbacz
dd664400d7
More verbose logging on graceful exit timeout
...
PiperOrigin-RevId: 554382651
Change-Id: I7205fed9285b2aaff93860782d65d3dc829bb5f9
2023-08-07 00:28:10 -07:00
Wiktor Garbacz
e86462db77
Remove redundant buffer test
...
It tested Comms rather than different Buffer functionality.
PiperOrigin-RevId: 549880115
Change-Id: I095464540fa21cc4b3bee1d87e1e046807b6f18c
2023-07-21 01:53:54 -07:00
Wiktor Garbacz
9b307fc204
Remove leftover stack_trace sources from sandbox2 target
...
PiperOrigin-RevId: 531168602
Change-Id: Ib9c0942e5ba9cf0d577f88a6091245ca02d5674e
2023-05-11 04:59:29 -07:00
Kevin Hamacher
fb1571c801
Automated rollback of commit f6fd27618b
.
...
PiperOrigin-RevId: 529395980
Change-Id: I6a5d451ed84f8d4a522777815c6cc2d7d7a8923c
2023-05-04 06:53:48 -07:00
Oliver Kunz
9ab20c5411
Implements the ability to control who is allowed to enable unrestricted networking.
...
PiperOrigin-RevId: 529309275
Change-Id: Icd88a4469b0c36af96638d44f9e909085c7120d5
2023-05-03 23:29:34 -07:00
Sandboxed API Team
f6fd27618b
Automated rollback of commit 8c53262539
.
...
PiperOrigin-RevId: 529101664
Change-Id: Ica452c6ee8f54b78be09fa830a09d6a89800cf44
2023-05-03 08:45:11 -07:00
Kevin Hamacher
8c53262539
Allow forkserver to use waitpid as alternative to sa_nochldwait
...
PiperOrigin-RevId: 529074278
Change-Id: If63015586673610e111ee589995e5264523be7a7
2023-05-03 06:41:07 -07:00
Wiktor Garbacz
5efae5cdf5
Do not exit from within ForkServer to get more precise coverage data
...
PiperOrigin-RevId: 520273079
Change-Id: I3f37d9eacc2c284c45f37842e1e63364cf64faf2
2023-03-29 02:22:16 -07:00
Wiktor Garbacz
a4d602298b
Dump coverage prior to execveat
...
PiperOrigin-RevId: 520002416
Change-Id: Ic792b0b71b8e7b2f00b669db9b6831acd8341c5c
2023-03-28 05:50:43 -07:00
Wiktor Garbacz
b50bc23138
Remove no longer needed friend declaration
...
Drive-by dependencies cleanup
PiperOrigin-RevId: 518551045
Change-Id: I132dfc42945f500e8efec58a4d58d3bee4d1f191
2023-03-22 06:27:21 -07:00
Wiktor Garbacz
99931c2ad6
Move abort into ExecuteProcess and mark it noreturn
...
PiperOrigin-RevId: 518528953
Change-Id: Ieaa03af484188bb35f9734d69d987eabbdcc23ab
2023-03-22 04:07:10 -07:00
Wiktor Garbacz
cb63dfead5
Add tests for util.cc
...
PiperOrigin-RevId: 516439597
Change-Id: I2ac88b6188738e47f0e0bdb04382a50aa5aa9366
2023-03-14 00:04:14 -07:00
Wiktor Garbacz
0d3d5d4bcb
Seccomp_unotify based monitor
...
Unotify based monitor should bring big performance wins
if the sandboxee heavily uses threading or signals.
Some of the features are not supported in that mode:
- execveat is always allowed instead of just the initial one
- stack traces are not collected on normal exit or if the process is terminated by signal
PiperOrigin-RevId: 515040101
Change-Id: Ia5574d34b4ff7e91e3601edb8c9cb913e011fbf6
2023-03-08 08:09:34 -08:00
Wiktor Garbacz
e3b2d232b4
Add test for bpf disassembler
...
Also always handle the new return values.
PiperOrigin-RevId: 514698931
Change-Id: Ib4ce06e4f17c438271a0452053d3b0bc368e9970
2023-03-07 05:04:09 -08:00
Wiktor Garbacz
526401166e
Migrate namespaces related tests out of policybuilder_test
...
PiperOrigin-RevId: 514325688
Change-Id: I9c581d14da3ac9fe5c3c0b43e156d8ad8d90c73f
2023-03-06 07:08:49 -08:00
Wiktor Garbacz
e09c2bc215
Run more tests with coverage and sanitizers contd
...
PiperOrigin-RevId: 513815467
Change-Id: I31d0df2c69b20eb126aaa8dde7f45fa7c0e1e6a8
2023-03-03 06:51:06 -08:00
Wiktor Garbacz
cd945565f5
Run more tests with coverage and sanitizers
...
Running with a permissive test policy should not interfere with sanitizers
or coverage.
Most tests should run with such a permissive policy.
The exception are tests which actually tests policy enforcement.
PiperOrigin-RevId: 513548936
Change-Id: I9a4c2cc8074997cff08cc22d15f4736219ce4d63
2023-03-02 08:46:07 -08:00
Wiktor Garbacz
d74dac096a
Rework stack_trace_test
...
PiperOrigin-RevId: 513467290
Change-Id: Iab630412052fa5e7333514f3864ebdfb7f10e1ef
2023-03-02 01:25:38 -08:00
Wiktor Garbacz
5a8a25e9ac
Change the default action instead of appending ALLOW
...
Also create a visibility restricted version of the function.
PiperOrigin-RevId: 513209752
Change-Id: I031fe62d5ccd81995536479b9af890ad111e336c
2023-03-01 05:36:24 -08:00
Wiktor Garbacz
e1246332d1
Rename and move CreateDirRecursive
...
PiperOrigin-RevId: 510186053
Change-Id: I0e68cc8fff44780ab98f1d57f829ff900790eed5
2023-02-16 10:44:01 -08:00
Wiktor Garbacz
6db17e7ab3
Use namespaced policy in most tests
...
Drive-by some test cleanups.
PiperOrigin-RevId: 510134967
Change-Id: I40328a644690865c5cc0a0eb265222ebf7ff83e0
2023-02-16 07:12:46 -08:00
Wiktor Garbacz
71692bb50b
Decouple sandboxed stack tracing
...
This allows to split monitor & stack_trace related targets.
Also move stack traces related functionality into MonitorBase.
PiperOrigin-RevId: 510112916
Change-Id: I60eabf9c9b3204dc369713edd8ae05fded306875
2023-02-16 06:07:15 -08:00
Wiktor Garbacz
d2dbbbae76
Remove redundant tests
...
UID/GID is checked in namespace test and open fds in santizier test
PiperOrigin-RevId: 510084559
Change-Id: I1aac4d30d44aa2390447f24d228afbb1c3b04e2b
2023-02-16 02:28:52 -08:00
Wiktor Garbacz
3f53e81d0b
Remove unused dependency
...
PiperOrigin-RevId: 509890467
Change-Id: I0189fca5efa93a9e67f6f07eac44793cd17dcfc3
2023-02-15 11:35:14 -08:00
Wiktor Garbacz
a5d12903dd
Extract SandboxeeProcess and move it down the call chain
...
PiperOrigin-RevId: 507718207
Change-Id: Ia1f6fc2f09abbde5311f8dc0f596aa605989140d
2023-02-07 02:22:45 -08:00