Commit Graph

485 Commits

Author SHA1 Message Date
Kevin Hamacher
ac6a5dfc85 Delete copy constructor of FDCloser
PiperOrigin-RevId: 243263443
Change-Id: If22d287ce1872ad070454824e8daa36585ab0258
2019-04-12 07:54:31 -07:00
Kevin Hamacher
6b5f3645ab Make embed_file use raw logging
PiperOrigin-RevId: 242868093
Change-Id: Ibf1f448878219a9ce8fc6bb7d3e93626fa24b1f6
2019-04-10 07:56:06 -07:00
Wiktor Garbacz
79525950fe Add support for new SECCOMP_RET_* in disassembler
PiperOrigin-RevId: 242642525
Change-Id: Iea9a54f01d56cadf19a020340d07c1790c858a0f
2019-04-09 14:38:05 +02:00
Kevin Hamacher
1b50485be6 Move forkserver into a dedicated binary
PiperOrigin-RevId: 242637894
Change-Id: I16f19d077e2b5b9d0d4ef58344d5caaef95af7c6
2019-04-09 14:37:41 +02:00
Kevin Hamacher
e44231e28a Wrap waitpid with TEMP_FAILURE_RETRY and use __WALL to make sure we reap all children
PiperOrigin-RevId: 242111281
Change-Id: I322623303487b0292c2aea53d6eae5d9f53d79b6
2019-04-05 05:50:12 -07:00
Copybara-Service
5b0c46fa18 Merge pull request #21 from happyCoder92:master
PiperOrigin-RevId: 242110016
Change-Id: I148ba1d8a6d2c675271662e91b41c4aa04b7d0c9
2019-04-05 05:34:00 -07:00
Kevin Hamacher
77ad64ac30 Use high FD numbers in the forkserver to avoid collision with FDs mapped by the user
PiperOrigin-RevId: 242106285
Change-Id: I0f4bd130f8e66e6b47ad1d7311e0fff519aa9e90
2019-04-05 04:51:41 -07:00
Wiktor Garbacz
98928a0570 Document required deps for Gentoo 2019-04-05 11:09:02 +02:00
Sandboxed API Team
6a65e63eae Add //tools/cpp:current_cc_toolchain to the toolchains attribute.
This is so that CC Make Variables will be resolved properly.

PiperOrigin-RevId: 241721367
Change-Id: Ic0d3f864b1398107118a1ada4c99cc4516db924f
2019-04-03 16:51:55 +02:00
Wiktor Garbacz
29fac2d393 mounts: Validate interpreter as early as possible
PiperOrigin-RevId: 240972700
Change-Id: I9049af7d053152cebd264fbfc352d2971a06d363
2019-03-29 07:07:55 -07:00
Sandboxed API Team
137f772f2b Allow TCMalloc to call madvise with MADV_NOHUGEPAGE
PiperOrigin-RevId: 240555428
Change-Id: I05fd61ecd09fc0a3f76dade0341d35b04a590b90
2019-03-27 07:40:57 -07:00
Christian Blichmann
dda0daa449 Fix typo
PiperOrigin-RevId: 240368596
Change-Id: Id517ae6ecece98998316ba5a2672e075e037133a
2019-03-26 09:57:32 -07:00
Christian Blichmann
88213b0d1b Copybara import of the project:
- 05cbe1250a0905c975cb3de175a6c3690dbbc00b Don't accidentially generate trigraphs by Mackie Loeffel <mackie.loeffel@web.de>
  - 25e66c1080fa50d8b0661d10ecde39cfcbf51289 Merge 05cbe1250a0905c975cb3de175a6c3690dbbc00b into 6679f... by MackieLoeffel <MackieLoeffel@users.noreply.github.com>

COPYBARA_INTEGRATE_REVIEW=https://github.com/google/sandboxed-api/pull/17 from MackieLoeffel:fix_trigraphs_in_filewrapper 05cbe1250a0905c975cb3de175a6c3690dbbc00b
PiperOrigin-RevId: 240365879
Change-Id: I31fa5dfeadac3cee79e7d66b4dd4fe58a7a4b242
2019-03-26 09:43:16 -07:00
Christian Blichmann
f04be9276f Formatting fixes and include file hygiene.
PiperOrigin-RevId: 240346890
Change-Id: I1a9617f10a62a848b6314a6196512e016ae02643
2019-03-26 07:54:21 -07:00
Christian Blichmann
33206c5d3f Use a longer string in the CRC4 buffer overflow example.
On some newer compiler versions, compiler optimizations and loop unrolling
change the memory layout so that 64 bytes are not enough to overwrite the
return address reliably.

PiperOrigin-RevId: 240343358
Change-Id: Ifb1a1dc1cb482793b7387887f0fd68a237879227
2019-03-26 07:28:15 -07:00
Kevin Hamacher
1dd0428713 Add missing chdir() in the init process
PiperOrigin-RevId: 239425921
Change-Id: Ia1b02ae0a2f319faa601d6098a9f94a3043656a8
2019-03-20 10:36:11 -07:00
Christian Blichmann
52f4c1f927 Disable "mini" debug format support in libunwind to avoid additional library dependency
PiperOrigin-RevId: 239397518
Change-Id: Icd8c641f9d5aac721a2cf1e4e0d3347743f49d58
2019-03-20 08:03:08 -07:00
Christian Blichmann
2ed1e9b7a4 Merge pull request #5 from disconnect3d:patch-5
PiperOrigin-RevId: 239387531
Change-Id: I7929c296cb838c5a1ed05539efca4e771c1f68b3
2019-03-20 14:51:11 +01:00
Christian Blichmann
30c25286f3 Merge pull request #8 from shaan1337:patch-1
PiperOrigin-RevId: 239384106
Change-Id: Ibeb4b6a76226a1384fc21df33378101a31764012
2019-03-20 14:33:36 +01:00
Wiktor Garbacz
2e9f50a68f Rename deathrattle_fatalmsg proto
PiperOrigin-RevId: 239377742
Change-Id: I169407087f5e6f3275e282a51232bb6eea330e49
2019-03-20 05:19:55 -07:00
Sandboxed API Team
c8a4131e74 Test that isatty is being allowed by AllowTCGETS.
PiperOrigin-RevId: 239370864
Change-Id: Id98f3e5d8dceedb3cfbcd23b980e828f576d3e8d
2019-03-20 04:11:21 -07:00
Christian Blichmann
3600a8a090 Merge pull request #2 from disconnect3d:patch-3
PiperOrigin-RevId: 239354706
Change-Id: Ib9b5eca822bcf114a90c7dc96a9a2dacd318d016
2019-03-20 09:42:47 +01:00
Christian Blichmann
6eb6dc5f9c Merge pull request #4 from disconnect3d:patch-4
PiperOrigin-RevId: 239244132
Change-Id: I33a50f866b23a23ce63ff5609e6865184fec0863
2019-03-19 21:40:14 +01:00
Christian Blichmann
0babaf094d Improve internal<->external code transforms #3
Note: These commits only change very minor formatting issues in
the GitHub version. There is more than meets the eye, though. These
changes help to be able to accept pull requests.
PiperOrigin-RevId: 239225828
Change-Id: Ib31bf114e7cc4ccda49f7dcc4e9e24eebc735065
2019-03-19 10:58:21 -07:00
Christian Blichmann
cb36b974eb Improve internal<->external code transforms #2
PiperOrigin-RevId: 239221234
Change-Id: I5b50ed6472df894c43310addb9d8e8ca35b2c822
2019-03-19 10:38:52 -07:00
Christian Blichmann
22eeb45d0f Add missing transactions.md
Fixes #7

PiperOrigin-RevId: 239176066
Change-Id: I6fde1246447610ed5157db39f30472c38b206474
2019-03-19 06:16:40 -07:00
Christian Blichmann
90d276f913 Improve internal<->external code transforms
This includes changing the way libcap headers are included.

PiperOrigin-RevId: 239173120
Change-Id: I5562d924b96bab26a29342903895324bfe385e5a
2019-03-19 05:51:53 -07:00
Kevin Hamacher
5d216fb191 Only spawn init processes when using PID NS
PiperOrigin-RevId: 239169620
Change-Id: I9f26cfab90189a1baa5b87a700ce892cf0c95a89
2019-03-19 05:14:29 -07:00
Wiktor Garbacz
7ecdd2f8fc Internal change.
PiperOrigin-RevId: 239163024
Change-Id: I6918cc7f1472271b3cf99e042d8eb52d42868e6c
2019-03-19 04:11:51 -07:00
Sandboxed API Team
5aa13876a4 Formatting fixes.
PiperOrigin-RevId: 239159980
Change-Id: Ic6185368392622bf3f4c661e37f6b9fcca0d60a6
2019-03-19 03:41:32 -07:00
Shaan Nobee
88a23c878a
Fix typo 2019-03-19 09:43:12 +04:00
Disconnect3d
845ad06d37
Update library.md
There is no https://github.com/google/sandboxed-api/blob/master/sandboxed_api/examples/zlib/lib/sandbox.h - it either wasn't commited or we meant different sandbox.h here. For now I linked to sum's sandbox.h
2019-03-18 21:34:41 +01:00
Disconnect3d
64acef11c5
fix formatting in docs/library.md 2019-03-18 21:29:35 +01:00
Disconnect3d
95d35615b8
Fix user namespaces link in howitoworks.md 2019-03-18 21:22:53 +01:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release.
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00