Commit Graph

174 Commits

Author SHA1 Message Date
Chris Kennelly
d90b2c6328 Allow TCMalloc to access the rseq syscall.
PiperOrigin-RevId: 243441655
Change-Id: I82918459c20f164b56cc0c5b621b004315a011ec
2019-04-13 13:45:35 -07:00
Chris Kennelly
e2eb0597cb Internal change
PiperOrigin-RevId: 243440925
Change-Id: I085535962e1d754f7bc32e08b1785a574062edaa
2019-04-13 13:45:25 -07:00
Kevin Hamacher
ac6a5dfc85 Delete copy constructor of FDCloser
PiperOrigin-RevId: 243263443
Change-Id: If22d287ce1872ad070454824e8daa36585ab0258
2019-04-12 07:54:31 -07:00
Wiktor Garbacz
79525950fe Add support for new SECCOMP_RET_* in disassembler
PiperOrigin-RevId: 242642525
Change-Id: Iea9a54f01d56cadf19a020340d07c1790c858a0f
2019-04-09 14:38:05 +02:00
Kevin Hamacher
1b50485be6 Move forkserver into a dedicated binary
PiperOrigin-RevId: 242637894
Change-Id: I16f19d077e2b5b9d0d4ef58344d5caaef95af7c6
2019-04-09 14:37:41 +02:00
Kevin Hamacher
e44231e28a Wrap waitpid with TEMP_FAILURE_RETRY and use __WALL to make sure we reap all children
PiperOrigin-RevId: 242111281
Change-Id: I322623303487b0292c2aea53d6eae5d9f53d79b6
2019-04-05 05:50:12 -07:00
Kevin Hamacher
77ad64ac30 Use high FD numbers in the forkserver to avoid collision with FDs mapped by the user
PiperOrigin-RevId: 242106285
Change-Id: I0f4bd130f8e66e6b47ad1d7311e0fff519aa9e90
2019-04-05 04:51:41 -07:00
Wiktor Garbacz
29fac2d393 mounts: Validate interpreter as early as possible
PiperOrigin-RevId: 240972700
Change-Id: I9049af7d053152cebd264fbfc352d2971a06d363
2019-03-29 07:07:55 -07:00
Sandboxed API Team
137f772f2b Allow TCMalloc to call madvise with MADV_NOHUGEPAGE
PiperOrigin-RevId: 240555428
Change-Id: I05fd61ecd09fc0a3f76dade0341d35b04a590b90
2019-03-27 07:40:57 -07:00
Christian Blichmann
f04be9276f Formatting fixes and include file hygiene.
PiperOrigin-RevId: 240346890
Change-Id: I1a9617f10a62a848b6314a6196512e016ae02643
2019-03-26 07:54:21 -07:00
Christian Blichmann
33206c5d3f Use a longer string in the CRC4 buffer overflow example.
On some newer compiler versions, compiler optimizations and loop unrolling
change the memory layout so that 64 bytes are not enough to overwrite the
return address reliably.

PiperOrigin-RevId: 240343358
Change-Id: Ifb1a1dc1cb482793b7387887f0fd68a237879227
2019-03-26 07:28:15 -07:00
Kevin Hamacher
1dd0428713 Add missing chdir() in the init process
PiperOrigin-RevId: 239425921
Change-Id: Ia1b02ae0a2f319faa601d6098a9f94a3043656a8
2019-03-20 10:36:11 -07:00
Christian Blichmann
52f4c1f927 Disable "mini" debug format support in libunwind to avoid additional library dependency
PiperOrigin-RevId: 239397518
Change-Id: Icd8c641f9d5aac721a2cf1e4e0d3347743f49d58
2019-03-20 08:03:08 -07:00
Christian Blichmann
30c25286f3 Merge pull request #8 from shaan1337:patch-1
PiperOrigin-RevId: 239384106
Change-Id: Ibeb4b6a76226a1384fc21df33378101a31764012
2019-03-20 14:33:36 +01:00
Wiktor Garbacz
2e9f50a68f Rename deathrattle_fatalmsg proto
PiperOrigin-RevId: 239377742
Change-Id: I169407087f5e6f3275e282a51232bb6eea330e49
2019-03-20 05:19:55 -07:00
Sandboxed API Team
c8a4131e74 Test that isatty is being allowed by AllowTCGETS.
PiperOrigin-RevId: 239370864
Change-Id: Id98f3e5d8dceedb3cfbcd23b980e828f576d3e8d
2019-03-20 04:11:21 -07:00
Christian Blichmann
3600a8a090 Merge pull request #2 from disconnect3d:patch-3
PiperOrigin-RevId: 239354706
Change-Id: Ib9b5eca822bcf114a90c7dc96a9a2dacd318d016
2019-03-20 09:42:47 +01:00
Christian Blichmann
0babaf094d Improve internal<->external code transforms #3
Note: These commits only change very minor formatting issues in
the GitHub version. There is more than meets the eye, though. These
changes help to be able to accept pull requests.
PiperOrigin-RevId: 239225828
Change-Id: Ib31bf114e7cc4ccda49f7dcc4e9e24eebc735065
2019-03-19 10:58:21 -07:00
Christian Blichmann
cb36b974eb Improve internal<->external code transforms #2
PiperOrigin-RevId: 239221234
Change-Id: I5b50ed6472df894c43310addb9d8e8ca35b2c822
2019-03-19 10:38:52 -07:00
Christian Blichmann
90d276f913 Improve internal<->external code transforms
This includes changing the way libcap headers are included.

PiperOrigin-RevId: 239173120
Change-Id: I5562d924b96bab26a29342903895324bfe385e5a
2019-03-19 05:51:53 -07:00
Kevin Hamacher
5d216fb191 Only spawn init processes when using PID NS
PiperOrigin-RevId: 239169620
Change-Id: I9f26cfab90189a1baa5b87a700ce892cf0c95a89
2019-03-19 05:14:29 -07:00
Sandboxed API Team
5aa13876a4 Formatting fixes.
PiperOrigin-RevId: 239159980
Change-Id: Ic6185368392622bf3f4c661e37f6b9fcca0d60a6
2019-03-19 03:41:32 -07:00
Disconnect3d
95d35615b8
Fix user namespaces link in howitoworks.md 2019-03-18 21:22:53 +01:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release.
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00