Commit Graph

493 Commits

Author SHA1 Message Date
Wiktor Garbacz
0d375e69e1 Remove abort from ExecuteProcess
Otherwise ExecuteProcess is implicitly `[[noreturn]]` and this
might cause policy violations in `__asan_handle_no_return`
for ASAN builds.

PiperOrigin-RevId: 319203128
Change-Id: I5c8ba71ce88261f803aa3f16730eccea0d803dd1
2020-07-01 04:54:29 -07:00
Christian Blichmann
2ffea13759 Mark zlib as found when using SAPI CMake build
Signed-off-by: Christian Blichmann <mail@blichmann.eu>
2020-06-30 08:59:50 +02:00
Sandboxed API Team
5de6b84111 Internal change
PiperOrigin-RevId: 317068509
Change-Id: I268381ca50eabed88b189bf79ccc9313e5b7d9ae
2020-06-18 03:19:01 -07:00
Christian Blichmann
89e80d4c80 Internal change.
PiperOrigin-RevId: 316414698
Change-Id: Ib0d43bfc7c95a3029618b4ed758990f78cb25529
2020-06-15 00:59:33 -07:00
Copybara-Service
fdf5fd5854 Merge pull request #45 from cblichmann:20200609-include-guard-test
PiperOrigin-RevId: 315673526
Change-Id: If6efb2deb8dc0da8a10db26aec683c730ae2d97a
2020-06-10 05:34:35 -07:00
Christian Blichmann
c0c9d1dbf9 Copybara import of the project:
--
fd2e99fa87c34f2fb1a20052c030ad7a4139b4e1 by Christian Blichmann <mail@blichmann.eu>:

Support LLVM >= 7.0.1 in Clang based header generator

This change glosses over small API changes introduced since LLVM/Clang
7.0.1, which ships with Debian Stable "Buster". Ubuntu 18.04 LTS "Bionic"
also shipped this (and subsequently updated to version 9).

Hence, compiling the generator should now work on all reasonable Debian
based distributions.

COPYBARA_INTEGRATE_REVIEW=https://github.com/google/sandboxed-api/pull/44 from cblichmann:20200609-llvm-version-compat fd2e99fa87c34f2fb1a20052c030ad7a4139b4e1
PiperOrigin-RevId: 315637014
Change-Id: I6585041d8bebade15e44c057b1a69287bbc0e733
2020-06-09 23:32:03 -07:00
Christian Blichmann
b02061a3d2
Add scaffolding and first test for Clang-based generator
- Fix `GetIncludeGuard()` to always uppercase
2020-06-09 13:37:52 +02:00
Christian Blichmann
726cabe2f7 Fix up generated header include paths
The "hello_sapi" example lives in a different WORKSPACE as it is intended to
show how to embed SAPI in your own projects. However, this is not compatible
with simply running `bazel build //sandboxed_api/...` after checkout.

This change simply replace `copts = ["-I."]` with `includes = ["."]`, so that
generated headers can be found reliably, regardless of how the example is
compiled.

PiperOrigin-RevId: 313782756
Change-Id: Iac26e828146b01545c81d9500f5f68fa0f2d4ddf
2020-05-29 08:13:58 -07:00
Christian Blichmann
5aff251a92 Move filewrapper to tools directory
This decouples it from the underlying build system

PiperOrigin-RevId: 313764652
Change-Id: I64de2f8533d307567de297942a3d02d26b0839f4
2020-05-29 05:40:52 -07:00
Christian Blichmann
e76e73dfe8 Merge pull request #40 from cblichmann:clang-tool
PiperOrigin-RevId: 313577454
Change-Id: I4de93e1ffca003899ae3c7110ab3fd10f700907c
2020-05-28 16:01:09 +02:00
Christian Blichmann
507eb00a90
Add sandboxee embedding
- Implement `--sapi_embed_name` and `--sapi_embed_dir` flags
- Do not emit full AST-serialization for C++ classes
2020-05-15 17:03:25 +02:00
Christian Blichmann
143e539d79 First MVP of a LibTooling based SAPI header generator
- Extract dependent types directly from the Clang AST and re-serialize
  back into compilable code
- Collect types and emit diagnostics
- Format generated code

Signed-off-by: Christian Blichmann <mail@blichmann.eu>
2020-05-15 15:35:42 +02:00
Copybara-Service
dd4e81bccb Merge pull request #39 from cblichmann:master
PiperOrigin-RevId: 311518877
Change-Id: Ib29354cb55ed6289d0aa303189c12222b9f92ea8
2020-05-14 06:17:42 -07:00
Christian Blichmann
2c8c9a489a
Add external embedding example
This change contains a "hello world"-style example library to be
sandboxed. It consists of a stand-alone CMake and Bazel project that
uses Sandboxed API as its dependency.

To use Sandboxed API in an external project, it should be enough to
copy the files in the `sandboxed_api/examples/hello_sapi` directory
as a starting point.
2020-05-14 11:40:02 +02:00
Christian Blichmann
ba47adc21d Allow empty sapi_embedded_dir flag in the header generator
PiperOrigin-RevId: 311478848
Change-Id: If94d2279989b3cfc76304bb0bb8624e0f0532ba6
2020-05-13 23:49:25 -07:00
Christian Blichmann
d6b8e0b3e3 CMake: Fix inclusion and paths for external embedding
When using SAPI from an external project via CMake, the small zlib patch
cannot be found during the config phase.

This change also fixes an oversight in that the tests depend on some of
the example code.

Regardless embedding code should set `SAPI_ENABLE_EXAMPLES` to `OFF`.
Disabling tests by setting `SAPI_ENABLE_TESTS` to `OFF` stays optional.

PiperOrigin-RevId: 311290454
Change-Id: Ibe105895859b793b20f47c89b1a9e11cbfef2e2f
2020-05-13 02:09:33 -07:00
Christian Blichmann
6d97220e5c
Use common repository prefix everywhere
Build macros in earlier versions of Bazel (pre-1.0) needed to specify
targets in a different format, depending from where they were
included/expanded at build time.

For example, a `sapi_library()` macro invocation in one of the directories
under `examples`, always needed to depend on the SAPI main library as
`//sandboxed_api:sapi`. When using SAPI from another Bazel project, the
same macro would have needed to depend on
`@com_google_sandboxed_api//sandboxed_api:sapi`. The `sapi_library()`
macro was thus checking the repository name and conditionally changed
the dependencies. This approach is brittle and as of Bazel 3.1.0 no
longer works.

This CL simple removes the conditional prefix and unconditionally uses
`@com_google_sandboxed_api`.

Tested on Bazel 1.2.1, 2.2.0 and 3.1.0
2020-05-11 16:51:53 +02:00
Christian Blichmann
aafc597630 Add zlib as dependency for examples
Similar to what the Bazel build does, this change adds zlib as an additional
dependency when `SAPI_ENABLE_EXAMPLES` is set to `ON`.

PiperOrigin-RevId: 309203959
Change-Id: I201a9e6415789afb1e058bc48cebbc0fc0004fe9
2020-04-30 04:57:33 -07:00
Sandboxed API Team
79049b09c0 Add helper function for MADV_WIPEONFORK.
BoringSSL (which is the crypto library used by most Google products) is starting to use madvise(_, _, MADV_WIPEONFORK) to protect random-number state from being duplicated by fork(). This causes extra madvise calls that sandboxes need to permit in order to continue functioning.

PiperOrigin-RevId: 309173849
Change-Id: I007dacc1ff1fd0ccc138caaa08735cfe5bc78234
2020-04-30 00:08:55 -07:00
Christian Blichmann
7ec20bd5d5 Update dependencies to latest versions
- Abseil (HEAD)
- Benchmark (HEAD)
- Google Flags (HEAD)
- Google Logging (HEAD)
- Google Test/Mock (HEAD)
- Protocol Buffers (3.11.4)

PiperOrigin-RevId: 309012925
Change-Id: I826846afb3f2c4e92180915796890fce6b5a1d6c
2020-04-29 06:45:44 -07:00
Christian Blichmann
8faccffbad Update StatusOr<> and tests
Fixes some template issues that could lead to code not compiling when it
otherwise should.

PiperOrigin-RevId: 308809964
Change-Id: I9f2f9d4aff5f1a9cb967fb705a86fd7f49114f7a
2020-04-28 06:12:58 -07:00
Christian Blichmann
a2e292792e Move .bazelrc to correct location next to WORKSPACE
PiperOrigin-RevId: 308792839
Change-Id: Id70f6bbd3ba2b8fe769eb1013a9310f00a300610
2020-04-28 03:17:28 -07:00
Christian Blichmann
dfc51704c0 Fix linker issue introduced in b2764c5
The underlying issue is with a Copybara transform and the internal Blaze BUILD file.

PiperOrigin-RevId: 308787839
Change-Id: I32af664b3eac4c925d39f50b967756198eff23f3
2020-04-28 02:30:47 -07:00
Sandboxed API Team
b2764c5937 Internal change.
PiperOrigin-RevId: 308273962
Change-Id: If41d229d37eda610eb4bf202e20dc4f5976f2333
2020-04-24 10:02:21 -07:00
Sandboxed API Team
f18f524100 Internal change.
PiperOrigin-RevId: 307871367
Change-Id: Iefae576ae58b88a72f0cd923b3e76ce560af6e58
2020-04-22 12:23:46 -07:00
Sandboxed API Team
9b85dc49c1 Split sanitizer.h into a separate library
PiperOrigin-RevId: 305327952
Change-Id: I6708729d379d019c3d299e9cb54b76338ced23bf
2020-04-07 13:26:51 -07:00
Christian Blichmann
496672c333 Cleanup calls to sapi::StatusOr<>::ValueOrDie()
PiperOrigin-RevId: 304398197
Change-Id: I85d09457a5e27f65c0792fe93aebbd8219801ef6
2020-04-02 07:42:45 -07:00
Christian Blichmann
2b2e7ac498 Bring sapi::StatusOr<> up to date with internal Abseil changes
Note: This intentionally omits perfect-forwarding value assignments. This
avoids overly complex template expressions. The regular assignments are still
efficient.
PiperOrigin-RevId: 304159053
Change-Id: I3460f46ca5779a0619cf90ae22625de8fad7669c
2020-04-01 04:40:38 -07:00
Sandboxed API Team
2fa0bf85f4 Fix an ODR violation
PiperOrigin-RevId: 303066199
Change-Id: I0cde5fce6f9538136b913edccc5a3195e0b4e503
2020-03-26 01:59:05 -07:00
Sandboxed API Team
22c6417307 Adding new build rule for sanitizer
PiperOrigin-RevId: 302687093
Change-Id: I090352c70df67e51eba79a618315b7ca9696bcfe
2020-03-24 09:54:49 -07:00
Kevin Hamacher
dadf55f647 Show a warning when tmpfs size is not specified
PiperOrigin-RevId: 302441519
Change-Id: Ia4130c9067f00ed48065ea3b4854c844e7b88f85
2020-03-23 08:44:28 -07:00
Christian Blichmann
57d374e667 Fix libffi configure directory in Bazel/CMake builds 2020-03-23 13:52:02 +01:00
Christian Blichmann
45d825b3b7 Merge branch 'master' of https://github.com/google/sandboxed-api 2020-03-22 16:47:41 +01:00
Christian Blichmann
0772d71264 Download libffi at CMake config time (fixes #35)
Drive-by:
- Make Bazel config action more robust
- Disable dependency tracking in libunwind configure

Signed-off-by: Christian Blichmann <mail@blichmann.eu>
2020-03-22 16:44:39 +01:00
Anna Sapek
4665335604 Use file::IsAbsolutePath consistently
PiperOrigin-RevId: 302073992
Change-Id: Ib3b9fbedc6e85a1abd87cbc683d8a8c3dc3daf87
2020-03-20 12:08:25 -07:00
Christian Blichmann
604b671d12 Internal change.
PiperOrigin-RevId: 301836978
Change-Id: Ic959f224701bf370294fdbbe3126edd01c615e2a
2020-03-19 09:58:28 -07:00
Christian Blichmann
69bdb54bf9 Update README, graphical assets
PiperOrigin-RevId: 301830652
Change-Id: I60a67c372869a30ff5ba575387d67700ffc20134
2020-03-19 09:27:42 -07:00
Christian Blichmann
f44cca6c98 Fix path to generated proto sources when embedding
When embedding SAPI in an external CMake project, the version of
`protobuf_generate_cpp` that we lifted from upstream protobuf produces
the wrong generated file paths.

For example, given this project structure:

```
/parent/
+-- myproject/
+-- myproject_build/  <- CMake build directory
+-- sandboxed-api/    <- Checkout from GitHub
```

And a CMake file in `myproject/CMakeLists.txt` that embeds SAPI like
this:

```
cmake_minimum_required(VERSION 3.12)
project(SandboxedTest LANGUAGES CXX)
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_CXX_STANDARD_REQUIRED ON)

add_subdirectory(
  ${PROJECT_SOURCE_DIR}/../sandboxed-api
  ${PROJECT_BINARY_DIR}/sandboxed-api
)
```

Then `protobuf_generate_cpp` correctly invokes the protoc compiler to
generate
`/parent/myproject_build/sandboxed-api/sandboxed_api/proto_arg.proto.pb.cc'.
However, the path of the generated source file that is passed to the C++
compiler will be
`/parent/myproject_build/sandboxed-api/sandboxed_api/../../myproject_build/sandboxed-api/sandboxed_api/proto_arg.pb.cc`.
Note the duplicated project build directory component in the
canonicalized version:
`/parent/myproject_build/myproject_build/sandboxed-api/sandboxed_api/proto_arg.pb.cc`.

This change simple omits the computation of any relative file paths and
simply uses `_pb_PROTOC_OUT_DIR` which defauls to
`CMAKE_CURRENT_BINARY_DIR`, which should always contain the correct
path.

Signed-off-by: Christian Blichmann <mail@blichmann.eu>
2020-03-18 18:47:02 +01:00
bielec
d17482e2eb Split network_proxy example to 2 examples: with automatic handler, and without.
Created documentation for network proxy. fixed 2 things in documentation (namespaces are enabled by default for a while).

PiperOrigin-RevId: 300321016
Change-Id: Id9c54b29551e8d3b70e814e2fdbfee594126aa90
2020-03-11 07:32:50 -07:00
Christian Blichmann
f6c3db4c6e Replace sapi::Status with absl::Status
PiperOrigin-RevId: 297614681
Change-Id: I89fe1357a172ed4d28df6dd84b80fee364ce1c14
2020-02-27 09:24:12 -08:00
Sandboxed API Team
a5d931ec5f Qualify uses of std::string
PiperOrigin-RevId: 297528932
Change-Id: I750c43e356be55a5bd37a8bb59d998238bd8f1bb
2020-02-27 00:03:55 -08:00
Maciej Szawłowski
edd6b437ae Filter functions based on files we scan.
Currently we extract all functions from the compilation unit - it doesn't really make sense as it will try to process functions in included files too.
As we require sapi_in flag, we have information which files are of interest.

This change stores the top path in _TranslationUnit and uses it when looking for function definitions to filter only functions from the path we provided.

PiperOrigin-RevId: 297342507
Change-Id: Ie411321d375168f413f9f153a606c1113f55e79a
2020-02-26 06:02:15 -08:00
Sandboxed API Team
6332df5ef6 Fix or ignore type errors generated by the next release of pytype.
The next release contains one major change: for function parameter annotations,
pytype will no longer treat (x: X = None) as equivalent to
(x: Optional[X] = None). This pytype behavior was based on an outdated version
of the type-checking spec. Annotations that were relying on the behavior now
need to explicitly declare themselves as Optional.

PiperOrigin-RevId: 297065077
Change-Id: Iade679e5928bb3839485e8b8571945456ba6e982
2020-02-25 01:15:54 -08:00
bielec
5a4e3f3d29 Now network proxy server supports IP filtering. API to policybuilder is added to make a list of allowed pairs of allowed IP, mask and port where mask and port are optional.
PiperOrigin-RevId: 296206385
Change-Id: I53b23122abece1fe318ed4c6a7e37bf3228c8f5f
2020-02-20 07:45:44 -08:00
Christian Blichmann
5d81c822d8 Automated rollback of commit e56f562fe2.
PiperOrigin-RevId: 296178631
Change-Id: I0f871aeecd70e9d2f99c7d52d94c6043a1668325
2020-02-20 04:26:37 -08:00
Maciej Szawłowski
fc514451e0 Internal BUILD changes
PiperOrigin-RevId: 296174640
Change-Id: I94c8e36d76d6cbb2b9d65f35d8700018b62d3db1
2020-02-20 04:26:23 -08:00
Sandboxed API Team
e56f562fe2 Automated rollback of commit 4eede550e7.
PiperOrigin-RevId: 295946052
Change-Id: Ie8c23fe8eec99ab52245ae7f482f1e6b99ec010e
2020-02-19 05:19:15 -08:00
Christian Blichmann
4eede550e7 Prepare for upcoming changes in Abseil
- Move canonical errors into status.

PiperOrigin-RevId: 295941935
Change-Id: I9408d21b6d34239b0ef3f3cd24975f39f1405505
2020-02-19 04:43:29 -08:00
Christian Blichmann
d578b18c22 Modernize the transaction API
PiperOrigin-RevId: 295712938
Change-Id: Iaf4c9668bb0b48555679fef822fe424277540d1f
2020-02-18 05:27:38 -08:00
Wiktor Garbacz
5b1119aa6d Internal change
PiperOrigin-RevId: 295579669
Change-Id: I2488a87a78cf76f0d4ddf73d115e443bd801e420
2020-02-17 06:54:52 -08:00
Sandboxed API Team
05280287e0 Automated rollback of commit 800339d672.
PiperOrigin-RevId: 294644781
Change-Id: I88ad35abd96468476294039a41b6f2a8234db6ca
2020-02-17 10:39:08 +01:00
bielec
800339d672 Now network proxy server supports IP filtering. API to policybuilder is added to make a list of allowed pairs of allowed IP, mask and port where mask and port are optional.
PiperOrigin-RevId: 294640297
Change-Id: I4c6520685a658f8b7762af238588830f71b3f54a
2020-02-17 10:38:44 +01:00
Wiktor Garbacz
f1ce6fcb87 Internal change
PiperOrigin-RevId: 292529030
Change-Id: Ie6b315d9edd5f253386474be4afff1a59e24a91e
2020-01-31 05:39:25 -08:00
Sandboxed API Team
daa1c7a64e Allow sandboxee to read from /proc when sanitizers are allowed.
Sanitizers read from /proc. For example:
69445f095c/lib/sanitizer_common/sanitizer_linux.cpp (L1101)

PiperOrigin-RevId: 292363903
Change-Id: Icc383ededcad363b4e96f5551f140f012b07b495
2020-01-30 09:30:42 -08:00
Sandboxed API Team
b9c866410d Replace deprecated thread annotations macros.
PiperOrigin-RevId: 292326427
Change-Id: Iebd745bf0c6b0b14e090462a9df44ebd7d374c7d
2020-01-30 05:07:40 -08:00
Sandboxed API Team
54cd192442 Replace deprecated thread annotations macros.
PiperOrigin-RevId: 292326369
Change-Id: I47cb8416b198872c96921207e257745451285680
2020-01-30 05:06:55 -08:00
Wiktor Garbacz
539d1cac34 Replace if (!cond) { LOG(FATAL, msg) } with CHECK(cond, msg)
PiperOrigin-RevId: 291916344
Change-Id: Ib522a3f202b20bf8f1ab4ca5774952d4b8f43e91
2020-01-28 05:59:33 -08:00
Wiktor Garbacz
d88c9f7598 Log mount flags in human readable format
PiperOrigin-RevId: 291690800
Change-Id: I6c4acdad93aeed29616d1ea44f797dad6fc7f277
2020-01-27 03:19:56 -08:00
Wiktor Garbacz
d74215d30d Properly test read-only mounts
PiperOrigin-RevId: 291337704
Change-Id: I806d0d09051ab205813d6626ea70e9e57a28a7a5
2020-01-24 02:38:11 -08:00
Wiktor Garbacz
e3d638466d Internal change
PiperOrigin-RevId: 290621061
Change-Id: I4b575ac65a9c225453552db74416eed45f1f4ebd
2020-01-20 08:35:24 -08:00
Wiktor Garbacz
bd22a18f87 Internal change
PiperOrigin-RevId: 290586117
Change-Id: I637ca27121ef541d48a717903496cab256214a0a
2020-01-20 02:55:04 -08:00
Christian Blichmann
441201884a Update license header with recommended best practices
PiperOrigin-RevId: 290250533
Change-Id: Ic34b253446463cf971a055b70a242df93a598ee3
2020-01-17 05:05:29 -08:00
Wiktor Garbacz
96d9ce90e5 Properly set mount flags
PiperOrigin-RevId: 290052082
Change-Id: I35222d25a24c3d641a998b2734b90bd178759df6
2020-01-16 06:05:11 -08:00
Wiktor Garbacz
c2bd47e978 Change mount propagation to private
PiperOrigin-RevId: 289639932
Change-Id: Iac976134d5f43dcdfe895446d7caab463cc70d1a
2020-01-14 06:32:23 -08:00
Christian Blichmann
18776b6f16 Refactor syscall definitions to rely less on macros
PiperOrigin-RevId: 288478535
Change-Id: I56bf8b8817f31d60db4726b2847f8400215b7b8c
2020-01-07 05:27:21 -08:00
Sandboxed API Team
3e442b252c Allow stack trace collection when namespaces are disabled, if sandbox_libunwind_crash_handler==false.
PiperOrigin-RevId: 288267119
Change-Id: I5fce1b28521d3d685186717f153f20fb498c94e2
2020-01-06 02:34:03 -08:00
Sandboxed API Team
aea1ecd58d Improve diagnostics when dynamically linked binary is sandboxed, but can't be exec'd.
PiperOrigin-RevId: 286391400
Change-Id: I016deb34eb895480131da24bc95a6244d92f3710
2019-12-19 07:48:32 -08:00
Wiktor Garbacz
e969deea33 Global deadline for ptrace attach instead of per process
PiperOrigin-RevId: 286196033
Change-Id: Ic456b881c18518c4b52ca051fa5c58590794da17
2019-12-18 08:23:55 -08:00
Wiktor Garbacz
7125458c5d forkserver: Remove order dependent tests
Sending -1 as fd will fail and take forkserver down.
This should not happen normally so turned it into a check.

PiperOrigin-RevId: 285391908
Change-Id: Idbb05004c36cb0be57be1bd26df1c57cecfb0019
2019-12-13 06:59:01 -08:00
Sandboxed API Team
4608a7baea Explicitly export files needed by other packages
PiperOrigin-RevId: 283942197
Change-Id: If1287d2544b2161e3087fb7f5f5395f69a2eb741
2019-12-05 03:33:32 -08:00
Christian Blichmann
072636f67e Force build in C++17 mode without a custom CROSSTOOL
PiperOrigin-RevId: 283706006
Change-Id: I0b6ddd36725ccf165a446ae94a16898146199d29
2019-12-04 01:03:21 -08:00
Wiktor Garbacz
ece90e0bda Fix resource leak
Resulted in a lot of zombie processes.

PiperOrigin-RevId: 283545337
Change-Id: Ia6b2fd24fc6fc0eed4a7aa415e264618739e8234
2019-12-03 07:59:18 -08:00
Wiktor Garbacz
035965060a Create initial namespaces on demand
PiperOrigin-RevId: 283321826
Change-Id: I746ce726b834273fd8a8e0de36b311c46e42d57a
2019-12-02 05:31:42 -08:00
Sandboxed API Team
44443779bc Internal change
PiperOrigin-RevId: 282945153
Change-Id: I26d4a9d21574fad2751708fe4bb9b38ecdd8131f
2019-11-28 08:07:00 -08:00
Christian Blichmann
02912f8eff Disable ABI warning about passing long double unions when using Bazel
PiperOrigin-RevId: 282349626
Change-Id: Ieb3df661f215450e750c586b2470047b1575c156
2019-11-25 07:03:24 -08:00
Christian Blichmann
5c38f62ba7 Fix unused warning for IsFdOpen()
PiperOrigin-RevId: 282346983
Change-Id: I7010caf0e6f3ddb420ef992f6aa2554d540667a3
2019-11-25 06:44:14 -08:00
Christian Blichmann
4f892864c8 Update dependencies to newer version
- Same upstream dependency versions for CMake and Bazel
- Use maybe() from build_defs to conditionally define Bazel repositories

PiperOrigin-RevId: 282331418
Change-Id: I8a7db84a1d3115f3c1f31cc1dfcc8c29fe391a62
2019-11-25 04:32:01 -08:00
Kevin Hamacher
3cbd871454 Allow sandboxee c-strings to be read as std::string
PiperOrigin-RevId: 281960106
Change-Id: I54256dda2b6b0374d0f2ce3f762370478b912683
2019-11-22 07:00:03 -08:00
Kevin Hamacher
a193cb4ed7 sandboxed_api: Expose strlen in the rpc channel
PiperOrigin-RevId: 281958333
Change-Id: If15d7d5b915fec3c5521ef53ee44c58d7482d1bc
2019-11-22 06:44:31 -08:00
Christian Blichmann
d9d45bcfe5 Fix generator not finding libclang
PiperOrigin-RevId: 281745276
Change-Id: I8c55b142a72265f577d6d1e3b673890529428c21
2019-11-21 07:33:03 -08:00
Christian Blichmann
d47c066112 Enable sapi_test target in CMake, add Benchmark dependency
PiperOrigin-RevId: 281719298
Change-Id: Idd2570fff4907c81cdab1070bd1f3e41e29c76f6
2019-11-21 04:04:14 -08:00
Christian Blichmann
6dd97f5073 Move dependency on libdl into build defs, like CMake
PiperOrigin-RevId: 281699435
Change-Id: Iced13e98578b2c36a1eeac71fd02a6d7ed87a8fb
2019-11-21 01:36:34 -08:00
Christian Blichmann
ae2954f598 Build in C++17 mode.
Practically all current compilers fully support C++17 by now, with the exception of `filesystem` (which we won't use).

PiperOrigin-RevId: 281494879
Change-Id: Ia0ef650ede4e5907e4a6421b8ad11743c8bae88f
2019-11-20 04:40:09 -08:00
Wiktor Garbacz
8a7d0d1cb3 Use a nested userns&mntns to pre-pivot_root
This addresses a latency issue - chroot_fs_refs called inside pivot_root
in the kernel can take several milliseconds on machines with many threads
running.
This might not always reduce latency for custom forkservers, as additional
fork can be more costly than pivot_root.

PiperOrigin-RevId: 281306284
Change-Id: If503ac76a70e5438e94caf708d79cb0219c66def
2019-11-19 09:02:28 -08:00
Wiktor Garbacz
1673ade4e4 Remount chroot as read-only
PiperOrigin-RevId: 280394655
Change-Id: I1490b7dfbbca3d91f5efb4dd5800397c9da57da8
2019-11-14 03:51:26 -08:00
Wiktor Garbacz
a1b291d44a Fix mount entries listing for tmpfs
PiperOrigin-RevId: 276447076
Change-Id: Ia5873e34327c281e5c9fb66f5f58a0dd49ba10b0
2019-10-24 02:37:54 -07:00
Sandboxed API Team
282f2d65e7 Fix a file descriptor leak in sandbox2::Executor.
PiperOrigin-RevId: 276294193
Change-Id: I9def39a41704db9948735c259e435ccfc71bacc5
2019-10-23 09:52:07 -07:00
Kevin Hamacher
4da8f68aa8 Rework stacktrace mounttree logic
The previous one was not quite correct in cases where the outside binary path
did not match the inside path. This should be fixed with this.

PiperOrigin-RevId: 276075886
Change-Id: I1c7c4fa0191960437a2d2360b805c7098b1407c9
2019-10-22 09:05:33 -07:00
Christian Blichmann
254abe04fe Use unified diff for zlib patch
PiperOrigin-RevId: 276075544
Change-Id: Icf06e360a400834e7304c2bde34954dbc71f135f
2019-10-22 09:04:29 -07:00
Wiktor Garbacz
a7cfbb92a6 Remove uneeded read-only remount
Caused failures if root is mounted as nodev, nosuid etc.
Root is pivoted and unmounted right after this anyhow.

PiperOrigin-RevId: 273707731
Change-Id: I75f1edaf2877c096e4f5bb7dc1b2bb8eb5c437a3
2019-10-09 02:47:38 -07:00
Kristj?n J?nsson
78824353d1 Make PolicyBuilder a value class.
This makes the class more ergonomic because
* You don't have to heap allocate the builder.
* You can create a policy builder "template" and re-use it across sandboxes to avoid repetitive work.

PiperOrigin-RevId: 273555679
Change-Id: I4084ee9c74f95ebfde873eb0dc021b3b3cdc5ea2
2019-10-08 10:45:45 -07:00
Sandboxed API Team
9931593fdc Corrects typo in link
PiperOrigin-RevId: 273248066
Change-Id: I37682d1b82fbe0b0e06d43dfe511da0d6aaa8c5a
2019-10-07 02:36:35 -07:00
Christian Blichmann
c6b8e301e4 This fixes broken _proto_cc_cc_proto build target suffixes.
These where inadvertently introduced in an internal cleanup change.

This change also removes a C++17-ism in var_proto.h. To make things easier for
downstream projects, we should stick to C++11 for the time being.

PiperOrigin-RevId: 271117700
Change-Id: I4eaacec88be16e1a561d3f77a61acce0a1af0b9d
2019-09-25 07:13:58 -07:00
Sandboxed API Team
ce46cb3fef internal BUILD file cleanup.
PiperOrigin-RevId: 270906748
Change-Id: I6a79c2f84a1d8a9fcb91061caa5f9e538fa83cba
2019-09-24 08:12:21 -07:00
Kevin Hamacher
1cf9bf8ab6 Internal change
PiperOrigin-RevId: 270878802
Change-Id: I4c946fdb5f566909eaead35a3050a99ab9047553
2019-09-24 04:50:18 -07:00
Kevin Hamacher
c337ea117e Return descriptive string if stack-traces are disabled
PiperOrigin-RevId: 270876245
Change-Id: I899a4628541712a212aa24d3a01d48d9b070c734
2019-09-24 04:27:09 -07:00
Kevin Hamacher
51d1a0e8ba Rollback of an internal change
PiperOrigin-RevId: 270874732
Change-Id: I69538a0a37ba008a41220fe9d77b3e59f8d06610
2019-09-24 04:11:52 -07:00
Sandboxed API Team
6131774256 internal BUILD file cleanup
PiperOrigin-RevId: 270833113
Change-Id: Ie8b2ab2486b7ca224f37d5fc3a07674d15e1b458
2019-09-23 22:24:27 -07:00
Sandboxed API Team
b390354794 internal BUILD file cleanup
PiperOrigin-RevId: 270833110
Change-Id: Ifc075bd59cf9e25d0c4ecc165592906f05875ee8
2019-09-23 22:23:57 -07:00
Sandboxed API Team
cee4ac35ae Internal BUILD file cleanup
PiperOrigin-RevId: 270672739
Change-Id: I752113fc1fa5fa3f1585b918c89ca68c058db098
2019-09-23 07:33:08 -07:00
Sandboxed API Team
a6285716f1 Internal cleanup
PiperOrigin-RevId: 270653397
Change-Id: I495a30cffdfa932da045ebed626bf97f1cb68bb2
2019-09-23 05:14:00 -07:00
Sandboxed API Team
ad2521a1e8 Internal cleanup
PiperOrigin-RevId: 270631972
Change-Id: Ifd8db261bd5380fd14357a283fb9fd67c7d25fa0
2019-09-23 02:31:54 -07:00
Wiktor Garbacz
d43d09c746 fail soft if sandboxee exits before init is ptraced
PiperOrigin-RevId: 270254470
Change-Id: Ifa13f4fe0e7ae91b79fc689e1d7dcb2a49b09cde
2019-09-20 06:13:44 -07:00
Sandboxed API Team
0aec7a511b Don't try to parse "[vsyscall]" as an ELF image.
PiperOrigin-RevId: 269811752
Change-Id: I2118badab9b5392eae7bfd36583384a33ab8a7d5
2019-09-18 08:32:11 -07:00
Wiktor Garbacz
846717def1 Fix coverage for network and network_proxy tests
PiperOrigin-RevId: 269314101
Change-Id: I65f15261a22f8f5b6250396e41d76ef40a90ef94
2019-09-16 05:43:06 -07:00
Christian Blichmann
0aa7183502 Refactor the tests and strings example a bit
PiperOrigin-RevId: 268865491
Change-Id: Ie16e5f17e2eb22e25821c34edf0068cb81bcc2fe
2019-09-13 02:28:42 -07:00
Wiktor Garbacz
d6ca9d9564 Use proper return code for static_sandbox example
Also bump FSIZE limit to make it less likely to fail.

PiperOrigin-RevId: 268857718
Change-Id: I955ed4a10d8a49585ae330ab668a0bd891bb6ed6
2019-09-13 01:22:36 -07:00
Wiktor Garbacz
2e22b13b39 Enable namespaces by default
PiperOrigin-RevId: 268417712
Change-Id: I496d76e8a90665627b9be2bb5f9872a5df1c84e4
2019-09-11 02:39:49 -07:00
Christian Blichmann
4034f1235e Revert accidental deletion of the sandbox image
PiperOrigin-RevId: 267141212
Change-Id: I1aa0edf6f3ebeb19975fdead241e91927e7679f7
2019-09-04 06:33:29 -07:00
Christian Blichmann
ea1a934d51 Migrate Sandboxed API docs to developer.google.com/sandboxed-api
This change removes the in-tree documentation in favor of the one hosted on
the Google's Developer site. This makes it easier to maintain for the
sandbox team, as there is now only a single source of truth for both internal
and external documentation.

If you find errors/bugs in the documentation, please file regular GitHub
issues.

PiperOrigin-RevId: 267132623
Change-Id: I4c950fcef77da0b361cb35b99aa2f187efe6f320
2019-09-04 05:22:03 -07:00
Wiktor Garbacz
daa3defac0 Internal change
PiperOrigin-RevId: 266889781
Change-Id: Ibea87a7bb5fafb50ae3d09f7b0df876beecaf087
2019-09-04 05:21:47 -07:00
Wiktor Garbacz
da3c6c138e Fail in monitor if init process pid not received
PiperOrigin-RevId: 266886637
Change-Id: I4e896ebda8d9e15d0aefcb4139c8dc07ab938502
2019-09-03 02:37:09 -07:00
Sandboxed API Team
84702e6c97 No public change.
PiperOrigin-RevId: 265663675
Change-Id: I6ffcf796a13cddaea4f8b8a0ca20b92cc8e316a7
2019-08-27 05:36:35 -07:00
Christian Blichmann
2dd7d27952 Fix unused variable warning in monitor
PiperOrigin-RevId: 265439933
Change-Id: Idc62e0e1640bd2b866bd1a6f3c60370ae1b70592
2019-08-26 06:03:03 -07:00
Christian Blichmann
276b7efc92 Internal change.
PiperOrigin-RevId: 265057217
Change-Id: Id00c867b373dbe8c9112c23ef4b0300ed3ca9e5b
2019-08-23 08:08:51 -07:00
Christian Blichmann
d91879f752 Ensure compatibility with CMake 3.10
This fixes some CMake-3.12+-isms, like `list(JOIN ...)` and setting link
properties on OBJECT libraries.

PiperOrigin-RevId: 265033725
Change-Id: I0ee1ec0e1b1097ea8226ad6fdeff794a97c2881b
2019-08-23 05:08:55 -07:00
Christian Blichmann
df83f19d49 Fix broken include in client.cc
PiperOrigin-RevId: 261864188
Change-Id: I247455085764373d9a004d85fbfe37cadf7ed6eb
2019-08-06 01:36:12 -07:00
Sandboxed API Team
35d9d0c60a Internal change.
PiperOrigin-RevId: 261197411
Change-Id: Ic3c388af3f807bc039ad137267e17dc9fc666c84
2019-08-01 14:26:07 -07:00
Christian Blichmann
b7cbc36071 Follow-up to 3c51348 fixing linker issues with gflags and glog
The temporary solution for binaries/tests that fully statically linked is to
link against `gflags` using `-Wl,--whole-archive`. This will no longer be
necessary, once Abseil ships with logging. Then we can (finally) use Abseil
flags and use a logging library that does not depend on a different flags
library.

PiperOrigin-RevId: 260705702
Change-Id: I8562faaff59f9c3e0e1d331186d2806d387438fb
2019-07-30 06:48:38 -07:00
Christian Blichmann
1be24d945c Improve formatting of the generated code
PiperOrigin-RevId: 260142999
Change-Id: Id170e212012c7e10e3525d031d620a01f90fb388
2019-07-26 07:47:02 -07:00
Christian Blichmann
3c51348aaf Enable CMake projects to consume Sandboxed API via add_subdirectory()
This change moves away from a classical superbuild which downloads and builds
at build time. Instead, we now follow a "Fetch Content" workflow (available as
FetchContent in CMake 3.11+) and download dependencies at config time.

Rationale: Superbuild projects have the disadvantage that projects cannot
directly access their individual declared targets. This is not a problem with
regular libraries, as those are usually/supposed to be installed. With
Sandboxed API, this is not desirable, as it has dependencies like Abseil and
glog, which are almost always consumed by including their source tree using
add_subdirectory().

Fixes #10 and makes external embedding easier.

PiperOrigin-RevId: 260129870
Change-Id: I70f295f29a6e4fc8c330512c94b01ef10c017166
2019-07-26 05:51:08 -07:00
Christian Blichmann
db0ebe3650 Support empty package names in filewrapper tool
PiperOrigin-RevId: 259943587
Change-Id: I14d95dcd7d839903ebd12f4032e05e29bca17204
2019-07-25 07:36:57 -07:00
Christian Blichmann
1b93745d00 Honor SAPI_ENABLE_TESTS in examples
PiperOrigin-RevId: 259927061
Change-Id: I7ae2156630c60e54ba0d9933d03816d750db31f3
2019-07-25 05:11:58 -07:00
bielec
ef7592cfdd Now the network proxy client can automatically redirect connect syscalls to a handler that will send the data (syscall arguments) to the proxy server automatically and will return the obtained socket from the proxy server, in the future rules like allowed IP, protocols, etc. will be added
PiperOrigin-RevId: 259512665
Change-Id: I2747c7548ab24c7d2c90abb303fd783c11fed6f4
2019-07-23 04:41:08 -07:00
Sandboxed API Team
ae9836e6bf Add dependencies on @com_google_absl//absl/base:log_severity
to targets including "absl/base/log_severity.h"

PiperOrigin-RevId: 259483071
Change-Id: Ide51ea54ca18ce466be863c1e7755098618801c0
2019-07-23 00:31:55 -07:00
Wiktor Garbacz
2300141bdb Require namespaces to be disabled explicitly
PiperOrigin-RevId: 258730797
Change-Id: I5a1df23c5176a3cecd5a343483500550f27adf44
2019-07-18 02:18:26 -07:00
Wiktor Garbacz
691104c851 Extract RunInitProcess and SendPid/RecvPid
Also properly check status of send and use one-byte messages
to avoid issues with partial send, receive.

PiperOrigin-RevId: 258362495
Change-Id: I889b4699c100c80d15b129bf3a254f5442405bc2
2019-07-16 07:23:17 -07:00
Wiktor Garbacz
2349325e2b Move root chdir to namespace setup
PiperOrigin-RevId: 258361265
Change-Id: Ifa065559e36606afa7111ef6d8e2d5d621b57426
2019-07-16 07:13:17 -07:00
Sandboxed API Team
418ad07086 Initialize std::atomic_flag members
PiperOrigin-RevId: 258309720
Change-Id: Id9cb6ee627c0aea11bbbabfcab10731e2235e534
2019-07-15 23:59:24 -07:00
Wiktor Garbacz
8a4e665cba Remove redundant process setup
PR_SET_PDEATHSIG is already issued for init process in SanitizeCurrentProcess
Same for setsid

PiperOrigin-RevId: 258142844
Change-Id: Iad9e94bd402d576c1b24caab0b03efc50e2df07e
2019-07-15 05:36:27 -07:00
Wiktor Garbacz
9f36bd80d2 Fix double EnableNamespaces
PiperOrigin-RevId: 258142629
Change-Id: Ied76490e51278371fd51e117053599cce52991f1
2019-07-15 05:34:31 -07:00
Christian Blichmann
6d33c1f908 Add CMake options to exclude examples and tests from build
PiperOrigin-RevId: 258136393
Change-Id: Ifb2d7a24f93cd1d2782b4e4d6ac2c34a0d1c2bff
2019-07-15 04:42:58 -07:00
Christian Blichmann
99ac7fa60d Refactor CMake files
* Move add_sapi_library() into a build defs file
* Override protobuf_generate_cpp() instead of naming it sapi_protobuf_generate_cpp()
* Factor out inclusion/find_package() calls of external dependencies

PiperOrigin-RevId: 258133422
Change-Id: Ibdbab0c735157eac0ed6122ab78f9d583c6905cc
2019-07-15 04:13:15 -07:00
Christian Blichmann
b219661be0 Add basic CMake support for SAPI, build examples
* Implement add_sapi_library() similar to the Bazel rule
* Fix SuperBuild so that glog properly depends on gflags (needed for --logtostderr)
* Raise minimum required version of CMake to 3.10 (Ubuntu 18.04 LTS)
* Update sum sandbox policy to allow to get IDs and PIDs

PiperOrigin-RevId: 258124160
Change-Id: I64c2f8b27a3e842874adca9100bfce20a2b74f17
2019-07-15 02:53:43 -07:00
Christian Blichmann
686c6d254f Fix documentation link to zlib example
PiperOrigin-RevId: 257793227
Change-Id: I9c43c3814d75c5b79affd4854212eec07dc14f77
2019-07-12 06:38:49 -07:00
Christian Blichmann
ab35eb49af Make embedding the sandbox code the default
PiperOrigin-RevId: 257778382
Change-Id: Ib6dc472355092c08b905e42978efe7f47703c128
2019-07-12 04:07:11 -07:00
Christian Blichmann
6b24025860 CMake targets for SAPI, add find_package() support for libffi
This change adds CMake targets for the actual Sandboxed API library. On its
own, this is not very useful, as there is no CMake equivalent to the
sapi_library() rule, yet. This will be worked on next.

PiperOrigin-RevId: 257177362
Change-Id: Ic06c945ab534b27306021d970a83691aae2e7e60
2019-07-09 06:13:08 -07:00
Wiktor Garbacz
d170bc3c80 Deflake namespace_test
When fetching exit status only lower 8-bits will be read.
Thus if getpid()&0xff == 0 the test can fail.

PiperOrigin-RevId: 257163766
Change-Id: I690c645fde33d1205578fd8873c5fc2974352ada
2019-07-09 04:11:07 -07:00
Christian Blichmann
6d06df1b86 Break out executor into its own build target
PiperOrigin-RevId: 257147090
Change-Id: I34c5e86ca68f865fdae42e4077c52c6168672c06
2019-07-09 01:53:56 -07:00
Christian Blichmann
747ccb57e8 Rename stack-trace{.h,.cc,._test.cc} to use underscores
PiperOrigin-RevId: 257144753
Change-Id: I4ce0dffad552c25b61102adfb1c03b8aea427dd9
2019-07-09 01:32:25 -07:00
Christian Blichmann
2da6dad120 Internal change
PiperOrigin-RevId: 257141595
Change-Id: Ic34799290fa88be62ecba38f8f60200a1e55f065
2019-07-09 01:32:09 -07:00
Christian Blichmann
c7f7666d9d Do not leak macro definitions in stack-trace.h
Since we use glog, we need to still rely on gFlags for as long as Abseil
logging is not yet released. To do this, we have the util/flag.h header in
SAPI, faking the newer style API of Abseil's flags library.
The rationale behind this is that glog includes/builds with gflags for
command line flag parsing and having more than one flag parsing library
active at the same time is asking for trouble.

PiperOrigin-RevId: 256982667
Change-Id: I9c5406cb9ef4458daebfec0b0713f9bddbf5c3ad
2019-07-08 08:25:17 -07:00
Christian Blichmann
2301e05097 Follow-up to rev. 6edcf5f which introduced a build failure
PiperOrigin-RevId: 256961234
Change-Id: I312d054c5d35413b2e6b061ddfa30c80397b19eb
2019-07-08 05:56:36 -07:00
Sandboxed API Team
6edcf5f823 Internal change.
PiperOrigin-RevId: 256378370
Change-Id: I1b00662a4c4c743ab79ecf35e857e4f7bc9f5e1c
2019-07-03 09:03:38 -07:00
Christian Blichmann
d48a372aab Use absolute namespace names in generator to avoid collisions
PiperOrigin-RevId: 256349023
Change-Id: Ic6e178a158fd9af0343c747b0525e703aad7ef99
2019-07-03 05:32:46 -07:00
Kevin Hamacher
6d782dd774 Deflake custom_fork_server test
PiperOrigin-RevId: 256149331
Change-Id: I68cfd64ee602757235e6c6d602819a79ae4826fb
2019-07-02 05:59:25 -07:00
Christian Blichmann
732252922a Make sapi::Status and sapi::StatusOr<> public in Bazel build file.
This makes it easier to work with the generated classes from client code.

PiperOrigin-RevId: 256132914
Change-Id: If7fb24a2cac998d2cdb04e8b627272064bf9793d
2019-07-02 03:20:23 -07:00
Maciej Szaw?owski
9435f97538 macro fixes:
- made sure that define order is correct
- made sure to emit all defines related to target define
- fixed a bug where '(' was separated with macro name with space, this breaking the macro

PiperOrigin-RevId: 256129616
Change-Id: I636b13a72c6198fb59e8e387f42567c442b24352
2019-07-02 02:58:17 -07:00
Christian Blichmann
4e20e0702a Use full workspace name to access Bazel packages in generator
Since the interface generator is invoked via a Bazel macro, it will be
expanded in the embedding context of the project using SAPI, so package access
needs to go through the full workspace root @com_google_sandboxed_api.

This change also modifies the CMakeLists.txt accordingly, as the "external"
subdirectory is no longer needed/wanted.

PiperOrigin-RevId: 255918784
Change-Id: I052c687509f65fef7f011a9d1a074a171595330f
2019-07-01 02:53:41 -07:00
Christian Blichmann
0d16c136ae Make external usage easier by providing a sapi_deps() workspace rule
If using Sandboxed API from an external Bazel WORKSPACE, dependencies can be
imported by declaring the repository and calling `sapi_deps()`:

```python
git_repository(
    name = "com_google_sandboxed_api",
    commit = "master",
    remote = "https://github.com/google/sandboxed-api.git",
)

load(
    "@com_google_sandboxed_api//sandboxed_api/bazel:sapi_deps.bzl",
    "sapi_deps",
)

sapi_deps()
```

PiperOrigin-RevId: 255373664
Change-Id: I4c41ffc75e1ca95eb126702cb2d5cedb255191d5
2019-06-27 04:27:53 -07:00
Christian Blichmann
301a265c95 Make bpf_helper visible to projects using SAPI
PiperOrigin-RevId: 255368910
Change-Id: I4f12e8d47fd747619a12d21a5be1c34d7f876b61
2019-06-27 03:43:31 -07:00
Christian Blichmann
0c4a803527 Workaround for Bazel issue #8672 (broken fully_static_link)
This is tracked at
https://github.com/bazelbuild/bazel/issues/8672

and should only affect the tests for now.

PiperOrigin-RevId: 254943708
Change-Id: Iee18a3b8c1b570c7d04d09d533ecff33c3de7d57
2019-06-25 04:32:17 -07:00
Christian Blichmann
97b5f0767a Find libclang so that Python3 works, remove PY2 annotations
We now require that Debian users install the `python3` and `python3-pip`
packages. This change lets the Python code search for `libclang.so`, which can
be located in different directories, depending on version, and is not found by
default otherwise.

Fixes #28

PiperOrigin-RevId: 254745872
Change-Id: Ia77680da2a3235c0a9518125676aa8a460e38e76
2019-06-24 06:30:34 -07:00
Christian Blichmann
4bcea59309 Use to_list() on Bazel depsets for iteration.
Starting with Bazel 0.27.0 --incompatible_depset_is_not_iterable became the
default.

Fixes #27

PiperOrigin-RevId: 254703981
Change-Id: I727e4b1c6a907c8794a00f61646c13ad8d4437b7
2019-06-24 00:45:55 -07:00
Christian Blichmann
6ca744b959 Fix old 'google' namespace in example
PiperOrigin-RevId: 254203473
Change-Id: I04401074585769f3692f320f5aa0dbbecb51ebcc
2019-06-20 08:37:56 -07:00
Wiktor Garbacz
4b9be4e78a Fix formating
PiperOrigin-RevId: 253196457
Change-Id: Id73a08945dedff7a116d500202355ecf266afcf3
2019-06-14 03:01:09 -07:00
Wiktor Garbacz
605d402121 Use new function naming
PiperOrigin-RevId: 253191002
Change-Id: If00c0effb925b3e294593f272447cd8386228bac
2019-06-14 02:09:07 -07:00
Christian Blichmann
4d891de31b Internal change
PiperOrigin-RevId: 252609329
Change-Id: I46a05641456144e7967e01905c60e18aef164b3f
2019-06-11 06:49:45 -07:00
Sandboxed API Team
970257d87b Allow two madvise calls for asan & tsan builds.
bbfa21f177/lib/sanitizer_common/sanitizer_posix_libcdep.cc (L71)

PiperOrigin-RevId: 252048323
Change-Id: I457e708f0b024fd9db4ad39265cb904777ca52b5
2019-06-07 07:53:10 -07:00
Christian Blichmann
dfbfb5cc43 Add CMake builds for the examples
PiperOrigin-RevId: 252045309
Change-Id: I57ffc3debbe64010b1f20b2e6df900b9916fa37f
2019-06-07 07:27:33 -07:00
Christian Blichmann
f2c7f976cf Add minimal Bazel CI config
PiperOrigin-RevId: 252043934
Change-Id: I29222d770c44522b21560bb736b1f5fd55cb0da0
2019-06-07 07:14:07 -07:00
Christian Blichmann
24c3e34344 Implement a GetDataDependencyFilepath() for CMake (non-Bazel really).
This code assumes, like Bazel's runfiles that the data dependency to access
exists in the same sub-tree as the binary:

WORKSPACE
+- sandboxed_api/sandbox2/examples/crc4
                                   +- crc4bin
                                   +- crc4sandbox

The code requires the directory structure to exist, so that in the example
above, crc4sandbox can use
  GetDataDependencyFilepath("sandboxed_api/sandbox2/examples/crc4/crc4bin")

regardless of how it was called.

PiperOrigin-RevId: 251834480
Change-Id: I6470b62ce9b403297116481a0c17c070992f2e81
2019-06-06 05:44:32 -07:00
Christian Blichmann
9b78e331fa Use newer gflags namespace for command-line flags
PiperOrigin-RevId: 251639941
Change-Id: I3037ce9510a3bc62cf5c899c64f2e7d344a8b4ee
2019-06-05 07:39:38 -07:00
Sandboxed API Team
1b2b83676b Internal Change
PiperOrigin-RevId: 251637952
Change-Id: I532201ec1ba16a4cae71c671ffe2bd34e13a5391
2019-06-05 07:24:16 -07:00
Christian Blichmann
ffd4e1270a Internal change
PiperOrigin-RevId: 251590551
Change-Id: Ic69f8f5f798006c0d096357b7a746cdc4ce530a3
2019-06-05 00:26:14 -07:00
Christian Blichmann
a3b0949949 Internal change
PiperOrigin-RevId: 251411359
Change-Id: Ifbed8afa72d130ae803ed71a6a43ac3c9d8755f9
2019-06-04 04:07:21 -07:00
Christian Blichmann
719cd24933 Fix sandbox2 tests when run with CTest
This test runs, but fails due to a different problem:
  StackTraceTest.ForkEnterNsLibunwindDoesNotLeakFDs

PiperOrigin-RevId: 251218516
Change-Id: If06cdbcb71fad84ebd9d934ff173d7ef1a1eebc0
2019-06-03 06:27:59 -07:00
Sandboxed API Team
dd2a84b980 Clarify behavior of Buffer::CreateFromFd
PiperOrigin-RevId: 250834142
Change-Id: I7aac739c9b590adc0599926e3246bc87e21d951a
2019-05-30 23:50:54 -07:00
Sandboxed API Team
6666f41ba2 Fix unnecessary unique_ptr in LogServer.
PiperOrigin-RevId: 250050562
Change-Id: I6840e68504c741de1e66489279237f4a4a6bc533
2019-05-26 08:47:38 -07:00
Wiktor Garbacz
08ff939ea7 Call DisableNamespaces where needed
PiperOrigin-RevId: 249637351
Change-Id: I5105d89ea0e8cfb2fca1e5ac342fa67e9caac930
2019-05-23 07:21:03 -07:00
Wiktor Garbacz
85059ef40d Add DisableNamespaces to PolicyBuilder
Currently mostly no-op, but this is the first step to turn namespaces on
by default.

PiperOrigin-RevId: 249439158
Change-Id: I5eeb1216dc868c660f62ad50c34f626afbf7db61
2019-05-22 06:54:12 -07:00
Wiktor Garbacz
71a317e65f Do not emit an error on ESRCH in PTRACE_CONT
Process might be killed between waitpid and PTRACE_CONT,
even though a PTRACE_EVENT_EXIT will be gererated, continuing
will fail with ESRCH in that case.

PiperOrigin-RevId: 249245726
Change-Id: Ib673529229a306d2266fa60caa3039b6bcd80a65
2019-05-21 07:30:56 -07:00
Wiktor Garbacz
15993a34e2 Log stack traces with INFO instead of ERROR
PiperOrigin-RevId: 249035379
Change-Id: Ie62366f45f29741ee0c8b25369d0bb169275ccfd
2019-05-20 06:16:50 -07:00
Wiktor Garbacz
207b2d9a95 Remove stale comment
PiperOrigin-RevId: 248715509
Change-Id: I7aa3f4388920e39a79ac349890de403ac3384504
2019-05-17 07:21:31 -07:00
Wiktor Garbacz
34d17b77ac Remove dead code
IPC always creates comms object from a fd.

PiperOrigin-RevId: 248683525
Change-Id: Ib4285ec0494d551257237c12f92f983b943205cb
2019-05-17 02:02:03 -07:00
Wiktor Garbacz
8678af23d0 Extract GetRlimitName into util
PiperOrigin-RevId: 248682931
Change-Id: I702533a8d36465de956a1a90a40c634434b7a671
2019-05-17 01:55:35 -07:00
Wiktor Garbacz
6e1c3c3055 Fix prlimit error message
PiperOrigin-RevId: 248491089
Change-Id: Id4116939d02b6a592c74218955675acf2e3c70fe
2019-05-16 02:24:59 -07:00
Wiktor Garbacz
7294e9976e Replace custom synchronization with absl::Notification
PiperOrigin-RevId: 248334969
Change-Id: I7614a3792babd399912c5d5a167ab5e0a0574d20
2019-05-15 08:09:56 -07:00
Wiktor Garbacz
42761c8b72 Add a resource starvation test
PiperOrigin-RevId: 248334209
Change-Id: Iff0f0b3024c67a767c429a547695cc48a2d02a30
2019-05-15 08:04:58 -07:00
Wiktor Garbacz
6588aa2a68 Reintroduce monitor changes.
Signal handling in Monitor::MainLoop was fixed.

PiperOrigin-RevId: 248331692
Change-Id: I0f85d319802258632d2074742c53597bb922555a
2019-05-15 07:46:49 -07:00
Sandboxed API Team
d8f7d861d2 Log the progress of dynamic libraries being resolved while creating a sandboxee's virtual FS chroot. This provides valuable insight while debugging problems with dynamically linked sandoxed binaries.
PiperOrigin-RevId: 247625021
Change-Id: I9bf77af7410deb8766fd49910c8564e148020601
2019-05-10 09:41:07 -07:00
Christian Blichmann
5f3c7171b7 Use Abseil's flag library released in aa468ad75539619b47979911297efbb629c52e44
PiperOrigin-RevId: 247424939
Change-Id: I22a4696f705f9dcfa7394b329c78bd126f42bd16
2019-05-09 07:57:55 -07:00
Christian Blichmann
7800fd7402 Disable compiler warnings for consistency with internal settings.
PiperOrigin-RevId: 247405215
Change-Id: I236170f7b47d9ecd32324db907ef7afc2e797d9a
2019-05-09 05:21:34 -07:00
Sandboxed API Team
63f0adbfbb Revert of monitor code update.
PiperOrigin-RevId: 247255592
Change-Id: I3656ea1628418321b1b8b02660b6a51a58c2c61f
2019-05-08 11:34:26 -07:00
Wiktor Garbacz
3f5360a7bc Simplify monitor code.
Make setting result code the condition for main loop exit.

PiperOrigin-RevId: 247218505
Change-Id: I8699012683bc301e8a9f4f41cd5ab018e3cd514c
2019-05-08 08:34:56 -07:00
Christian Blichmann
a412383d61 Fix build failure with Bazel v0.25.0+ (#25)
PiperOrigin-RevId: 247206409
Change-Id: Ic6d4d1fea42ea5746613d3ef3de67f61e72848a6
2019-05-08 07:07:29 -07:00
Sandboxed API Team
f29a5a81ed Print final FS mounts in sandboxee's chroot
After all requested filesystem mounts are fully mounted under a sandboxee's virtual chroot, print a list of the outside paths and a list of the inside chroot paths that the outside paths are mapped to. This provides a valuable insight while debugging sandboxed binaries.

PiperOrigin-RevId: 247130923
Change-Id: I42b4b3db68d826587c0fe8127aabbead38bc6f20
2019-05-07 18:30:13 -07:00
Christian Blichmann
6bfa83befe CMake support for Sandbox2
- Add a superbuild in cmake/SuperBuild.cmake that downloads and builds
  dependencies
- Builds for sandbox2/ and a its tests
- Helper CMake function to strip proto paths
- Module to find libcap
- Custom build for libunwind that wraps its symbols
- Fix environment so that CTest executes tests similar to Bazel
- Filewrapper functionality, like Bazel's cc_embed_data()
- Build forkserver with embedded binary
- Enable ASM language so that libunwind builds correctly
- Allow glog target to propagate transitively (to propagate its include dirs)

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-05-06 14:03:29 +02:00
Christian Blichmann
7753cded13 Replace non-alphanumeric, non-underscore characters in filewrapper
PiperOrigin-RevId: 246320238
Change-Id: I08454dc19b6227e4ce2c1b7677b916706e7be5a5
2019-05-02 08:11:50 -07:00
Wiktor Garbacz
64cfb949f4 Internal change
PiperOrigin-RevId: 245410078
Change-Id: I9ef7680885927b23734c02e063a617c9dbc3b856
2019-05-02 05:21:32 -07:00
Wiktor Garbacz
3a2829bafc Fix minielf test
PiperOrigin-RevId: 245409987
Change-Id: I5c728f012776105b7070e88d77bba27a205d56f1
2019-04-26 06:22:31 -07:00
Wiktor Garbacz
e8ef753821 Internal change
PiperOrigin-RevId: 245409914
Change-Id: I20f23a997e09ce4cc2fe9353ac6f341a641e2263
2019-04-26 06:20:43 -07:00
Wiktor Garbacz
b1aa95fcde Internal change
PiperOrigin-RevId: 245409846
Change-Id: Ic9f398146a4c0d72592f5bb7b46a01333303ba12
2019-04-26 06:20:05 -07:00
Wiktor Garbacz
523620f8ab Internal change
PiperOrigin-RevId: 245409785
Change-Id: I37b1611bed459522803fa1e49c4252d2cad80076
2019-04-26 06:18:59 -07:00
Wiktor Garbacz
5e645a9190 Fix build
PiperOrigin-RevId: 245400890
Change-Id: I899ef49edd8e371b8714478fa3c911cfb771419b
2019-04-26 04:42:52 -07:00
Sandboxed API Team
f3c9c6e388 Internal change
PiperOrigin-RevId: 245377524
Change-Id: If41601b2d68c6ff0f7d3f37811aac62c32441d1f
2019-04-26 00:46:11 -07:00
Sandboxed API Team
afec50fdb5 automated internal change
PiperOrigin-RevId: 245070237
Change-Id: Ib6b0d9201f8b603e185eb91c1bc9f500f1af1ed6
2019-04-24 10:31:13 -07:00
Christian Blichmann
feba2c35d7 Apply special whole-archive linker options only where necessary
PiperOrigin-RevId: 245038294
Change-Id: I99367e7c982a340a88acf730619a467d34d53203
2019-04-24 07:07:14 -07:00
Wiktor Garbacz
c6d16a58eb Internal change
PiperOrigin-RevId: 244882748
Change-Id: I0342f445df8f60f864d3e7f56145051b821a86e0
2019-04-23 10:47:34 -07:00
Wiktor Garbacz
53d85ab4f2 Internal change
PiperOrigin-RevId: 244882228
Change-Id: I506b92326fa83f214b1e7fab6c5b2e0889f8b197
2019-04-23 10:46:58 -07:00
Wiktor Garbacz
63006c1476 Internal change
PiperOrigin-RevId: 244881751
Change-Id: I3f3200c4d85906058ac17ed941e69ea22d9a4090
2019-04-23 10:42:14 -07:00
Wiktor Garbacz
0fd468be7c Internal change
PiperOrigin-RevId: 244879634
Change-Id: Ifa63ef7b0cc10e87d18f17b85cce55af03cd37cf
2019-04-23 10:31:51 -07:00
Wiktor Garbacz
6cbaaead8b Make StatusMatcher more flexible
PiperOrigin-RevId: 244879203
Change-Id: I5f7994130a898e84f041b18c0b5313d7e8b32780
2019-04-23 10:30:45 -07:00
Sandboxed API Team
726b1fb451 n/a
PiperOrigin-RevId: 244836017
Change-Id: I034cfb1af4835256aa9b8b7ac3e80a341e9a9271
2019-04-23 05:14:22 -07:00
Kevin Hamacher
8ad4fcd0a8 minielf: Increase maximum amount of symbols loaded
PiperOrigin-RevId: 243775723
Change-Id: I5398ec23bd76be01c48c69bd4decb015a48386fc
2019-04-16 03:00:28 -07:00
Kevin Hamacher
af44845246 Try to demangle c++ symbols when logging the stacktrace
PiperOrigin-RevId: 243612828
Change-Id: I09c748da0c119ba2024b2906802858b5b9bcfeb0
2019-04-15 07:37:23 -07:00
Chris Kennelly
d90b2c6328 Allow TCMalloc to access the rseq syscall.
PiperOrigin-RevId: 243441655
Change-Id: I82918459c20f164b56cc0c5b621b004315a011ec
2019-04-13 13:45:35 -07:00
Chris Kennelly
e2eb0597cb Internal change
PiperOrigin-RevId: 243440925
Change-Id: I085535962e1d754f7bc32e08b1785a574062edaa
2019-04-13 13:45:25 -07:00
Kevin Hamacher
ac6a5dfc85 Delete copy constructor of FDCloser
PiperOrigin-RevId: 243263443
Change-Id: If22d287ce1872ad070454824e8daa36585ab0258
2019-04-12 07:54:31 -07:00
Kevin Hamacher
6b5f3645ab Make embed_file use raw logging
PiperOrigin-RevId: 242868093
Change-Id: Ibf1f448878219a9ce8fc6bb7d3e93626fa24b1f6
2019-04-10 07:56:06 -07:00
Wiktor Garbacz
79525950fe Add support for new SECCOMP_RET_* in disassembler
PiperOrigin-RevId: 242642525
Change-Id: Iea9a54f01d56cadf19a020340d07c1790c858a0f
2019-04-09 14:38:05 +02:00
Kevin Hamacher
1b50485be6 Move forkserver into a dedicated binary
PiperOrigin-RevId: 242637894
Change-Id: I16f19d077e2b5b9d0d4ef58344d5caaef95af7c6
2019-04-09 14:37:41 +02:00
Kevin Hamacher
e44231e28a Wrap waitpid with TEMP_FAILURE_RETRY and use __WALL to make sure we reap all children
PiperOrigin-RevId: 242111281
Change-Id: I322623303487b0292c2aea53d6eae5d9f53d79b6
2019-04-05 05:50:12 -07:00
Copybara-Service
5b0c46fa18 Merge pull request #21 from happyCoder92:master
PiperOrigin-RevId: 242110016
Change-Id: I148ba1d8a6d2c675271662e91b41c4aa04b7d0c9
2019-04-05 05:34:00 -07:00
Kevin Hamacher
77ad64ac30 Use high FD numbers in the forkserver to avoid collision with FDs mapped by the user
PiperOrigin-RevId: 242106285
Change-Id: I0f4bd130f8e66e6b47ad1d7311e0fff519aa9e90
2019-04-05 04:51:41 -07:00
Wiktor Garbacz
98928a0570 Document required deps for Gentoo 2019-04-05 11:09:02 +02:00
Sandboxed API Team
6a65e63eae Add //tools/cpp:current_cc_toolchain to the toolchains attribute.
This is so that CC Make Variables will be resolved properly.

PiperOrigin-RevId: 241721367
Change-Id: Ic0d3f864b1398107118a1ada4c99cc4516db924f
2019-04-03 16:51:55 +02:00
Wiktor Garbacz
29fac2d393 mounts: Validate interpreter as early as possible
PiperOrigin-RevId: 240972700
Change-Id: I9049af7d053152cebd264fbfc352d2971a06d363
2019-03-29 07:07:55 -07:00
Sandboxed API Team
137f772f2b Allow TCMalloc to call madvise with MADV_NOHUGEPAGE
PiperOrigin-RevId: 240555428
Change-Id: I05fd61ecd09fc0a3f76dade0341d35b04a590b90
2019-03-27 07:40:57 -07:00
Christian Blichmann
dda0daa449 Fix typo
PiperOrigin-RevId: 240368596
Change-Id: Id517ae6ecece98998316ba5a2672e075e037133a
2019-03-26 09:57:32 -07:00
Christian Blichmann
88213b0d1b Copybara import of the project:
- 05cbe1250a0905c975cb3de175a6c3690dbbc00b Don't accidentially generate trigraphs by Mackie Loeffel <mackie.loeffel@web.de>
  - 25e66c1080fa50d8b0661d10ecde39cfcbf51289 Merge 05cbe1250a0905c975cb3de175a6c3690dbbc00b into 6679f... by MackieLoeffel <MackieLoeffel@users.noreply.github.com>

COPYBARA_INTEGRATE_REVIEW=https://github.com/google/sandboxed-api/pull/17 from MackieLoeffel:fix_trigraphs_in_filewrapper 05cbe1250a0905c975cb3de175a6c3690dbbc00b
PiperOrigin-RevId: 240365879
Change-Id: I31fa5dfeadac3cee79e7d66b4dd4fe58a7a4b242
2019-03-26 09:43:16 -07:00
Christian Blichmann
f04be9276f Formatting fixes and include file hygiene.
PiperOrigin-RevId: 240346890
Change-Id: I1a9617f10a62a848b6314a6196512e016ae02643
2019-03-26 07:54:21 -07:00
Christian Blichmann
33206c5d3f Use a longer string in the CRC4 buffer overflow example.
On some newer compiler versions, compiler optimizations and loop unrolling
change the memory layout so that 64 bytes are not enough to overwrite the
return address reliably.

PiperOrigin-RevId: 240343358
Change-Id: Ifb1a1dc1cb482793b7387887f0fd68a237879227
2019-03-26 07:28:15 -07:00
Kevin Hamacher
1dd0428713 Add missing chdir() in the init process
PiperOrigin-RevId: 239425921
Change-Id: Ia1b02ae0a2f319faa601d6098a9f94a3043656a8
2019-03-20 10:36:11 -07:00
Christian Blichmann
52f4c1f927 Disable "mini" debug format support in libunwind to avoid additional library dependency
PiperOrigin-RevId: 239397518
Change-Id: Icd8c641f9d5aac721a2cf1e4e0d3347743f49d58
2019-03-20 08:03:08 -07:00
Christian Blichmann
2ed1e9b7a4 Merge pull request #5 from disconnect3d:patch-5
PiperOrigin-RevId: 239387531
Change-Id: I7929c296cb838c5a1ed05539efca4e771c1f68b3
2019-03-20 14:51:11 +01:00
Christian Blichmann
30c25286f3 Merge pull request #8 from shaan1337:patch-1
PiperOrigin-RevId: 239384106
Change-Id: Ibeb4b6a76226a1384fc21df33378101a31764012
2019-03-20 14:33:36 +01:00
Wiktor Garbacz
2e9f50a68f Rename deathrattle_fatalmsg proto
PiperOrigin-RevId: 239377742
Change-Id: I169407087f5e6f3275e282a51232bb6eea330e49
2019-03-20 05:19:55 -07:00
Sandboxed API Team
c8a4131e74 Test that isatty is being allowed by AllowTCGETS.
PiperOrigin-RevId: 239370864
Change-Id: Id98f3e5d8dceedb3cfbcd23b980e828f576d3e8d
2019-03-20 04:11:21 -07:00
Christian Blichmann
3600a8a090 Merge pull request #2 from disconnect3d:patch-3
PiperOrigin-RevId: 239354706
Change-Id: Ib9b5eca822bcf114a90c7dc96a9a2dacd318d016
2019-03-20 09:42:47 +01:00
Christian Blichmann
6eb6dc5f9c Merge pull request #4 from disconnect3d:patch-4
PiperOrigin-RevId: 239244132
Change-Id: I33a50f866b23a23ce63ff5609e6865184fec0863
2019-03-19 21:40:14 +01:00
Christian Blichmann
0babaf094d Improve internal<->external code transforms #3
Note: These commits only change very minor formatting issues in
the GitHub version. There is more than meets the eye, though. These
changes help to be able to accept pull requests.
PiperOrigin-RevId: 239225828
Change-Id: Ib31bf114e7cc4ccda49f7dcc4e9e24eebc735065
2019-03-19 10:58:21 -07:00
Christian Blichmann
cb36b974eb Improve internal<->external code transforms #2
PiperOrigin-RevId: 239221234
Change-Id: I5b50ed6472df894c43310addb9d8e8ca35b2c822
2019-03-19 10:38:52 -07:00
Christian Blichmann
22eeb45d0f Add missing transactions.md
Fixes #7

PiperOrigin-RevId: 239176066
Change-Id: I6fde1246447610ed5157db39f30472c38b206474
2019-03-19 06:16:40 -07:00
Christian Blichmann
90d276f913 Improve internal<->external code transforms
This includes changing the way libcap headers are included.

PiperOrigin-RevId: 239173120
Change-Id: I5562d924b96bab26a29342903895324bfe385e5a
2019-03-19 05:51:53 -07:00
Kevin Hamacher
5d216fb191 Only spawn init processes when using PID NS
PiperOrigin-RevId: 239169620
Change-Id: I9f26cfab90189a1baa5b87a700ce892cf0c95a89
2019-03-19 05:14:29 -07:00
Wiktor Garbacz
7ecdd2f8fc Internal change.
PiperOrigin-RevId: 239163024
Change-Id: I6918cc7f1472271b3cf99e042d8eb52d42868e6c
2019-03-19 04:11:51 -07:00
Sandboxed API Team
5aa13876a4 Formatting fixes.
PiperOrigin-RevId: 239159980
Change-Id: Ic6185368392622bf3f4c661e37f6b9fcca0d60a6
2019-03-19 03:41:32 -07:00
Shaan Nobee
88a23c878a
Fix typo 2019-03-19 09:43:12 +04:00
Disconnect3d
845ad06d37
Update library.md
There is no https://github.com/google/sandboxed-api/blob/master/sandboxed_api/examples/zlib/lib/sandbox.h - it either wasn't commited or we meant different sandbox.h here. For now I linked to sum's sandbox.h
2019-03-18 21:34:41 +01:00
Disconnect3d
64acef11c5
fix formatting in docs/library.md 2019-03-18 21:29:35 +01:00
Disconnect3d
95d35615b8
Fix user namespaces link in howitoworks.md 2019-03-18 21:22:53 +01:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release.
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00