Commit Graph

1333 Commits

Author SHA1 Message Date
Demi Marie Obenour
7a616718d8 Sandbox woff2
Trickiest part here was memory allocation and test handling.
2022-03-16 06:42:09 -04:00
Oliver Kunz
ee11d9fdb7 Migration of remaining protobufs from proto2 to proto3
PiperOrigin-RevId: 434973223
Change-Id: I5518aa3944cab94d33ce0538bed8ee82f90d4b3a
2022-03-16 00:43:46 -07:00
Mariusz Zaborski
6d5f257711 Copybara import of the project:
--
74c7f66dee by Mariusz Zaborski <oshogbo@invisiblethingslab.com>:

Sandbox uriparser

COPYBARA_INTEGRATE_REVIEW=https://github.com/google/sandboxed-api/pull/130 from oshogbo:uriparser 74c7f66dee
PiperOrigin-RevId: 434755972
Change-Id: I90f97229122acd47354327c0ae9e58a02cb7bd20
2022-03-15 08:21:12 -07:00
Christian Blichmann
071cb79268
Merge branch 'main' into zip 2022-03-15 12:02:40 +01:00
Copybara-Service
6d51497cbf Merge pull request #141 from DemiMarie:fix-pffft-build
PiperOrigin-RevId: 434707632
Change-Id: I384cd7275cfe8f80931a9ca3108ee6324a7df175
2022-03-15 03:43:24 -07:00
Oliver Kunz
206547591b Migrate forkserver.proto to proto3 syntax
PiperOrigin-RevId: 434458725
Change-Id: I277f76a1a5ebd3eed15c6b3f3e7f849bf6edacea
2022-03-14 07:28:23 -07:00
Oliver Kunz
68eaa815ce Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto
PiperOrigin-RevId: 434435260
Change-Id: Ie4cfe04bf1a9357e63b6159c3d5a8b95388b5292
2022-03-14 05:15:15 -07:00
Wiktor Garbacz
50c55e8ac0 Provide clearer error message when global forkserver is chrooted
PiperOrigin-RevId: 433686276
Change-Id: Ieb01f9dcafdce7bcb548807169f429cc8a181e56
2022-03-10 01:32:55 -08:00
Demi Marie Obenour
b4d0dbcdcb Fix a syntax error
Introduced by the recent macro refactoring.
2022-03-09 21:21:04 -05:00
Wiktor Garbacz
52d1ea8984 Avoid hard failures in StartSubProcess
PiperOrigin-RevId: 433453289
Change-Id: Ib8b08ddd31c4daa9a377960d52f0a7eb7b17de19
2022-03-09 05:17:15 -08:00
Oliver Kunz
c5565241c1 Rewrite IsEquivalentNode without the use of MessageDifferencer
PiperOrigin-RevId: 433422767
Change-Id: I891a8f5f027115898590a43bed5d25c51c1db944
2022-03-09 01:56:50 -08:00
Wiktor Garbacz
612ff57913 Replace deprecated SetWalltimeLimit call
PiperOrigin-RevId: 433414976
Change-Id: I0597a2d8215d4b228794da409e3533651972a98c
2022-03-09 01:01:49 -08:00
Copybara-Service
622ca18cef Merge pull request #135 from DemiMarie:fix-semicolon
PiperOrigin-RevId: 433402251
Change-Id: I0ef844a2139a6a5938f8221114dad79963b6726c
2022-03-08 23:31:50 -08:00
Wiktor Garbacz
20edaae54f Add an option to allow mount propagation
PiperOrigin-RevId: 433211924
Change-Id: I653f000d44de10b668b375fd2dfff3c668cbf673
2022-03-08 08:01:19 -08:00
Copybara-Service
26651247f4 Merge pull request #133 from oshogbo:c-blosc-drop-patch
PiperOrigin-RevId: 433208092
Change-Id: Ifb304740fa002ba008291f19c978ea3f4e81f314
2022-03-08 07:40:52 -08:00
Christian Blichmann
fa9e6e8a5c clang_generator: Correctly emit typedefs with anonymous enums/structs
This change also adds some more basic testing and test utils.

PiperOrigin-RevId: 433203779
Change-Id: I57616af3719ccbc41201dc6d4b0b60ddaf70ebab
2022-03-08 07:16:54 -08:00
Copybara-Service
26a077bb3d Merge pull request #131 from DemiMarie:fix-fedora-cmake-build
PiperOrigin-RevId: 433174006
Change-Id: Icca1816a2513f4e4553ef1e671ca16bafb4fa40c
2022-03-08 04:10:29 -08:00
Oliver Kunz
2650834d7c Add unittest for IsEquivalentNode
PiperOrigin-RevId: 433172902
Change-Id: Ie6fb44e682be947fb9f8b856c5e804aa91647a6d
2022-03-08 04:04:57 -08:00
Wiktor Garbacz
8a5740fbb1 Better handle invalid read-write mounts
PiperOrigin-RevId: 433136095
Change-Id: I17eb347c0a5cfef5e05c3717dfdd83055d967e35
2022-03-07 23:57:57 -08:00
Sandboxed API Team
32d19f9e57 Disable compress_stack_depot in sandbox
The feature is pure optimization, but it requires
additional syscalls.

PiperOrigin-RevId: 432954277
Change-Id: I1f345f8a26c86e09611fd575cb6ee080f24cc717
2022-03-07 08:43:42 -08:00
Wiktor Garbacz
d1995bdca5 Add a helper for allowing epoll
PiperOrigin-RevId: 432879710
Change-Id: I7cc991358ce25729b002210a04bacb3ae91d8a1f
2022-03-07 00:54:21 -08:00
Mariusz Zaborski
de56ca399a contrib: use constexpr for kFileMaxSize
Use constexpr to inform compiler that it is possible to evaluate
variable at compile time.
2022-03-06 06:12:01 -05:00
Demi Marie Obenour
eacd8c8097 Remove trailing semicolons from macros
The semicolons should be in the code that uses the macros.
2022-03-05 11:42:04 -05:00
Sandboxed API Team
8e82b900f4 Automated rollback of commit 5f34d11e77.
PiperOrigin-RevId: 432491462
Change-Id: Id92eabbb140df85b7b48f6f107ef9f44c3c6dff5
2022-03-04 11:19:19 -08:00
Wiktor Garbacz
5f34d11e77 Add a helper for allowing epoll
PiperOrigin-RevId: 432387441
Change-Id: I52865ab4abd4ebaf9842859b5f2718b204f4c6ea
2022-03-04 01:24:55 -08:00
Mariusz Zaborski
8a8b626701 c-blosc: add missing header 2022-03-03 19:09:21 -05:00
Mariusz Zaborski
c3a0921435 c-blosc: Enforce option to make symbols visible 2022-03-03 19:07:45 -05:00
Christian Blichmann
eec22e8aaf Partially revert 692f026: Emit related types within wrapper namespace
There are a lot of internal users depending on the old behavior of the
libclang-based generator.

PiperOrigin-RevId: 432281224
Change-Id: If82333fc3001f52de59e57a874f28bf8815d0877
2022-03-03 14:14:52 -08:00
Mariusz Zaborski
48ca0916a8 c-blosc: drop cmake patches and bump the c-blosc version
The PR (https://github.com/Blosc/c-blosc/pull/329) was merged into
c-blosc, so we can use newer version of it.
2022-03-03 16:50:52 -05:00
Wiktor Garbacz
1cf2d840dd Add PolicyBuilder::OverridableBlockSyscallWithErrno
PiperOrigin-RevId: 432201719
Change-Id: I5cac1a03a7ec95598bae87ff13d38e4bedf62beb
2022-03-03 08:37:04 -08:00
Christian Blichmann
725a5c11a8 Extend config.h to support HWSan and LSan
The constexpr functions can be used to ensure that all branches actually compile
(unlike plain preprocessor `#ifdef`s).

PiperOrigin-RevId: 432186834
Change-Id: I1a8d97dac8480fe9d4543b0e9e39540ca1efc8fa
2022-03-03 07:12:50 -08:00
Oliver Kunz
077203fcf2 Change to proto2::MessageLite and resolve reflextion for mobile builds
PiperOrigin-RevId: 432164927
Change-Id: I0821cf443393b0bb16a68fc5750a9633a3f27725
2022-03-03 04:48:30 -08:00
Demi Marie Obenour
a132d309a5 Fix the Fedora build using CMake
The build previously failed with confusing CMake errors.
2022-03-02 16:22:29 -05:00
Sandboxed API Team
e1a9513783 Move few policies from tsan to All section.
munmap is widely used by sanitizer, but it
probably works for Asan/Msan because it's enabled
by unrelated Allow* call.

Move mprotect to shared part as well. It will be
needed for compress_stack_depot.

PiperOrigin-RevId: 431989551
Change-Id: I7695a2de81d8d0b2112d3308778b2e9a9c7cb596
2022-03-02 11:38:35 -08:00
Sandboxed API Team
546365655d Introduce commandline flag to pass forkserver_bin path for Android builds.
PiperOrigin-RevId: 431942480
Change-Id: I5382b4fc8e8a66bb823dda597e1b812421364212
2022-03-02 08:12:21 -08:00
Sandboxed API Team
3f042fa54f Fix monitor for Android-ARM64
PiperOrigin-RevId: 431926820
Change-Id: Ie5adc1ec6accc7e68782c26b65fac0c32cded498
2022-03-02 06:42:42 -08:00
Christian Blichmann
692f0260b3 clang_generator: Emit types outside of namespace, skip Abseil enums
PiperOrigin-RevId: 431913470
Change-Id: Ia44f6642a37501ba1630321ba1430d1bf10cf377
2022-03-02 05:17:32 -08:00
Christian Blichmann
60fcc5b63e Limit the number of includes fed into the header generator
Use [`direct_headers`](https://bazel.build/rules/lib/CompilationContext#direct_headers)
from the Bazel/Blaze compilation context instead of _all_ transitive headers.

For the clang based generator, this means we don't try to parse
`textual_headers`, which will fail (they are by definition not
stand-alone, after all).

PiperOrigin-RevId: 431899423
Change-Id: I7a9dfa0dd93eba14b506b0e7ca6db3ed59b55dd6
2022-03-02 03:41:41 -08:00
Christian Blichmann
6de30ea27f CI: Cache dependencies
This will speed up our builds a bit and prevent unnecessary network traffic.

Setup according to the documentation for the `actions/cache@v2` action:
https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows

Currently caching the `${{github.workspace}}/_deps` directory, as used by CMake.

Cache keys look like this: `ubuntu-20.04-clang11` (`${{matrix.os}-${{matrix.compiler}}${matrix.compiler-version}}`)

PiperOrigin-RevId: 431895214
Change-Id: I4ecac7c00eec8516f85f45aa2220303b811b2389
2022-03-02 03:07:21 -08:00
Copybara-Service
2d324bd50d Merge pull request #121 from oshogbo:doc2
PiperOrigin-RevId: 431618531
Change-Id: Ieabcfa982770831acd565cd17fcf121570850ab9
2022-03-01 00:15:58 -08:00
Sandboxed API Team
9a7ba28ea7 Allow sanitizer to print reports
PiperOrigin-RevId: 430271415
Change-Id: Ieb23663aa6ff5997ce0a6b1e81dcb2385ac4b509
2022-02-22 12:33:55 -08:00
Mariusz Zaborski
e49318571b Sandbox zip 2022-02-22 10:51:53 -05:00
Copybara-Service
4024694eb6 Merge pull request #112 from oshogbo:zstd_opt
PiperOrigin-RevId: 430179725
Change-Id: Ic3c93a51a199eaf087cea2e58c819eb07bf52a1a
2022-02-22 04:21:24 -08:00
Copybara-Service
a805034070 Merge pull request #125 from oshogbo:cmake_c_blosc
PiperOrigin-RevId: 430174230
Change-Id: I6e4f53f3cae4e2e3487419903f7f8c6f98ac828e
2022-02-22 03:44:16 -08:00
Copybara-Service
176a19989b Merge pull request #114 from oshogbo:cmake_quote
PiperOrigin-RevId: 430174200
Change-Id: I95831e97b75c0f3df552e13ae00665b5c9c91333
2022-02-22 03:43:27 -08:00
Christian Blichmann
99f1ce93ba
Merge branch 'main' into cmake_quote 2022-02-22 11:57:33 +01:00
Wiktor Garbacz
a2daa0a275 Fix BlockSyscallsWithErrno
PiperOrigin-RevId: 429982218
Change-Id: I42b187e678542b295542ca44882945c7695178e1
2022-02-21 00:46:50 -08:00
Sandboxed API Team
e9c041f0c2 [Cleanup] Fix apache license url
PiperOrigin-RevId: 429974822
Change-Id: Id07aa9baf374458b9ff789fc93eff2b51d77917c
2022-02-20 23:50:29 -08:00
Mariusz Zaborski
3680d50565 contrib: Sort the order of projects 2022-02-18 08:00:21 -05:00
Mariusz Zaborski
b9ec42d220 c-blosc: to default build 2022-02-18 07:57:03 -05:00