302 Commits

Author SHA1 Message Date
Wiktor Garbacz
dfe0b9aa6d Remove leftover DangerDefaultAllowAll
PiperOrigin-RevId: 513466766
Change-Id: I02b237c6900962c04ec41be9cbba9b9e6a8242a6
2023-03-02 01:22:36 -08:00
Sandboxed API Team
f086c39f42 Update clients of PolicyBuilder to support architectures other than x86_64.
PiperOrigin-RevId: 500181306
Change-Id: Ibf3e5e3ac6214394f2d9ab10cf30de6d8396988d
2023-01-06 14:31:59 -08:00
Christian Blichmann
4c87556901 Use Abseil's log/flags instead of glog/gflags
Follow-up changes might be required to fully fix up the contrib sandboxes.

PiperOrigin-RevId: 482475998
Change-Id: Iff631eb838a024b2f047a1be61bb27e35a8ff2f4
2022-10-20 06:48:51 -07:00
Christian Blichmann
79b6784b82 #Cleanup: Consistently use std::make_unique
PiperOrigin-RevId: 480597371
Change-Id: I145586382ad7a7694384cc672986132376a47465
2022-10-12 05:23:42 -07:00
Christian Blichmann
4ec09d0061 Update and move lodepng to contrib/
- Drop patch from `CMakeLists.txt` in favor forcing C compilation
- Use `sapi` namespace and new logging integration
- Update sandbox policy to allow to retrieve thread ids
- Add tests to GitHub Workflow

PiperOrigin-RevId: 454133584
Change-Id: I50946245c723eb1e496ed1403b70ba08d977494e
2022-06-10 04:24:12 -07:00
Christian Blichmann
d805286343 Move libtiff sandbox to contrib/, add to tests
PiperOrigin-RevId: 453410018
Change-Id: I7a9815d844e43fe4b6a1971104179c5b854b2f0a
2022-06-07 05:05:19 -07:00
Christian Blichmann
51799f99ae Introduce a transitional logging utility library
Instead of calling `google::InitGoogleLogging()` directly, introduce an
indirection via a new utility library. After this change, Sandboxed API
should consistently use `sapi::InitLogging()` everywhere.

For now, `sapi::InitLogging()` simply calls its glog equivalent. However,
this enables us to migrate away from the gflags dependency and use Abseil
flags. Once a follow-up change lands, `sapi::InitLogging()` will instead
initialize the google logging library with flags defined from Aseil.

Later still, once Abseil releases logging, we can then drop the glog
dependency entirely.

PiperOrigin-RevId: 445363592
Change-Id: Ia23a7dc88b8ffe65a422ea4d5233bba7bdd1303a
2022-04-29 02:14:06 -07:00
Christian Blichmann
6cbde854d6 #Cleanup: Consistently use char* argv[] instead of char**
PiperOrigin-RevId: 444782296
Change-Id: If8e7647be28f794392675ae001abbe9b809da0ac
2022-04-27 00:43:51 -07:00
Christian Blichmann
839914d6dd cmake: Rename build options to follow Abseil naming
`BUILD_TESTING` is a CMake provided option and we should use similar naming,
just like how Abseil does it.

- `SAPI_ENABLE_TESTS` -> `SAPI_BUILD_TESTING`
- `SAPI_ENABLE_CONTRIB_TESTS` -> `SAPI_CONTRIB_BUILD_TESTING`
- `SAPI_ENABLE_EXAMPLES` -> `SAPI_BUILD_EXAMPLES`

Drive-by:
- Fix option name in GitHub action
PiperOrigin-RevId: 443305932
Change-Id: Ice2b42be1229a0f9ae7c2ceda9ce87187baf22c4
2022-04-21 01:17:39 -07:00
Sandboxed API Team
e9c041f0c2 [Cleanup] Fix apache license url
PiperOrigin-RevId: 429974822
Change-Id: Id07aa9baf374458b9ff789fc93eff2b51d77917c
2022-02-20 23:50:29 -08:00
Christian Blichmann
7e5a398164 Migrate the pffft sandbox to contrib/
PiperOrigin-RevId: 427443359
Change-Id: I852a818ae302a86abe32a2820f349f67861e342e
2022-02-09 05:20:29 -08:00
Copybara-Service
e8b54f7088 Merge pull request #101 from cblichmann:02jsonnet-contrib
PiperOrigin-RevId: 424813033
Change-Id: I617ac515e471ea220f34a9ca636aa0669799b968
2022-01-28 01:47:32 -08:00
Christian Blichmann
d451478e26 Change license link to HTTPS URL
PiperOrigin-RevId: 424811734
Change-Id: If5ea692edc56ddc9c99fd478673df41c0246e9cc
2022-01-28 01:39:09 -08:00
Christian Blichmann
1a02c75bed Jsonnet: Move to contrib/ 2022-01-27 18:44:57 +01:00
Christian Blichmann
7000ea865b
Jsonnet: Use FetchContent instead of git submodule
- Update instructions
- Tested with CMake 3.13
2022-01-27 10:34:16 +01:00
Christian Blichmann
7afaaa7c6a Jsonnet: Update with latest Sandboxed API changes
This fixes some build issues due to changes in Sandboxed API and
upstream Jsonnet.

PiperOrigin-RevId: 423787176
Change-Id: Ia3b9eab6b96e2fca70531f998e441ace04f31e3e
2022-01-24 05:13:03 -08:00
Sandboxed API Team
a44e57e243 Update references to the new documentation
PiperOrigin-RevId: 416317448
Change-Id: Ic148364e012405cc34840c12428cbd912ed377ae
2021-12-14 09:03:29 -08:00
Christian Blichmann
90d1867026 Remove deprecated sapi::StatusOr<> forward declaration
PiperOrigin-RevId: 399663835
Change-Id: I92255a68e50a3b9130d3e222a2e353ee2e599c18
2021-09-29 05:39:10 -07:00
Copybara-Service
fb1822b579 Merge pull request #82 from cblichmann:main
PiperOrigin-RevId: 353870558
Change-Id: If51eb17a94ad0f42876e5fa980918532153c42e9
2021-01-26 08:18:57 -08:00
Christian Blichmann
d1e8ad94a8
Improve curl example
- Update sandbox policy (bring back inclusion of `/lib` to enable glibc
  resolver
- Better error handling using new `curl_util` library

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2021-01-26 17:01:02 +01:00
Christian Blichmann
2f58cfc77f Merge pull request #81 from cblichmann:main
PiperOrigin-RevId: 353812058
Change-Id: I500cab1c3f44ce24e321df3a3253710911feada9
2021-01-26 09:40:27 +01:00
Christian Blichmann
3a95d9df41 Fix cURL example
Due to a naming mixup in `oss-internship-2020/curl/CMakeLists.txt`, the
necessary `WriteToMemory()` callback was not linked into the sandboxee,
leading to a segfault in the sandboxee when trying to run the
tests/examples.

As another issue, cURL seems to call `sysinfo` and `rt_sigaction` in
recent versions and with recent libc.

Drive-by changes:
- Use the SAPI status macros instead of manually checking `absl::Status`
- Put tests in namespace
- Some Google C++-style fixes
- Start the mock test server only once per test suite

Fixes #72 for cURL.

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2021-01-25 17:01:54 +01:00
Christian Blichmann
75bbd0e1c1 Internal change
Only externally visible changes should be a few changed includes as well as
some formatting changes.

PiperOrigin-RevId: 353226662
Change-Id: Iebf5be13774efcbd94c5d5a17b9b27e47275b229
2021-01-22 06:01:34 -08:00
Christian Blichmann
dbaf95c724 Move utility code into sandboxed_api/util
This change should make it less confusing where utility code comes from.
Having it in two places made sense when we were debating whether to publish
Sandbox2 separately, but not any longer.

Follow-up changes will move `sandbox2/util.h` and rename the remaining
`sandbox2/util` folder.

PiperOrigin-RevId: 351601640
Change-Id: I6256845261f610e590c25e2c59851cc51da2d778
2021-01-13 09:25:52 -08:00
Wiktor Garbacz
e94ba3a16b Fix cURL example build
Fixes #76

PiperOrigin-RevId: 350728353
Change-Id: Iebc4a0a381fff379498b66dfa9238d33efa69ec1
2021-01-08 02:48:05 -08:00
Christian Blichmann
4ff125df7a
Reactivate cURL git submodule
- Fix commands in `README.md`

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2021-01-06 16:11:00 +01:00
Copybara-Service
6f8e758177 Merge pull request #56 from alexelex:master
PiperOrigin-RevId: 346286713
Change-Id: Ib052758d6a7deaa1c62660fd43d8f0e31f42bc09
2020-12-08 03:15:35 -08:00
Copybara-Service
08bb2f80d1 Merge pull request #69 from alexelex:libpng-master
PiperOrigin-RevId: 346072038
Change-Id: I23a9e6704106e2834a5900522a1be06341c6421a
2020-12-07 05:34:46 -08:00
Copybara-Service
fbf3e84799 Merge pull request #65 from andreimedar:libarchive
PiperOrigin-RevId: 343290002
Change-Id: I1f29e4acfc7d423be63fd52e7a78ceb209d29115
2020-11-19 07:53:41 -08:00
Copybara-Service
e6bb05a15d Merge pull request #55 from FedericoStazi:libuv
PiperOrigin-RevId: 343278766
Change-Id: I708fdc1cd98d5fbb2abcf3261d1cecd65cec46fe
2020-11-19 06:32:47 -08:00
Christian Blichmann
2acec65a58 Add an AllowAccess() convenience function to PolicyBuilder
Drive-by: Apply convenience functions in policies.
PiperOrigin-RevId: 340404977
Change-Id: I906106b61c1837d23ddaff15d8792ec79d3d3189
2020-11-03 02:21:21 -08:00
Alexandra Latysheva
a5b5cd9a02 add forgotten license to wrapper 2020-10-30 15:47:36 +00:00
Alexandra Latysheva
4bd158a68f use ctest for testing and set testing environment for using test data 2020-10-30 14:52:53 +00:00
Latysheva Alexandra
0710361ed4
update helper 2020-10-30 20:41:26 +06:00
Alexandra Latysheva
219da51823 use ctest for testing and set testing environment for using test data 2020-10-30 14:34:33 +00:00
Alexandra Latysheva
64d04a80e5 use api->sandbox() instead of send sandbox as an argument 2020-10-30 14:02:34 +00:00
Alexandra Latysheva
56615d5d57 use absl::StarusOr<Data> as a return value instead on pointer to constructed value; rename variable 2020-10-30 13:41:55 +00:00
Alexandra Latysheva
dcf397bb97 Merge branch 'libpng-master' of github.com:alexelex/sandboxed-api into libpng-master 2020-10-30 13:27:40 +00:00
Alexandra Latysheva
9068b28d28 remove default constructors; reword some errors; skip check is there is enough free space 2020-10-30 13:27:25 +00:00
Latysheva Alexandra
113e6c8229
update readme 2020-10-30 19:07:40 +06:00
Latysheva Alexandra
3a83fe68c9
rewrite readme and correct mistakes in it 2020-10-30 19:05:37 +06:00
Alexandra Latysheva
36c816c693 add small documentation to readme 2020-10-30 13:00:05 +00:00
Alexandra Latysheva
94abb95771 order targets in CMakeLists alphabetically 2020-10-30 12:46:13 +00:00
Alexandra Latysheva
bfbb4f70c4 remove default image in the example and rewrite usage 2020-10-30 12:36:42 +00:00
Alexandra Latysheva
7b6b2d2fe8 use &sapi:✌️:NullPtr instead of sapi:✌️:NullPtr().PthBoth() as NULL inside the sandbox; remove unused wrapper for png_write_end 2020-10-30 11:17:45 +00:00
Alexandra Latysheva
2e2e0c741e use inline for constants in the header 2020-10-29 05:58:27 +00:00
Alexandra Latysheva
aef95ad002 don't use const with absl::string_view 2020-10-29 05:33:36 +00:00
Alexandra Latysheva
bcecc9e74a init libpng 2020-10-28 15:40:57 +00:00
Alexandra Latysheva
ce12cac60c add header for data and move there common consts 2020-10-28 14:04:14 +00:00
Alexandra Latysheva
b74b3c80fc use local variable instead of dynamic variable in TiffSapiSandbox::ModifyPolicy 2020-10-28 13:16:15 +00:00