Kevin Hamacher
66aeb6e59d
Error out if invalid custom forkserver path is specified
...
PiperOrigin-RevId: 540526350
Change-Id: Id7f4ea9290074c15c700c27c2d252b9f54a282bd
2023-06-15 03:17:02 -07:00
Kevin Hamacher
fb1571c801
Automated rollback of commit f6fd27618b
.
...
PiperOrigin-RevId: 529395980
Change-Id: I6a5d451ed84f8d4a522777815c6cc2d7d7a8923c
2023-05-04 06:53:48 -07:00
Sandboxed API Team
f6fd27618b
Automated rollback of commit 8c53262539
.
...
PiperOrigin-RevId: 529101664
Change-Id: Ica452c6ee8f54b78be09fa830a09d6a89800cf44
2023-05-03 08:45:11 -07:00
Kevin Hamacher
8c53262539
Allow forkserver to use waitpid as alternative to sa_nochldwait
...
PiperOrigin-RevId: 529074278
Change-Id: If63015586673610e111ee589995e5264523be7a7
2023-05-03 06:41:07 -07:00
Wiktor Garbacz
a4d602298b
Dump coverage prior to execveat
...
PiperOrigin-RevId: 520002416
Change-Id: Ic792b0b71b8e7b2f00b669db9b6831acd8341c5c
2023-03-28 05:50:43 -07:00
Wiktor Garbacz
e031c11bdc
Update naming and lambda capture for stack size
...
PiperOrigin-RevId: 515254988
Change-Id: I394dc039bcfcbd2ccd7c705a91974f4183b28c39
2023-03-09 00:14:39 -08:00
Wiktor Garbacz
0d3d5d4bcb
Seccomp_unotify based monitor
...
Unotify based monitor should bring big performance wins
if the sandboxee heavily uses threading or signals.
Some of the features are not supported in that mode:
- execveat is always allowed instead of just the initial one
- stack traces are not collected on normal exit or if the process is terminated by signal
PiperOrigin-RevId: 515040101
Change-Id: Ia5574d34b4ff7e91e3601edb8c9cb913e011fbf6
2023-03-08 08:09:34 -08:00
Wiktor Garbacz
a8db8bfcf7
PTHREAD_STACK_MIN is not always a constexpr
...
PiperOrigin-RevId: 514695823
Change-Id: Iecf16f0bd563d85f80b0697d14293ff2d3133aef
2023-03-07 04:47:53 -08:00
Wiktor Garbacz
3f53e81d0b
Remove unused dependency
...
PiperOrigin-RevId: 509890467
Change-Id: I0189fca5efa93a9e67f6f07eac44793cd17dcfc3
2023-02-15 11:35:14 -08:00
Wiktor Garbacz
a5d12903dd
Extract SandboxeeProcess and move it down the call chain
...
PiperOrigin-RevId: 507718207
Change-Id: Ia1f6fc2f09abbde5311f8dc0f596aa605989140d
2023-02-07 02:22:45 -08:00
Wiktor Garbacz
2f64d3d925
stack_trace: pass fd to sandboxee's memory instead of using process_vm_readv
...
Libunwind sandbox no longer needs to join sandboxee's userns.
This cleans up a lot of special handling for the libunwind sandbox.
PiperOrigin-RevId: 503140778
Change-Id: I020ea3adda05ae6ff74137b668a5fa7509c138f8
2023-01-19 05:44:50 -08:00
Wiktor Garbacz
00d42577d5
Use CLONE_VM for starting the global forkserver
...
PiperOrigin-RevId: 499192311
Change-Id: I054385e9cab5e4987b0f34ab3b763244356405c2
2023-01-03 05:36:40 -08:00
Christian Blichmann
4c87556901
Use Abseil's log/flags instead of glog/gflags
...
Follow-up changes might be required to fully fix up the contrib sandboxes.
PiperOrigin-RevId: 482475998
Change-Id: Iff631eb838a024b2f047a1be61bb27e35a8ff2f4
2022-10-20 06:48:51 -07:00
Christian Blichmann
79b6784b82
#Cleanup: Consistently use std::make_unique
...
PiperOrigin-RevId: 480597371
Change-Id: I145586382ad7a7694384cc672986132376a47465
2022-10-12 05:23:42 -07:00
Christian Blichmann
a60ff1a95c
Remove OsErrorMessage
in favor of Abseil's new ErrnoToStatus
...
#Cleanup
PiperOrigin-RevId: 443359044
Change-Id: I2b3e385a1846feac79edd28fcbf6e85b1429a44a
2022-04-21 06:15:38 -07:00
Sandboxed API Team
546365655d
Introduce commandline flag to pass forkserver_bin path for Android builds.
...
PiperOrigin-RevId: 431942480
Change-Id: I5382b4fc8e8a66bb823dda597e1b812421364212
2022-03-02 08:12:21 -08:00
Christian Blichmann
d451478e26
Change license link to HTTPS URL
...
PiperOrigin-RevId: 424811734
Change-Id: If5ea692edc56ddc9c99fd478673df41c0246e9cc
2022-01-28 01:39:09 -08:00
Wiktor Garbacz
c29c510e30
Log when global forkserver is started and its exit status
...
PiperOrigin-RevId: 398232735
Change-Id: Ia0628cf2dee51a94938dae82bcb392384feeb74c
2021-09-22 07:16:43 -07:00
Wiktor Garbacz
773dc6b18b
Do not fail-hard in global forkserver startup
...
PiperOrigin-RevId: 389816114
Change-Id: Icd672028ff224cf01095d6590fe1cc2adb312316
2021-08-10 00:33:29 -07:00
Wiktor Garbacz
0621e06a9c
Allow recovering from global forkserver failure
...
PiperOrigin-RevId: 389164847
Change-Id: I40bc3b6d3bea28ee8954ea2a11a0427a6c05da35
2021-08-06 06:54:05 -07:00
Wiktor Garbacz
fe709502f4
Wait for global forkserver when shutting it down
...
Otherwise starting forkserver multiple times will result in zombie processes lingering around.
PiperOrigin-RevId: 388926497
Change-Id: Ia9947cce3d9e909edd709b0d3525e1ae8b8bbc51
2021-08-05 07:07:35 -07:00
Christian Blichmann
7b711b85e8
Rename static singleton accessor
...
PiperOrigin-RevId: 384699374
Change-Id: I674baffc77bc6b3815f94512058a14d37d164c6f
2021-07-14 08:00:59 -07:00
Wiktor Garbacz
fe08d724e4
Simplify the dup fix and add better error handling
...
Original fix might fail if RLIMIT_NOFILE is set to 1024.
PiperOrigin-RevId: 381034115
Change-Id: I39e33a90083533cf85eb04072604665c299b861f
2021-06-23 08:14:01 -07:00
Wiktor Garbacz
0ec4f07f96
Fix rare failure while starting the global forkserver
...
This bug only manifests if a lot of fds are open when global forkserver is started.
If the allocated exec_fd number was equal Comms::kSandbox2ClientCommsFD then it would be replaced by the comms fd and result in EACCESS at execveat.
PiperOrigin-RevId: 380805414
Change-Id: I31427fa929abfc60890477b55790cc14c749f7f5
2021-06-22 07:48:58 -07:00
Wiktor Garbacz
e87a052e61
Fix restarting global forkserver
...
PiperOrigin-RevId: 376643949
Change-Id: I5811e8b8a9f5e74cab21d021c8e83b2a4b91818a
2021-05-31 02:19:28 -07:00
Christian Blichmann
dbaf95c724
Move utility code into sandboxed_api/util
...
This change should make it less confusing where utility code comes from.
Having it in two places made sense when we were debating whether to publish
Sandbox2 separately, but not any longer.
Follow-up changes will move `sandbox2/util.h` and rename the remaining
`sandbox2/util` folder.
PiperOrigin-RevId: 351601640
Change-Id: I6256845261f610e590c25e2c59851cc51da2d778
2021-01-13 09:25:52 -08:00
Sandboxed API Team
b61b2a37b7
Add IsStarted() method to GlobalForkClient.
...
PiperOrigin-RevId: 351170872
Change-Id: I5544eb27962606a562ce79b97d508f841ec0dc56
2021-01-11 09:34:13 -08:00
Christian Blichmann
507010781a
Follow-up with more build fixes
...
Because any change that touches continuous integration needs a companion o.O
PiperOrigin-RevId: 347769780
Change-Id: I20525aaac2ce41c48f619b641baa31e880432e50
2020-12-16 00:09:28 -08:00
Christian Blichmann
c3ac45be3e
Reimplement raw logging to avoid Abseil internals
...
The defined raw logging macros should be compatible with Abseil and
we can remove our version once Abseil releases theirs.
PiperOrigin-RevId: 347354273
Change-Id: I178a89cfd2e19bcd707a06fa9dfd7b767e2b654b
2020-12-14 03:34:02 -08:00
Wiktor Garbacz
6d98090962
Do not fail if forkserver is disabled by env when lib_ctor is used
...
PiperOrigin-RevId: 346743575
Change-Id: I948aad88120746e15535e3c5270581a31a0b3d29
2020-12-10 02:49:54 -08:00
Sandboxed API Team
c7d8e83d60
Declare global forkserver start mode flag in header file so it can be overridden in code more easily.
...
PiperOrigin-RevId: 346588150
Change-Id: I1013b928a45bab164e7db28d49be8504353dc064
2020-12-09 10:53:41 -08:00
Wiktor Garbacz
da64459e3f
Allow shutting down the global forkserver
...
PiperOrigin-RevId: 345198374
Change-Id: I3b5c49f6e5abb76d2b0a57078ffeb0609e0be008
2020-12-02 03:05:37 -08:00
Wiktor Garbacz
f8a2729c32
Start global fork-server on demand
...
Allow disabling global fork-server with a flag.
PiperOrigin-RevId: 340860588
Change-Id: I184603dc3a81eb90f715053e14fb3b8d66a6f104
2020-11-05 08:48:03 -08:00
Wiktor Garbacz
f7d3f442df
Extract ForkClient to a separate target
...
PiperOrigin-RevId: 321757582
Change-Id: I48b89ab4e4b1d87dd9444874de5bf5bd2526531a
2020-07-17 04:54:54 -07:00
Chris Kennelly
63a8b3ff15
Refactoring for internal change
...
PiperOrigin-RevId: 320612442
Change-Id: I65729ac5d83c76dac047a47f866b7ad4af3c56c1
2020-07-10 09:01:49 -07:00
Wiktor Garbacz
539d1cac34
Replace if (!cond) { LOG(FATAL, msg) }
with CHECK(cond, msg)
...
PiperOrigin-RevId: 291916344
Change-Id: Ib522a3f202b20bf8f1ab4ca5774952d4b8f43e91
2020-01-28 05:59:33 -08:00
Christian Blichmann
441201884a
Update license header with recommended best practices
...
PiperOrigin-RevId: 290250533
Change-Id: Ic34b253446463cf971a055b70a242df93a598ee3
2020-01-17 05:05:29 -08:00
Kevin Hamacher
1b50485be6
Move forkserver into a dedicated binary
...
PiperOrigin-RevId: 242637894
Change-Id: I16f19d077e2b5b9d0d4ef58344d5caaef95af7c6
2019-04-09 14:37:41 +02:00
Kevin Hamacher
77ad64ac30
Use high FD numbers in the forkserver to avoid collision with FDs mapped by the user
...
PiperOrigin-RevId: 242106285
Change-Id: I0f4bd130f8e66e6b47ad1d7311e0fff519aa9e90
2019-04-05 04:51:41 -07:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release.
...
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57
Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00