Wiktor Garbacz
da64459e3f
Allow shutting down the global forkserver
...
PiperOrigin-RevId: 345198374
Change-Id: I3b5c49f6e5abb76d2b0a57078ffeb0609e0be008
2020-12-02 03:05:37 -08:00
Christian Blichmann
6587e571f1
Skip entries with zero inode when parsing /proc/PID/maps
...
This also skips all entries that point to deleted files.
PiperOrigin-RevId: 344244273
Change-Id: Ic47c6ab0dff4eaf4b4dea2779c45685922adc608
2020-11-25 06:46:39 -08:00
Wiktor Garbacz
5001778443
Use binary search in syscall defs
...
The lookup is not on the hot path and this removes the SYSCALLS_UNUSED macros.
PiperOrigin-RevId: 344240762
Change-Id: I324bd798945851ac0b92e257206525eab4ec36e5
2020-11-25 06:15:29 -08:00
Wiktor Garbacz
f6247aad9d
Fix SyscallTable::get to return proper table
...
PiperOrigin-RevId: 344236195
Change-Id: Ie370c1a771f1896c98ea387c0a84231a433c9d8c
2020-11-25 05:37:18 -08:00
Kevin Hamacher
510b5079ed
Internal Change
...
PiperOrigin-RevId: 343296855
Change-Id: I995fa76f306fca8524a187f7fd1cbc498a92a885
2020-11-19 08:37:41 -08:00
Copybara-Service
fbf3e84799
Merge pull request #65 from andreimedar:libarchive
...
PiperOrigin-RevId: 343290002
Change-Id: I1f29e4acfc7d423be63fd52e7a78ceb209d29115
2020-11-19 07:53:41 -08:00
Christian Blichmann
eaff70b558
Use actual ptrace()
arguments in example
...
The semantics of the example remain unchanged. This change is in preparation
for the new Clang based header generator, which will parse most files in C++
mode. `ptrace`'s first argument cannot me implicitly converted from `int` in
C++.
PiperOrigin-RevId: 343280691
Change-Id: Ibc5318b19a48f1dad441e7dcdc318dc5ea6837f6
2020-11-19 06:47:31 -08:00
Copybara-Service
e6bb05a15d
Merge pull request #55 from FedericoStazi:libuv
...
PiperOrigin-RevId: 343278766
Change-Id: I708fdc1cd98d5fbb2abcf3261d1cecd65cec46fe
2020-11-19 06:32:47 -08:00
Christian Blichmann
c2631d88ae
Improve syscall argument printing for x86-64
...
Updates syscall arguments mostly according to this list and more recent kernel sources:
https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md#x86_64-64_bit
The list includes some more syscalls that were recently added.
Follow-up changes will do the same for x86-32, POWER and AArch64.
PiperOrigin-RevId: 341016698
Change-Id: If1771fd37a47b227ca8f572704a64190e4621a38
2020-11-06 02:55:13 -08:00
Wiktor Garbacz
5fb18d3c9d
Add policy on both mmap & mmap2
...
PiperOrigin-RevId: 341007959
Change-Id: I3c2e74cc973d2603cf7b3a858fa8aabd05c41137
2020-11-06 01:30:18 -08:00
Wiktor Garbacz
f8a2729c32
Start global fork-server on demand
...
Allow disabling global fork-server with a flag.
PiperOrigin-RevId: 340860588
Change-Id: I184603dc3a81eb90f715053e14fb3b8d66a6f104
2020-11-05 08:48:03 -08:00
Christian Blichmann
c99076bf94
Replace std::unique_ptr<uint8_t[]>
with vector
...
No need for the smart pointer indirection when an `std::vector` can also hold
the BPF policy.
PiperOrigin-RevId: 340809220
Change-Id: I8a63567e8042d9ff875cba739e8552db87b6901a
2020-11-05 02:03:46 -08:00
Christian Blichmann
7c30aebe2d
Use Abseil hash maps instead of std::map<T>
...
PiperOrigin-RevId: 340807499
Change-Id: I2689bd1d32be45e3085dcc7a0ba4b8fedd7d53b0
2020-11-05 01:49:14 -08:00
Peter Lundblad
2955d20c9f
Enable log forwarding from sandboxee if enabled by the supervisor.
...
If the sandboxer calls `IPC::EnableLogServer()` (and modifies the sandbox policy
accordingly), sandbox logs will be sent back to the sandboxer.
PiperOrigin-RevId: 340663308
Change-Id: I5e8d89314178dfd1b49fc25b8cd2dd02642be43a
2020-11-04 09:24:50 -08:00
Christian Blichmann
2acec65a58
Add an AllowAccess()
convenience function to PolicyBuilder
...
Drive-by: Apply convenience functions in policies.
PiperOrigin-RevId: 340404977
Change-Id: I906106b61c1837d23ddaff15d8792ec79d3d3189
2020-11-03 02:21:21 -08:00
Alexandra Latysheva
a5b5cd9a02
add forgotten license to wrapper
2020-10-30 15:47:36 +00:00
Alexandra Latysheva
4bd158a68f
use ctest for testing and set testing environment for using test data
2020-10-30 14:52:53 +00:00
Latysheva Alexandra
0710361ed4
update helper
2020-10-30 20:41:26 +06:00
Alexandra Latysheva
219da51823
use ctest for testing and set testing environment for using test data
2020-10-30 14:34:33 +00:00
Alexandra Latysheva
64d04a80e5
use api->sandbox() instead of send sandbox as an argument
2020-10-30 14:02:34 +00:00
Alexandra Latysheva
56615d5d57
use absl::StarusOr<Data> as a return value instead on pointer to constructed value; rename variable
2020-10-30 13:41:55 +00:00
Alexandra Latysheva
dcf397bb97
Merge branch 'libpng-master' of github.com:alexelex/sandboxed-api into libpng-master
2020-10-30 13:27:40 +00:00
Alexandra Latysheva
9068b28d28
remove default constructors; reword some errors; skip check is there is enough free space
2020-10-30 13:27:25 +00:00
Latysheva Alexandra
113e6c8229
update readme
2020-10-30 19:07:40 +06:00
Latysheva Alexandra
3a83fe68c9
rewrite readme and correct mistakes in it
2020-10-30 19:05:37 +06:00
Alexandra Latysheva
36c816c693
add small documentation to readme
2020-10-30 13:00:05 +00:00
Alexandra Latysheva
94abb95771
order targets in CMakeLists alphabetically
2020-10-30 12:46:13 +00:00
Alexandra Latysheva
bfbb4f70c4
remove default image in the example and rewrite usage
2020-10-30 12:36:42 +00:00
Alexandra Latysheva
7b6b2d2fe8
use &sapi: ✌️ :NullPtr instead of sapi: ✌️ :NullPtr().PthBoth() as NULL inside the sandbox; remove unused wrapper for png_write_end
2020-10-30 11:17:45 +00:00
Copybara-Service
8952d2ce04
Merge pull request #66 from cblichmann:master
...
PiperOrigin-RevId: 339616485
Change-Id: Iaa427e0aa5712f36ae1c176bffbaf00b2b342373
2020-10-29 00:46:47 -07:00
Alexandra Latysheva
2e2e0c741e
use inline for constants in the header
2020-10-29 05:58:27 +00:00
Alexandra Latysheva
aef95ad002
don't use const with absl::string_view
2020-10-29 05:33:36 +00:00
Christian Blichmann
728355da87
Emit non-type template args as part of forward decls
...
This change allows us to emit forward declarations to classes that are
templated. For headers generated by the proto compiler this is sometimes
necessary.
Note:
- This will only emit types for a single level of template instantiations.
That is, template template arguments are not supported.
- Typedefs only occurring in template arguments will be fully desugared
and thus will not be available under their aliased name in the generated
API code. This is consistent with the Python based generator (which
does not emit these at all and relies on text extraction).
Signed-off-by: Christian Blichmann <cblichmann@google.com>
2020-10-28 16:48:04 +01:00
Alexandra Latysheva
bcecc9e74a
init libpng
2020-10-28 15:40:57 +00:00
Alexandra Latysheva
ce12cac60c
add header for data and move there common consts
2020-10-28 14:04:14 +00:00
Alexandra Latysheva
b74b3c80fc
use local variable instead of dynamic variable in TiffSapiSandbox::ModifyPolicy
2020-10-28 13:16:15 +00:00
Alexandra Latysheva
bb871df80f
format; use explicit for construct with default values; rewrite GetImagePath usage
2020-10-28 12:54:06 +00:00
Alexandra Latysheva
8ceb08dbf4
absl_string -> std_string as Sandbox param
2020-10-28 12:04:12 +00:00
Alexandra Latysheva
b41bcccab7
parametrize test
2020-10-28 12:03:23 +00:00
Alexandra Latysheva
124680eb89
remove unused includes
2020-10-28 10:32:55 +00:00
Latysheva Alexandra
225b57aed3
Merge pull request #3 from alexelex/alexelex-libtiff
...
review
2020-10-28 02:16:40 +06:00
Sandboxed API Team
ea379ef4d6
Cleans up statusor.h includes.
...
PiperOrigin-RevId: 339050213
Change-Id: Iea5747f907b294503cdb37e1c25cf787c7e83dcf
2020-10-26 09:08:41 -07:00
Christian Blichmann
609a370634
Build fixes and parameter passing for the Clang header generator
...
PiperOrigin-RevId: 338994867
Change-Id: I40f03738ae38bac4bf217c24bd935d5d3572c1f2
2020-10-26 01:42:47 -07:00
Christian Blichmann
19a8e38a51
Support AArch64 and PPC64 in third party dependencies
...
PiperOrigin-RevId: 338992825
Change-Id: I2f77ea8379e55007a22ad0461efc98f41a01ad44
2020-10-26 01:22:23 -07:00
Alexandra Latysheva
de377ffd2d
default values (remove 123 and 456)
2020-10-23 12:39:52 +00:00
Maciej Szawłowski
28bb32add6
Allow empty sapi_embedded_dir
flag in the header generator - empty sapi_embedded_name
still disallowed
...
PiperOrigin-RevId: 338656398
Change-Id: Ib2ca3d63ff9bed654669d948286f73d430753a20
2020-10-23 05:36:01 -07:00
Alexandra Latysheva
b6a47abf01
PtrBefore/PtrBoth/PtrAfter
2020-10-23 06:54:36 +00:00
Alexandra Latysheva
418bc3f356
using absl
2020-10-22 16:19:27 +00:00
Christian Blichmann
040d76be28
Simplify libunwind build files
...
Sandbox2 and SAPI only use the `unwind-ptrace-wrapped` target.
PiperOrigin-RevId: 338450188
Change-Id: Iee7d7aeda244cad90dae8b5228316f506efc3deb
2020-10-22 05:03:15 -07:00
Latysheva Alexandra
58f19a7d67
Merge pull request #2 from alexelex/alexelex-libtiff
...
pr rewiew fixes
2020-10-20 02:57:12 +06:00