Commit Graph

26 Commits

Author SHA1 Message Date
Wiktor Garbacz
127176d72f Bulk IWYU and build_cleaner fixes
PiperOrigin-RevId: 559733768
Change-Id: Ia38f4c176e9f0abbfdb3a8f1109f482d8870eb0f
2023-08-24 06:23:36 -07:00
Wiktor Garbacz
48bbb06fe7 Move log warning about non-namespaced stacktraces
PiperOrigin-RevId: 554493643
Change-Id: I27755322edcd7c0191cd125ec8ffdace18a6460c
2023-08-07 09:07:06 -07:00
Sandboxed API Team
0a0ac6a66b Automated rollback of commit 4d625e521b.
PiperOrigin-RevId: 553536999
Change-Id: If6ae319e54a3ea5eb88e00888044ba1088bd62d2
2023-08-03 11:23:05 -07:00
Wiktor Garbacz
4d625e521b Move log warning about non-namespaced stacktraces
PiperOrigin-RevId: 553472372
Change-Id: Iba43cba78edd1826afb29f49a7e08e919554ed80
2023-08-03 07:37:54 -07:00
Wiktor Garbacz
0d3d5d4bcb Seccomp_unotify based monitor
Unotify based monitor should bring big performance wins
if the sandboxee heavily uses threading or signals.
Some of the features are not supported in that mode:
- execveat is always allowed instead of just the initial one
- stack traces are not collected on normal exit or if the process is terminated by signal

PiperOrigin-RevId: 515040101
Change-Id: Ia5574d34b4ff7e91e3601edb8c9cb913e011fbf6
2023-03-08 08:09:34 -08:00
Wiktor Garbacz
8f24f2a4f0 Split PtraceMonitor into separate file
PiperOrigin-RevId: 505660957
Change-Id: I6b8fcbb86c9fef294b6d19e2d1ec7120415f843b
2023-01-30 05:09:20 -08:00
Wiktor Garbacz
f636cd86d6 Split PtraceMonitor out of Monitor
This is a preparatory step to introduce a Sandbox2 mode that does not use ptrace.

PiperOrigin-RevId: 503919613
Change-Id: I446adecc66e697c592ad938627fbfdbea12516e1
2023-01-23 01:42:28 -08:00
Christian Blichmann
4c87556901 Use Abseil's log/flags instead of glog/gflags
Follow-up changes might be required to fully fix up the contrib sandboxes.

PiperOrigin-RevId: 482475998
Change-Id: Iff631eb838a024b2f047a1be61bb27e35a8ff2f4
2022-10-20 06:48:51 -07:00
Christian Blichmann
79b6784b82 #Cleanup: Consistently use std::make_unique
PiperOrigin-RevId: 480597371
Change-Id: I145586382ad7a7694384cc672986132376a47465
2022-10-12 05:23:42 -07:00
Sandboxed API Team
9ee3a26e8b Delete deprecated ::sandbox2::Sandbox2::GetPid and its remaining call sites.
PiperOrigin-RevId: 425910086
Change-Id: I2938ce589e83b5441c084994edde6a22c2007642
2022-02-02 09:57:11 -08:00
Christian Blichmann
d451478e26 Change license link to HTTPS URL
PiperOrigin-RevId: 424811734
Change-Id: If5ea692edc56ddc9c99fd478673df41c0246e9cc
2022-01-28 01:39:09 -08:00
Wiktor Garbacz
4e6cafa934 Readd function comment removed by mistake
PiperOrigin-RevId: 414406963
Change-Id: Id8155b67ce063a9171b70e24b58d407415b30e78
2021-12-06 04:43:32 -08:00
Wiktor Garbacz
f5fbe8cce5 Internal change
PiperOrigin-RevId: 413351344
Change-Id: I93962c43649fab1f73b3960044563e54449af271
2021-12-01 01:48:41 -08:00
Wiktor Garbacz
e86322db84 Fix a race between NotifyMonitor/AwaitResult
PiperOrigin-RevId: 410463096
Change-Id: I370705131ac78f26736646596189d8cad2bb70c2
2021-11-17 01:40:42 -08:00
Christian Blichmann
c400f92eaa (Mostly) internal change. Add pid() accessor.
PiperOrigin-RevId: 397070773
Change-Id: I9ebac9078f3866ef3e0061ec79da5c9f71e5f480
2021-09-16 06:57:44 -07:00
Christian Blichmann
f14aeee0ad Internal change.
PiperOrigin-RevId: 387565158
Change-Id: I7b5293b614fae74abae1f9a347b0ef414028b8ea
2021-07-29 05:52:19 -07:00
Sandboxed API Team
23da55c19a Internal BUILD refactoring
PiperOrigin-RevId: 329720214
Change-Id: I25fbb94dea17db3bdca6438d17508fa304d9706f
2020-09-03 07:40:33 -07:00
Wiktor Garbacz
c53f2a900f Automated rollback of commit e7a195ce42.
PiperOrigin-RevId: 328918626
Change-Id: Iabe93ec7062ea6e750e4185e2b0b672a37111ee7
2020-08-28 04:49:41 -07:00
Sandboxed API Team
e7a195ce42 Automated rollback of commit 82c56775ef.
PiperOrigin-RevId: 328340042
Change-Id: Ib225f8012fb373c74e3f1b3e6201b2daca7da40b
2020-08-25 09:01:22 -07:00
Wiktor Garbacz
82c56775ef StatusOr cleanups
PiperOrigin-RevId: 328318284
Change-Id: I207570c0fee6797dbc8995d36ef2130b0bff28fa
2020-08-25 06:22:05 -07:00
Christian Blichmann
441201884a Update license header with recommended best practices
PiperOrigin-RevId: 290250533
Change-Id: Ic34b253446463cf971a055b70a242df93a598ee3
2020-01-17 05:05:29 -08:00
Sandboxed API Team
44443779bc Internal change
PiperOrigin-RevId: 282945153
Change-Id: I26d4a9d21574fad2751708fe4bb9b38ecdd8131f
2019-11-28 08:07:00 -08:00
Christian Blichmann
276b7efc92 Internal change.
PiperOrigin-RevId: 265057217
Change-Id: Id00c867b373dbe8c9112c23ef4b0300ed3ca9e5b
2019-08-23 08:08:51 -07:00
Wiktor Garbacz
4b9be4e78a Fix formating
PiperOrigin-RevId: 253196457
Change-Id: Id73a08945dedff7a116d500202355ecf266afcf3
2019-06-14 03:01:09 -07:00
Wiktor Garbacz
6588aa2a68 Reintroduce monitor changes.
Signal handling in Monitor::MainLoop was fixed.

PiperOrigin-RevId: 248331692
Change-Id: I0f85d319802258632d2074742c53597bb922555a
2019-05-15 07:46:49 -07:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release.
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00