Wiktor Garbacz
5a8a25e9ac
Change the default action instead of appending ALLOW
...
Also create a visibility restricted version of the function.
PiperOrigin-RevId: 513209752
Change-Id: I031fe62d5ccd81995536479b9af890ad111e336c
2023-03-01 05:36:24 -08:00
Wiktor Garbacz
fbfbd13adf
Add frame pointer unwinding fallback
...
PiperOrigin-RevId: 513193320
Change-Id: I0ade55e0d1fae6d33794ccd064766a18f0c86cd6
2023-03-01 03:55:15 -08:00
Juan Vazquez
e11109c9ee
Internal change
...
PiperOrigin-RevId: 512922245
Change-Id: Ibc6d769f2f6b15971b95878c8fdb8d4664fbf2df
2023-02-28 07:01:07 -08:00
Juan Vazquez
6aa97f5394
Internal changes
...
PiperOrigin-RevId: 512905076
Change-Id: I780e8d6bfcfc94da5e8744146e6c1de153c329f9
2023-02-28 05:34:07 -08:00
Juan Vazquez
bd14f6818d
Add field to track policy source location
...
PiperOrigin-RevId: 512070278
Change-Id: I959a57e296d9b999c4ee3086bc814d7d55484722
2023-02-24 07:55:23 -08:00
Wiktor Garbacz
e1246332d1
Rename and move CreateDirRecursive
...
PiperOrigin-RevId: 510186053
Change-Id: I0e68cc8fff44780ab98f1d57f829ff900790eed5
2023-02-16 10:44:01 -08:00
Wiktor Garbacz
6db17e7ab3
Use namespaced policy in most tests
...
Drive-by some test cleanups.
PiperOrigin-RevId: 510134967
Change-Id: I40328a644690865c5cc0a0eb265222ebf7ff83e0
2023-02-16 07:12:46 -08:00
Wiktor Garbacz
71692bb50b
Decouple sandboxed stack tracing
...
This allows to split monitor & stack_trace related targets.
Also move stack traces related functionality into MonitorBase.
PiperOrigin-RevId: 510112916
Change-Id: I60eabf9c9b3204dc369713edd8ae05fded306875
2023-02-16 06:07:15 -08:00
Wiktor Garbacz
d2dbbbae76
Remove redundant tests
...
UID/GID is checked in namespace test and open fds in santizier test
PiperOrigin-RevId: 510084559
Change-Id: I1aac4d30d44aa2390447f24d228afbb1c3b04e2b
2023-02-16 02:28:52 -08:00
Wiktor Garbacz
3f53e81d0b
Remove unused dependency
...
PiperOrigin-RevId: 509890467
Change-Id: I0189fca5efa93a9e67f6f07eac44793cd17dcfc3
2023-02-15 11:35:14 -08:00
Wiktor Garbacz
e4c0d91e69
Remove leftover debug log
...
PiperOrigin-RevId: 509473001
Change-Id: I37e1ca609489ed9e2f3303efda3d955ad8408237
2023-02-14 02:51:21 -08:00
Wiktor Garbacz
a5d12903dd
Extract SandboxeeProcess and move it down the call chain
...
PiperOrigin-RevId: 507718207
Change-Id: Ia1f6fc2f09abbde5311f8dc0f596aa605989140d
2023-02-07 02:22:45 -08:00
Wiktor Garbacz
f289855867
Update IfThenChange after monitor split
...
PiperOrigin-RevId: 506591092
Change-Id: Idf3c0d00e88c622a565fe056b2b12fca27c4b819
2023-02-02 05:17:03 -08:00
Wiktor Garbacz
34b2f6bc90
Remove AllowUnsafeKeepCapabilities()
...
PiperOrigin-RevId: 506586347
Change-Id: I859a1f695ffbcf3b982a26df425c6b4e03c62da1
2023-02-02 04:47:02 -08:00
Wiktor Garbacz
8f24f2a4f0
Split PtraceMonitor into separate file
...
PiperOrigin-RevId: 505660957
Change-Id: I6b8fcbb86c9fef294b6d19e2d1ec7120415f843b
2023-01-30 05:09:20 -08:00
Wiktor Garbacz
97d67019d2
Split out policybuilder target
...
PiperOrigin-RevId: 505053801
Change-Id: Ic0ea4aa2334394e310af6d3a11f961bd4866f9dc
2023-01-27 01:24:51 -08:00
Wiktor Garbacz
4450c5513f
Bazel: Do not expose regs.h
...
PiperOrigin-RevId: 505047592
Change-Id: I207cf46c3f75d0a24cf753888e0cdba53d4193b0
2023-01-27 00:43:38 -08:00
Wiktor Garbacz
f636cd86d6
Split PtraceMonitor out of Monitor
...
This is a preparatory step to introduce a Sandbox2 mode that does not use ptrace.
PiperOrigin-RevId: 503919613
Change-Id: I446adecc66e697c592ad938627fbfdbea12516e1
2023-01-23 01:42:28 -08:00
Sandboxed API Team
93ef7eb380
Explicitly close the output stream.
...
PiperOrigin-RevId: 503904221
Change-Id: Iee1899d80190a314c9c83f0a69e5fac76494cd92
2023-01-23 00:06:57 -08:00
Sandboxed API Team
8c107936da
Internal BUILD changes
...
PiperOrigin-RevId: 503417314
Change-Id: Ib368f5600ef39d2ee37fc8c71108d6d11f109328
2023-01-20 05:14:47 -08:00
Sandboxed API Team
adb90a14a0
Internal BUILD changes
...
PiperOrigin-RevId: 503412719
Change-Id: Idecf094c8c7c8956a9f000204c90ed83d6df599d
2023-01-20 04:43:10 -08:00
Wiktor Garbacz
8bf9868ec3
Protobuf doesn't directly support heterogeneous lookup with absl::string_view
...
If the platform does not have `std::string_view` (i.e. `absl::string_view` is not an alias of `std::string_view`) the lookup will cause build failure.
PiperOrigin-RevId: 503159858
Change-Id: Ide8229ae0219d1cb6f3b36aba26da8d53183bc4b
2023-01-19 07:32:03 -08:00
Wiktor Garbacz
2f64d3d925
stack_trace: pass fd to sandboxee's memory instead of using process_vm_readv
...
Libunwind sandbox no longer needs to join sandboxee's userns.
This cleans up a lot of special handling for the libunwind sandbox.
PiperOrigin-RevId: 503140778
Change-Id: I020ea3adda05ae6ff74137b668a5fa7509c138f8
2023-01-19 05:44:50 -08:00
Wiktor Garbacz
f87b6feb18
stack_trace: do not add common libraries when not a custom fork-server
...
Avoids duplicate entries warnings and tightens the namespace.
Drive-by: modernize the policy.
PiperOrigin-RevId: 503108939
Change-Id: If34d23dd83ca39682799dfb36bd0b9b9ceb19fdc
2023-01-19 02:47:49 -08:00
Sandboxed API Team
bc6937ac82
Add logging of stack traces of all threads that were terminated by a signal or
...
when the sandboxee did not exit normally.
Disabled by default, enabled with a flag.
PiperOrigin-RevId: 502807175
Change-Id: Icb5236cbfac0168a2d855c68967f7a1e8bd13fe3
2023-01-18 01:45:01 -08:00
Wiktor Garbacz
58c3f80d57
Allow MADV_HUGEPAGE used by tcmalloc
...
PiperOrigin-RevId: 501815420
Change-Id: I22d6408e4e6ca375823b7b9448547cc082fe5421
2023-01-13 04:41:22 -08:00
Wiktor Garbacz
2ae5370cfb
Full syscall info in Result::ToString
...
PiperOrigin-RevId: 501522999
Change-Id: I90c63984c053a5e7deaf4b7619e70c360cc892bb
2023-01-12 03:57:44 -08:00
Dmitri Gribenko
858c407521
Replace llvm::makeArrayRef with ArrayRef constructors.
...
LLVM upstream is about to deprecate and remove llvm::makeArrayRef.
PiperOrigin-RevId: 501106516
Change-Id: Ice610c7e0190dc8608339de1b88b7a05e7771871
2023-01-10 15:14:03 -08:00
Sandboxed API Team
f086c39f42
Update clients of PolicyBuilder to support architectures other than x86_64.
...
PiperOrigin-RevId: 500181306
Change-Id: Ibf3e5e3ac6214394f2d9ab10cf30de6d8396988d
2023-01-06 14:31:59 -08:00
Sandboxed API Team
1871b173c4
Add __NR_faccessat2 to the list of syscalls allowed by AllowAccess().
...
PiperOrigin-RevId: 500105471
Change-Id: Ic43c608a511617ba9ca8c2cba440cd709ae80a19
2023-01-06 00:16:46 -08:00
Sandboxed API Team
756176f206
On new process, check for the clone3 syscall.
...
PiperOrigin-RevId: 499918752
Change-Id: I7279e76593976c224a15be901834bf6225aebe85
2023-01-05 10:02:09 -08:00
Sandboxed API Team
90ee0a7464
Update clients of PolicyBuilder to support architectures other than x86_64.
...
PiperOrigin-RevId: 499424110
Change-Id: I6e7ed7436db84a65b1920f78dfc00cb2f9894b3c
2023-01-04 01:44:20 -08:00
Wiktor Garbacz
00d42577d5
Use CLONE_VM for starting the global forkserver
...
PiperOrigin-RevId: 499192311
Change-Id: I054385e9cab5e4987b0f34ab3b763244356405c2
2023-01-03 05:36:40 -08:00
Wiktor Garbacz
2d52191c24
Define PR_SET_VMA* if undefined
...
PiperOrigin-RevId: 497161397
Change-Id: I65fc11a7ccf34ffe225a03a0444275145fa43b4f
2022-12-22 07:39:44 -08:00
Wiktor Garbacz
fc721da2b9
More precise sycall_defs
...
PiperOrigin-RevId: 497137823
Change-Id: I374054659ce94e6b53819b999d9ed25df18b4ebd
2022-12-22 05:00:48 -08:00
Wiktor Garbacz
89a8f35f0e
Use new helpers in policy_test
...
PiperOrigin-RevId: 496904765
Change-Id: Id2e4a901ed29c780542423608c55d01ef19eee9a
2022-12-21 06:17:07 -08:00
Wiktor Garbacz
7625c3dd24
Use AllowDup helper in AddNetworkProxyPolicy
...
PiperOrigin-RevId: 496898835
Change-Id: I76968c5c9b25a9e41865b3fad20463661195f581
2022-12-21 05:36:28 -08:00
Sandboxed API Team
aff27f4559
Update PolicyBuilder to include wrappers for more syscall families that differ between platforms.
...
New wrappers:
- `AllowEpollWait` (`epoll_wait`, `epoll_pwait`, `epoll_pwait2`)
- `AllowInotifyInit` (`inotify_init`, `inotify_init1`)
- `AllowSelect` (`select`, `pselect6`)
- `AllowDup` (`dup`, `dup2`, `dup3`)
- `AllowPipe` (`pipe`, `pipe2`)
- `AllowChmod` (`chmod`, `fchmod`, `fchmodat`)
- `AllowChown` (`chown`, `lchown`, `fchown`, `fchownat`)
- `AllowReadlink` (`readlink`, `readlinkat`)
- `AllowLink` (`link`, `linkat`)
- `AllowSymlink` (`symlink`, `symlinkat`)
- `AllowMkdir` (`mkdir`, `mkdirat`)
- `AllowUtime` (`utime`, `utimes`, `futimens`, `utimensat`)
- `AllowAlarm` (`alarm`, `setitimer`)
- `AllowGetPGIDs` (`getpgid`, `getpgrp`)
- `AllowPoll` (`poll`, `ppoll`)
Updated wrappers:
- `AllowOpen` now includes `creat`. `openat` already grants the ability to create files, and is the designated replacement for `creat` on newer platforms.
- `AllowStat` now includes `fstatfs` and `fstatfs64`. The comment already claimed that these syscalls were included; I believe they were omitted by accident.
- `AllowUnlink` now includes `rmdir`. `unlinkat` already grants the ability to remove empty directories, and is the designated replacement for `rmdir` on newer platforms.
PiperOrigin-RevId: 495045432
Change-Id: I41eccb74fda250b27586b6b7fe4c480332e48846
2022-12-13 09:32:17 -08:00
Wiktor Garbacz
5b3450ac8d
Internal change
...
PiperOrigin-RevId: 494153465
Change-Id: Ice7f3e7b95f8de1348ccb281bbfa6fc7164b3353
2022-12-09 06:14:19 -08:00
Wiktor Garbacz
ee58a410d9
Handle S2 unwinding by trapping ptrace
...
PiperOrigin-RevId: 491893277
Change-Id: I427a2e485173c73fffead43e29511460c58c4f04
2022-11-30 06:00:29 -08:00
Wiktor Garbacz
bd5769d40a
Use SyscallTrap in NetworkProxy
...
PiperOrigin-RevId: 491891500
Change-Id: I2e70dbc44aa264247c217ca88a4de1c0867383fd
2022-11-30 05:47:44 -08:00
Wiktor Garbacz
5bf9b1aef0
Introduce SyscallTrap helper class
...
PiperOrigin-RevId: 491887840
Change-Id: I5b189969da33e042a3ba38fe14025a758103f160
2022-11-30 05:21:12 -08:00
Wiktor Garbacz
77c80b7213
unwind: Skip Mapping Symbols on ARM
...
ARM documentation for Mapping Symbols:
https://developer.arm.com/documentation/dui0803/a/Accessing-and-managing-symbols-with-armlink/About-mapping-symbols
PiperOrigin-RevId: 491836684
Change-Id: I2e259e66f2253d80902aa763f2637f3f6fdea414
2022-11-30 00:16:37 -08:00
Wiktor Garbacz
755f29b35e
Correct unwinding stop condition
...
On successful completion, `unw_step()` returns a positive value
if the updated cursor refers to a valid stack frame,
or `0` if the previous stack frame was the last frame in the
chain. On error, the negative value of one of the error-codes
below is returned.
PiperOrigin-RevId: 491588164
Change-Id: Ie361023ef69eed6c895856832a8208f2791f644d
2022-11-29 03:24:31 -08:00
Christian Blichmann
92a8247777
Bazel: Add full support for virtual includes
...
This change adds support for using the `includes`, `include_prefix` and
`strip_include_prefix` attributes of the `cc_library()` rule. Without it,
the libtooling based header generator will not be able to find all
necessary includes as it is much stricter than the current libclang based
one in that regard.
PiperOrigin-RevId: 491574088
Change-Id: Icb9f7d2719472ee1afa5df85b185c527a3c64994
2022-11-29 02:17:48 -08:00
Wiktor Garbacz
e5971312eb
Internal change
...
PiperOrigin-RevId: 491554561
Change-Id: Ic83cb27aea18da4a86486faff5e868716d9eac90
2022-11-29 00:48:47 -08:00
Sandboxed API Team
11b89c0317
Internal compatible_with change
...
PiperOrigin-RevId: 491371995
Change-Id: I3f0430d6678992642557320a8fa3cf738a7c5fab
2022-11-28 09:55:57 -08:00
Christian Blichmann
d31e691705
clang_generator: Implement limit_scan_depth
feature
...
PiperOrigin-RevId: 490517864
Change-Id: I93c5df370501f9af745b53791ae8ac2a18220ff9
2022-11-23 09:09:50 -08:00
Christian Blichmann
e223ef4790
clang_generator: Skip Abseil internal functions
...
PiperOrigin-RevId: 490513265
Change-Id: I7ddcdf612772167756039cb8f59b5b3aa60ed2ef
2022-11-23 08:47:47 -08:00
Christian Blichmann
cded8655d3
clang_generator: Skip dependent types
...
PiperOrigin-RevId: 490508865
Change-Id: Ic1d49a4abfde4cd02f08dd24c3f7a20058ef4965
2022-11-23 08:32:19 -08:00