Commit Graph

699 Commits

Author SHA1 Message Date
Wiktor Garbacz
5e645a9190 Fix build
PiperOrigin-RevId: 245400890
Change-Id: I899ef49edd8e371b8714478fa3c911cfb771419b
2019-04-26 04:42:52 -07:00
Sandboxed API Team
f3c9c6e388 Internal change
PiperOrigin-RevId: 245377524
Change-Id: If41601b2d68c6ff0f7d3f37811aac62c32441d1f
2019-04-26 00:46:11 -07:00
Sandboxed API Team
afec50fdb5 automated internal change
PiperOrigin-RevId: 245070237
Change-Id: Ib6b0d9201f8b603e185eb91c1bc9f500f1af1ed6
2019-04-24 10:31:13 -07:00
Christian Blichmann
feba2c35d7 Apply special whole-archive linker options only where necessary
PiperOrigin-RevId: 245038294
Change-Id: I99367e7c982a340a88acf730619a467d34d53203
2019-04-24 07:07:14 -07:00
Wiktor Garbacz
c6d16a58eb Internal change
PiperOrigin-RevId: 244882748
Change-Id: I0342f445df8f60f864d3e7f56145051b821a86e0
2019-04-23 10:47:34 -07:00
Wiktor Garbacz
53d85ab4f2 Internal change
PiperOrigin-RevId: 244882228
Change-Id: I506b92326fa83f214b1e7fab6c5b2e0889f8b197
2019-04-23 10:46:58 -07:00
Wiktor Garbacz
63006c1476 Internal change
PiperOrigin-RevId: 244881751
Change-Id: I3f3200c4d85906058ac17ed941e69ea22d9a4090
2019-04-23 10:42:14 -07:00
Wiktor Garbacz
0fd468be7c Internal change
PiperOrigin-RevId: 244879634
Change-Id: Ifa63ef7b0cc10e87d18f17b85cce55af03cd37cf
2019-04-23 10:31:51 -07:00
Wiktor Garbacz
6cbaaead8b Make StatusMatcher more flexible
PiperOrigin-RevId: 244879203
Change-Id: I5f7994130a898e84f041b18c0b5313d7e8b32780
2019-04-23 10:30:45 -07:00
Sandboxed API Team
726b1fb451 n/a
PiperOrigin-RevId: 244836017
Change-Id: I034cfb1af4835256aa9b8b7ac3e80a341e9a9271
2019-04-23 05:14:22 -07:00
Kevin Hamacher
8ad4fcd0a8 minielf: Increase maximum amount of symbols loaded
PiperOrigin-RevId: 243775723
Change-Id: I5398ec23bd76be01c48c69bd4decb015a48386fc
2019-04-16 03:00:28 -07:00
Kevin Hamacher
af44845246 Try to demangle c++ symbols when logging the stacktrace
PiperOrigin-RevId: 243612828
Change-Id: I09c748da0c119ba2024b2906802858b5b9bcfeb0
2019-04-15 07:37:23 -07:00
Chris Kennelly
d90b2c6328 Allow TCMalloc to access the rseq syscall.
PiperOrigin-RevId: 243441655
Change-Id: I82918459c20f164b56cc0c5b621b004315a011ec
2019-04-13 13:45:35 -07:00
Chris Kennelly
e2eb0597cb Internal change
PiperOrigin-RevId: 243440925
Change-Id: I085535962e1d754f7bc32e08b1785a574062edaa
2019-04-13 13:45:25 -07:00
Kevin Hamacher
ac6a5dfc85 Delete copy constructor of FDCloser
PiperOrigin-RevId: 243263443
Change-Id: If22d287ce1872ad070454824e8daa36585ab0258
2019-04-12 07:54:31 -07:00
Kevin Hamacher
6b5f3645ab Make embed_file use raw logging
PiperOrigin-RevId: 242868093
Change-Id: Ibf1f448878219a9ce8fc6bb7d3e93626fa24b1f6
2019-04-10 07:56:06 -07:00
Wiktor Garbacz
79525950fe Add support for new SECCOMP_RET_* in disassembler
PiperOrigin-RevId: 242642525
Change-Id: Iea9a54f01d56cadf19a020340d07c1790c858a0f
2019-04-09 14:38:05 +02:00
Kevin Hamacher
1b50485be6 Move forkserver into a dedicated binary
PiperOrigin-RevId: 242637894
Change-Id: I16f19d077e2b5b9d0d4ef58344d5caaef95af7c6
2019-04-09 14:37:41 +02:00
Kevin Hamacher
e44231e28a Wrap waitpid with TEMP_FAILURE_RETRY and use __WALL to make sure we reap all children
PiperOrigin-RevId: 242111281
Change-Id: I322623303487b0292c2aea53d6eae5d9f53d79b6
2019-04-05 05:50:12 -07:00
Copybara-Service
5b0c46fa18 Merge pull request #21 from happyCoder92:master
PiperOrigin-RevId: 242110016
Change-Id: I148ba1d8a6d2c675271662e91b41c4aa04b7d0c9
2019-04-05 05:34:00 -07:00
Kevin Hamacher
77ad64ac30 Use high FD numbers in the forkserver to avoid collision with FDs mapped by the user
PiperOrigin-RevId: 242106285
Change-Id: I0f4bd130f8e66e6b47ad1d7311e0fff519aa9e90
2019-04-05 04:51:41 -07:00
Wiktor Garbacz
98928a0570 Document required deps for Gentoo 2019-04-05 11:09:02 +02:00
Sandboxed API Team
6a65e63eae Add //tools/cpp:current_cc_toolchain to the toolchains attribute.
This is so that CC Make Variables will be resolved properly.

PiperOrigin-RevId: 241721367
Change-Id: Ic0d3f864b1398107118a1ada4c99cc4516db924f
2019-04-03 16:51:55 +02:00
Wiktor Garbacz
29fac2d393 mounts: Validate interpreter as early as possible
PiperOrigin-RevId: 240972700
Change-Id: I9049af7d053152cebd264fbfc352d2971a06d363
2019-03-29 07:07:55 -07:00
Sandboxed API Team
137f772f2b Allow TCMalloc to call madvise with MADV_NOHUGEPAGE
PiperOrigin-RevId: 240555428
Change-Id: I05fd61ecd09fc0a3f76dade0341d35b04a590b90
2019-03-27 07:40:57 -07:00
Christian Blichmann
dda0daa449 Fix typo
PiperOrigin-RevId: 240368596
Change-Id: Id517ae6ecece98998316ba5a2672e075e037133a
2019-03-26 09:57:32 -07:00
Christian Blichmann
88213b0d1b Copybara import of the project:
- 05cbe1250a0905c975cb3de175a6c3690dbbc00b Don't accidentially generate trigraphs by Mackie Loeffel <mackie.loeffel@web.de>
  - 25e66c1080fa50d8b0661d10ecde39cfcbf51289 Merge 05cbe1250a0905c975cb3de175a6c3690dbbc00b into 6679f... by MackieLoeffel <MackieLoeffel@users.noreply.github.com>

COPYBARA_INTEGRATE_REVIEW=https://github.com/google/sandboxed-api/pull/17 from MackieLoeffel:fix_trigraphs_in_filewrapper 05cbe1250a0905c975cb3de175a6c3690dbbc00b
PiperOrigin-RevId: 240365879
Change-Id: I31fa5dfeadac3cee79e7d66b4dd4fe58a7a4b242
2019-03-26 09:43:16 -07:00
Christian Blichmann
f04be9276f Formatting fixes and include file hygiene.
PiperOrigin-RevId: 240346890
Change-Id: I1a9617f10a62a848b6314a6196512e016ae02643
2019-03-26 07:54:21 -07:00
Christian Blichmann
33206c5d3f Use a longer string in the CRC4 buffer overflow example.
On some newer compiler versions, compiler optimizations and loop unrolling
change the memory layout so that 64 bytes are not enough to overwrite the
return address reliably.

PiperOrigin-RevId: 240343358
Change-Id: Ifb1a1dc1cb482793b7387887f0fd68a237879227
2019-03-26 07:28:15 -07:00
Kevin Hamacher
1dd0428713 Add missing chdir() in the init process
PiperOrigin-RevId: 239425921
Change-Id: Ia1b02ae0a2f319faa601d6098a9f94a3043656a8
2019-03-20 10:36:11 -07:00
Christian Blichmann
52f4c1f927 Disable "mini" debug format support in libunwind to avoid additional library dependency
PiperOrigin-RevId: 239397518
Change-Id: Icd8c641f9d5aac721a2cf1e4e0d3347743f49d58
2019-03-20 08:03:08 -07:00
Christian Blichmann
2ed1e9b7a4 Merge pull request #5 from disconnect3d:patch-5
PiperOrigin-RevId: 239387531
Change-Id: I7929c296cb838c5a1ed05539efca4e771c1f68b3
2019-03-20 14:51:11 +01:00
Christian Blichmann
30c25286f3 Merge pull request #8 from shaan1337:patch-1
PiperOrigin-RevId: 239384106
Change-Id: Ibeb4b6a76226a1384fc21df33378101a31764012
2019-03-20 14:33:36 +01:00
Wiktor Garbacz
2e9f50a68f Rename deathrattle_fatalmsg proto
PiperOrigin-RevId: 239377742
Change-Id: I169407087f5e6f3275e282a51232bb6eea330e49
2019-03-20 05:19:55 -07:00
Sandboxed API Team
c8a4131e74 Test that isatty is being allowed by AllowTCGETS.
PiperOrigin-RevId: 239370864
Change-Id: Id98f3e5d8dceedb3cfbcd23b980e828f576d3e8d
2019-03-20 04:11:21 -07:00
Christian Blichmann
3600a8a090 Merge pull request #2 from disconnect3d:patch-3
PiperOrigin-RevId: 239354706
Change-Id: Ib9b5eca822bcf114a90c7dc96a9a2dacd318d016
2019-03-20 09:42:47 +01:00
Christian Blichmann
6eb6dc5f9c Merge pull request #4 from disconnect3d:patch-4
PiperOrigin-RevId: 239244132
Change-Id: I33a50f866b23a23ce63ff5609e6865184fec0863
2019-03-19 21:40:14 +01:00
Christian Blichmann
0babaf094d Improve internal<->external code transforms #3
Note: These commits only change very minor formatting issues in
the GitHub version. There is more than meets the eye, though. These
changes help to be able to accept pull requests.
PiperOrigin-RevId: 239225828
Change-Id: Ib31bf114e7cc4ccda49f7dcc4e9e24eebc735065
2019-03-19 10:58:21 -07:00
Christian Blichmann
cb36b974eb Improve internal<->external code transforms #2
PiperOrigin-RevId: 239221234
Change-Id: I5b50ed6472df894c43310addb9d8e8ca35b2c822
2019-03-19 10:38:52 -07:00
Christian Blichmann
22eeb45d0f Add missing transactions.md
Fixes #7

PiperOrigin-RevId: 239176066
Change-Id: I6fde1246447610ed5157db39f30472c38b206474
2019-03-19 06:16:40 -07:00
Christian Blichmann
90d276f913 Improve internal<->external code transforms
This includes changing the way libcap headers are included.

PiperOrigin-RevId: 239173120
Change-Id: I5562d924b96bab26a29342903895324bfe385e5a
2019-03-19 05:51:53 -07:00
Kevin Hamacher
5d216fb191 Only spawn init processes when using PID NS
PiperOrigin-RevId: 239169620
Change-Id: I9f26cfab90189a1baa5b87a700ce892cf0c95a89
2019-03-19 05:14:29 -07:00
Wiktor Garbacz
7ecdd2f8fc Internal change.
PiperOrigin-RevId: 239163024
Change-Id: I6918cc7f1472271b3cf99e042d8eb52d42868e6c
2019-03-19 04:11:51 -07:00
Sandboxed API Team
5aa13876a4 Formatting fixes.
PiperOrigin-RevId: 239159980
Change-Id: Ic6185368392622bf3f4c661e37f6b9fcca0d60a6
2019-03-19 03:41:32 -07:00
Shaan Nobee
88a23c878a
Fix typo 2019-03-19 09:43:12 +04:00
Disconnect3d
845ad06d37
Update library.md
There is no https://github.com/google/sandboxed-api/blob/master/sandboxed_api/examples/zlib/lib/sandbox.h - it either wasn't commited or we meant different sandbox.h here. For now I linked to sum's sandbox.h
2019-03-18 21:34:41 +01:00
Disconnect3d
64acef11c5
fix formatting in docs/library.md 2019-03-18 21:29:35 +01:00
Disconnect3d
95d35615b8
Fix user namespaces link in howitoworks.md 2019-03-18 21:22:53 +01:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release.
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00