Commit Graph

677 Commits

Author SHA1 Message Date
Oliver Kunz
babe23261f Fix runfiles for Android builds.
PiperOrigin-RevId: 436714040
Change-Id: Ib52a7b559939fc2f37264224375be4f1b1af8b6d
2022-03-23 05:38:57 -07:00
Wiktor Garbacz
fb690062cf Fix a race when terminating sandbox from another thread
PiperOrigin-RevId: 436695251
Change-Id: I50599cefb346813f594982641c78dc902e10ccb5
2022-03-23 03:35:28 -07:00
Oliver Kunz
ab9c4afb15 Create a convencience function to set the name of a thread/process
PiperOrigin-RevId: 436661002
Change-Id: Ia66cef2f3eda829c65bc07e2ac43a0b2c878eb7b
2022-03-22 23:39:06 -07:00
Sandboxed API Team
df8a2f77eb Automated rollback of commit 809fb49341.
PiperOrigin-RevId: 436285752
Change-Id: I0607d9db08343e23d22ba9cb945cb6ef74739a14
2022-03-21 13:09:36 -07:00
Oliver Kunz
809fb49341 Create a convencience function to set the name of a thread/process
PiperOrigin-RevId: 436215084
Change-Id: I17dc8930a117fe67bd1b87e2ae3d4652875780df
2022-03-21 08:36:01 -07:00
Christian Blichmann
dd512a1253 clang_generator: Map C's _Bool to bool
Fixes #154.

PiperOrigin-RevId: 436167183
Change-Id: I594e5b59c5b3aba640a98c399dcb994000dbffb0
2022-03-21 04:11:21 -07:00
Oliver Kunz
d0f5f547cb Patch sandbox2/comms module to build for Android.
PiperOrigin-RevId: 435318451
Change-Id: If0e40bab30f3cb68d7e79f26d2336c638742f1ac
2022-03-17 05:27:07 -07:00
Christian Blichmann
6d3adc45f7 clang_generator: Improve formatting of function prototype comments
This uses the Google formatting style to format the prototype comments, with an
internal line length of 75, which accomodates the indentation in the generated
API class.

PiperOrigin-RevId: 435303665
Change-Id: I4dcdf0ed773a79ebc55ead3843f07ca8556fd985
2022-03-17 03:53:13 -07:00
Christian Blichmann
e8fe398340 clang_generator: Enable mixed header processing
This implements a custom compilation database to conditionally add the correct
language flags to the compiler frontend. Otherwise, a C header might receive
`--std=c++17` and fail.

Note: All headers are always processed in C++ mode. We expect that headers of
well-behaved C libraries contain `#ifdef __cplusplus`/`extern "C" {}` guards.
PiperOrigin-RevId: 435302048
Change-Id: Ib84e6e1f301ba434999846a012b3f8c16884648e
2022-03-17 03:41:53 -07:00
Christian Blichmann
4e71f1d0a3 clang_generator: Do not collect structs/unions if declared in another record
The enclosing type is enough to reconstruct the AST when writing the header and this
change avoids emitting the same struct twice.

PiperOrigin-RevId: 435300029
Change-Id: I34bd660db5ba5c68b64cce73ecf2f026727ac57b
2022-03-17 03:30:12 -07:00
Christian Blichmann
92ccfeae67 clang_generator: Correctly emit nested C-like structs
- Add more tests for this

PiperOrigin-RevId: 435296715
Change-Id: I7b42dbc58dc054d2565af9ad22498d98416b7af7
2022-03-17 03:13:25 -07:00
Christian Blichmann
b8579e4746 clang_generator: Use a btree_map for fixed iteration order
PiperOrigin-RevId: 435291910
Change-Id: I198247409d095183849a221af9c3be21b5bb859b
2022-03-17 02:43:08 -07:00
Christian Blichmann
d5ebb81598 clang_generator: Handle intrinsics directly
PiperOrigin-RevId: 435289903
Change-Id: I68a37bb7b25a7b77c046d00a2740aa9de2fcaa89
2022-03-17 02:31:57 -07:00
Christian Blichmann
80b325aa40 clang_generator: Emit the correct enum names in SAPI variables
This is a follow up to fa9e6e8a5c.

Drive-by:
- Replace deprecated calls to `getNameAsString()`
PiperOrigin-RevId: 435287759
Change-Id: I81d8c2f93b1ab23c781421b114779b7a241e4a7e
2022-03-17 02:19:58 -07:00
Copybara-Service
97b3a9e325 Merge pull request #147 from oshogbo:matcher2
PiperOrigin-RevId: 435267982
Change-Id: I8f877da70282df9192be4cfe43d74d1539b9824f
2022-03-17 00:13:21 -07:00
Mariusz Zaborski
5416cbb141 Introduce SAPI_ASSERT_OK
We have a SAPI_ASSERT_OK_AND_ASSIGN which corespondents to
SAPI_ASSIGN_OR_RETURN.

We also have SAPI_RETURN_IF_ERROR but we don't have a coresponding
macro for ASSERT.

I think that this completes the API and makes writting tests a little
bit simpler.
2022-03-16 09:33:23 -04:00
Mariusz Zaborski
aae8ba47ee Expect the semicolon at the end of SAPI_ASSERT_OK_AND_ASSIGN 2022-03-16 09:18:32 -04:00
Oliver Kunz
ee11d9fdb7 Migration of remaining protobufs from proto2 to proto3
PiperOrigin-RevId: 434973223
Change-Id: I5518aa3944cab94d33ce0538bed8ee82f90d4b3a
2022-03-16 00:43:46 -07:00
Oliver Kunz
206547591b Migrate forkserver.proto to proto3 syntax
PiperOrigin-RevId: 434458725
Change-Id: I277f76a1a5ebd3eed15c6b3f3e7f849bf6edacea
2022-03-14 07:28:23 -07:00
Oliver Kunz
68eaa815ce Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto
PiperOrigin-RevId: 434435260
Change-Id: Ie4cfe04bf1a9357e63b6159c3d5a8b95388b5292
2022-03-14 05:15:15 -07:00
Wiktor Garbacz
50c55e8ac0 Provide clearer error message when global forkserver is chrooted
PiperOrigin-RevId: 433686276
Change-Id: Ieb01f9dcafdce7bcb548807169f429cc8a181e56
2022-03-10 01:32:55 -08:00
Wiktor Garbacz
52d1ea8984 Avoid hard failures in StartSubProcess
PiperOrigin-RevId: 433453289
Change-Id: Ib8b08ddd31c4daa9a377960d52f0a7eb7b17de19
2022-03-09 05:17:15 -08:00
Oliver Kunz
c5565241c1 Rewrite IsEquivalentNode without the use of MessageDifferencer
PiperOrigin-RevId: 433422767
Change-Id: I891a8f5f027115898590a43bed5d25c51c1db944
2022-03-09 01:56:50 -08:00
Wiktor Garbacz
612ff57913 Replace deprecated SetWalltimeLimit call
PiperOrigin-RevId: 433414976
Change-Id: I0597a2d8215d4b228794da409e3533651972a98c
2022-03-09 01:01:49 -08:00
Copybara-Service
622ca18cef Merge pull request #135 from DemiMarie:fix-semicolon
PiperOrigin-RevId: 433402251
Change-Id: I0ef844a2139a6a5938f8221114dad79963b6726c
2022-03-08 23:31:50 -08:00
Wiktor Garbacz
20edaae54f Add an option to allow mount propagation
PiperOrigin-RevId: 433211924
Change-Id: I653f000d44de10b668b375fd2dfff3c668cbf673
2022-03-08 08:01:19 -08:00
Christian Blichmann
fa9e6e8a5c clang_generator: Correctly emit typedefs with anonymous enums/structs
This change also adds some more basic testing and test utils.

PiperOrigin-RevId: 433203779
Change-Id: I57616af3719ccbc41201dc6d4b0b60ddaf70ebab
2022-03-08 07:16:54 -08:00
Copybara-Service
26a077bb3d Merge pull request #131 from DemiMarie:fix-fedora-cmake-build
PiperOrigin-RevId: 433174006
Change-Id: Icca1816a2513f4e4553ef1e671ca16bafb4fa40c
2022-03-08 04:10:29 -08:00
Oliver Kunz
2650834d7c Add unittest for IsEquivalentNode
PiperOrigin-RevId: 433172902
Change-Id: Ie6fb44e682be947fb9f8b856c5e804aa91647a6d
2022-03-08 04:04:57 -08:00
Wiktor Garbacz
8a5740fbb1 Better handle invalid read-write mounts
PiperOrigin-RevId: 433136095
Change-Id: I17eb347c0a5cfef5e05c3717dfdd83055d967e35
2022-03-07 23:57:57 -08:00
Sandboxed API Team
32d19f9e57 Disable compress_stack_depot in sandbox
The feature is pure optimization, but it requires
additional syscalls.

PiperOrigin-RevId: 432954277
Change-Id: I1f345f8a26c86e09611fd575cb6ee080f24cc717
2022-03-07 08:43:42 -08:00
Wiktor Garbacz
d1995bdca5 Add a helper for allowing epoll
PiperOrigin-RevId: 432879710
Change-Id: I7cc991358ce25729b002210a04bacb3ae91d8a1f
2022-03-07 00:54:21 -08:00
Demi Marie Obenour
eacd8c8097 Remove trailing semicolons from macros
The semicolons should be in the code that uses the macros.
2022-03-05 11:42:04 -05:00
Sandboxed API Team
8e82b900f4 Automated rollback of commit 5f34d11e77.
PiperOrigin-RevId: 432491462
Change-Id: Id92eabbb140df85b7b48f6f107ef9f44c3c6dff5
2022-03-04 11:19:19 -08:00
Wiktor Garbacz
5f34d11e77 Add a helper for allowing epoll
PiperOrigin-RevId: 432387441
Change-Id: I52865ab4abd4ebaf9842859b5f2718b204f4c6ea
2022-03-04 01:24:55 -08:00
Christian Blichmann
eec22e8aaf Partially revert 692f026: Emit related types within wrapper namespace
There are a lot of internal users depending on the old behavior of the
libclang-based generator.

PiperOrigin-RevId: 432281224
Change-Id: If82333fc3001f52de59e57a874f28bf8815d0877
2022-03-03 14:14:52 -08:00
Wiktor Garbacz
1cf2d840dd Add PolicyBuilder::OverridableBlockSyscallWithErrno
PiperOrigin-RevId: 432201719
Change-Id: I5cac1a03a7ec95598bae87ff13d38e4bedf62beb
2022-03-03 08:37:04 -08:00
Christian Blichmann
725a5c11a8 Extend config.h to support HWSan and LSan
The constexpr functions can be used to ensure that all branches actually compile
(unlike plain preprocessor `#ifdef`s).

PiperOrigin-RevId: 432186834
Change-Id: I1a8d97dac8480fe9d4543b0e9e39540ca1efc8fa
2022-03-03 07:12:50 -08:00
Oliver Kunz
077203fcf2 Change to proto2::MessageLite and resolve reflextion for mobile builds
PiperOrigin-RevId: 432164927
Change-Id: I0821cf443393b0bb16a68fc5750a9633a3f27725
2022-03-03 04:48:30 -08:00
Demi Marie Obenour
a132d309a5 Fix the Fedora build using CMake
The build previously failed with confusing CMake errors.
2022-03-02 16:22:29 -05:00
Sandboxed API Team
e1a9513783 Move few policies from tsan to All section.
munmap is widely used by sanitizer, but it
probably works for Asan/Msan because it's enabled
by unrelated Allow* call.

Move mprotect to shared part as well. It will be
needed for compress_stack_depot.

PiperOrigin-RevId: 431989551
Change-Id: I7695a2de81d8d0b2112d3308778b2e9a9c7cb596
2022-03-02 11:38:35 -08:00
Sandboxed API Team
546365655d Introduce commandline flag to pass forkserver_bin path for Android builds.
PiperOrigin-RevId: 431942480
Change-Id: I5382b4fc8e8a66bb823dda597e1b812421364212
2022-03-02 08:12:21 -08:00
Sandboxed API Team
3f042fa54f Fix monitor for Android-ARM64
PiperOrigin-RevId: 431926820
Change-Id: Ie5adc1ec6accc7e68782c26b65fac0c32cded498
2022-03-02 06:42:42 -08:00
Christian Blichmann
692f0260b3 clang_generator: Emit types outside of namespace, skip Abseil enums
PiperOrigin-RevId: 431913470
Change-Id: Ia44f6642a37501ba1630321ba1430d1bf10cf377
2022-03-02 05:17:32 -08:00
Christian Blichmann
60fcc5b63e Limit the number of includes fed into the header generator
Use [`direct_headers`](https://bazel.build/rules/lib/CompilationContext#direct_headers)
from the Bazel/Blaze compilation context instead of _all_ transitive headers.

For the clang based generator, this means we don't try to parse
`textual_headers`, which will fail (they are by definition not
stand-alone, after all).

PiperOrigin-RevId: 431899423
Change-Id: I7a9dfa0dd93eba14b506b0e7ca6db3ed59b55dd6
2022-03-02 03:41:41 -08:00
Sandboxed API Team
9a7ba28ea7 Allow sanitizer to print reports
PiperOrigin-RevId: 430271415
Change-Id: Ieb23663aa6ff5997ce0a6b1e81dcb2385ac4b509
2022-02-22 12:33:55 -08:00
Wiktor Garbacz
a2daa0a275 Fix BlockSyscallsWithErrno
PiperOrigin-RevId: 429982218
Change-Id: I42b187e678542b295542ca44882945c7695178e1
2022-02-21 00:46:50 -08:00
Christian Blichmann
befdb09597 Link more complex test cases dynamically
Linking glibc in fully static mode is mostly unsupported. While such binaries
can easily be produced, conflicting symbols will often make them crash at
runtime. This happens because glibc will always (try to) load some dynamically
linked libraries, even when statically linked. This includes things like the
resolver, unicode/locale handling and others.

Internally at Google, this is not a concern due to the way glibc is being built
there. But in order to make all of our tests run in the open-source version of
this code, we need to change strategy a bit.

As a rule of thumb, glibc can safely be linked statically if a program is
resonably simple and does not use any networking of locale dependent
facilities. Calling syscalls directly instead of the corresponding libc
wrappers works as well, of course.

This change adjusts linker flags and sandbox policies to be more compatible
with regular Linux distributions.

Tested:
- `ctest -R '[A-Z].*'` (all SAPI/Sandbox2 tests)
PiperOrigin-RevId: 429025901
Change-Id: I46b677d9eb61080a8fe868002a34a77de287bf2d
2022-02-16 05:59:13 -08:00
Wiktor Garbacz
d2dfcf0800 Per-C++ specs main shouldn't be declared with C language linkage
PiperOrigin-RevId: 429025497
Change-Id: I7f732f4e42b64463847e192c6ca5cff820ab19ba
2022-02-16 05:56:25 -08:00
Christian Blichmann
aefdb94575 Update zlib examples
- Link `zipe.c` statically (safe)
- Update policy to allow any use of `stat()`

PiperOrigin-RevId: 428971638
Change-Id: Ib0f5f496ea2389582986b41a8830592e6c1d4390
2022-02-16 00:08:28 -08:00
Christian Blichmann
e8cadf8f7d Allow mprotect(_, _, PROT_READ) for all static binaries
Newer toolchains/libcs will use this syscall on x86-64 as well.

PiperOrigin-RevId: 428705078
Change-Id: I705efe37db9ebdd922036b39e4fb3c22dc749a1a
2022-02-15 00:14:25 -08:00
Christian Blichmann
d1ed8ac66e Avoid compiler crash with Clang 6.0
Instead of C++17 structured bindings, use a plain `const auto&` and annotate
arguments with comments instead.

We still support Clang 6.0, as that is the compiler that ships with Ubuntu
18.04 LTS by default.

PiperOrigin-RevId: 428016214
Change-Id: I3a43b2d47c6825ac4425d22018750282cfe23c1b
2022-02-11 09:09:01 -08:00
Christian Blichmann
36d0f928c6 Apply page offset during stack unwinding/symbolization
This fixes a couple of tests in the open source version of the code.
Internally, since we are using a different ELF loader, the page offset
will always be zero. Hence we never notices this was broken.

PiperOrigin-RevId: 427996428
Change-Id: I44c5b5610b074cf69b9f0c5eeb051be50923e351
2022-02-11 07:19:34 -08:00
Sandboxed API Team
59b942b256 Add a little more logging to failure cases.
PiperOrigin-RevId: 427459159
Change-Id: I34b6027cccfc4b3903ef4deeb9c133598b6667d4
2022-02-09 06:54:07 -08:00
Christian Blichmann
4ad8484e63 Tag additional test as not compatible with QEMU user-mode emulation
PiperOrigin-RevId: 427409251
Change-Id: I5d853908353923b5b31c8bbb6152bc4f94219b45
2022-02-09 01:41:38 -08:00
Christian Blichmann
dc03c38df1 Enable stack traces on AArch64
Note that `//sandboxed_api/sandbox2:stack_trace_test` may still fail for
unrelated reasons, as we are linking libc statically, which is brittle. A
follow-up change will fix this.

PiperOrigin-RevId: 427175045
Change-Id: Ifb5ec2ac3d60f4bcc9708f26c834c83b75e769d7
2022-02-08 06:23:52 -08:00
Sandboxed API Team
b7cb7132a2 Delete deprecated ::sandbox2::Sandbox2::WaitForTsan and its remaining call sites.
PiperOrigin-RevId: 426195145
Change-Id: Ia7c8116a0fb08e2f425d9b89406b446edcf7850a
2022-02-03 11:23:56 -08:00
Wiktor Garbacz
943c74827b Internal change
PiperOrigin-RevId: 426180225
Change-Id: Id7ea6118a6403221451d6db22d30ae8b29ef42bf
2022-02-03 10:26:45 -08:00
Sandboxed API Team
1e5e426e70 Remove comment on licenses() rule as per Google guidance.
PiperOrigin-RevId: 426136170
Change-Id: I341a2d962637b53f9cfa475fbbfe3e6938ee3a95
2022-02-03 07:10:12 -08:00
Sandboxed API Team
9ee3a26e8b Delete deprecated ::sandbox2::Sandbox2::GetPid and its remaining call sites.
PiperOrigin-RevId: 425910086
Change-Id: I2938ce589e83b5441c084994edde6a22c2007642
2022-02-02 09:57:11 -08:00
Christian Blichmann
d451478e26 Change license link to HTTPS URL
PiperOrigin-RevId: 424811734
Change-Id: If5ea692edc56ddc9c99fd478673df41c0246e9cc
2022-01-28 01:39:09 -08:00
Christian Blichmann
8e5771b007 Fix Fedora build, update to latest Abseil
This partially reverts the zlib change in 41e0ca0. Turns out the
`CMakeLists.txt` that ships with zlib leaves much to be desired.

PiperOrigin-RevId: 424800727
Change-Id: I356e3bb8d18461a52f845baa4913adff6549ef00
2022-01-28 00:19:04 -08:00
Rebecca Chen
34551d2cec Add whitespace around keywords to satisfy the LibCST parser.
PiperOrigin-RevId: 424307703
Change-Id: I12949320efe57667624126d64cf99ec0d50edfa5
2022-01-26 03:47:51 -08:00
Copybara-Service
cc6a1114d5 Merge pull request #84 from Vincenzo-Petrolo:main
PiperOrigin-RevId: 424301145
Change-Id: I0336c5ffc2eeefe0ccecb7595b0881df23390bf6
2022-01-26 03:00:06 -08:00
Wiktor Garbacz
67a03326cd Simplify sapi::file::CleanPath
PiperOrigin-RevId: 423792568
Change-Id: Ib213e619d3c3c26fa3e34b506781821f9a9b5292
2022-01-24 05:49:40 -08:00
Wiktor Garbacz
e4436c87e8 Replace deprecate sapi:✌️:Proto ctor calls
PiperOrigin-RevId: 423760615
Change-Id: Id05341221fb6413d8f89d38470a9bc02f9d09b77
2022-01-24 02:10:05 -08:00
Wiktor Garbacz
3c16be8347 Replace deprecated readdir64_r
Plain `readdir` is preferred and while not (yet) specified in POSIX it is thread-safe for different directory streams in popular implementations.

PiperOrigin-RevId: 423321528
Change-Id: I4e1e842f338ff7d690c36e7f699b2f3637609524
2022-01-21 07:48:44 -08:00
Christian Blichmann
6fd650b736 Fix description for OsErrorMessage()
PiperOrigin-RevId: 423075550
Change-Id: I14a36e3cb0cf7647d5845a0a834948f0c51f1d58
2022-01-20 08:36:11 -08:00
Wiktor Garbacz
ae9432bc03 Internal change
PiperOrigin-RevId: 423070471
Change-Id: I876ef8f1d2464383ac319e196c1ba64c46ea4201
2022-01-20 08:09:53 -08:00
Wiktor Garbacz
5c9f01fe3c Move using declarations into unnamed namespace
Also fully qualify

PiperOrigin-RevId: 423066722
Change-Id: Id4dffa21a790ce884db750b1965203f9b056b39f
2022-01-20 07:51:29 -08:00
Wiktor Garbacz
4041fe824b Use the using declarations from ::testing
PiperOrigin-RevId: 423042437
Change-Id: I9ddfacd597c65d3dc6e490201cce4b00678f18cf
2022-01-20 05:16:01 -08:00
Wiktor Garbacz
4a945a1748 Replace deprecated calls
PiperOrigin-RevId: 423037776
Change-Id: Id568d54854dde3778686b778648555e0b48204bc
2022-01-20 04:40:23 -08:00
Wiktor Garbacz
38a1cb707f Switch unnecessary templated functions to regular
PiperOrigin-RevId: 422764920
Change-Id: I44f487b2e114eb9e5ca68d29a7b21fa72917d6f1
2022-01-19 02:37:53 -08:00
Wiktor Garbacz
a339850dbf Fix ::sapi:✌️:Char::ToString()
Also make it correct with scoped enums.

PiperOrigin-RevId: 422310326
Change-Id: Ie2db81ec7c8d8ecd8d5fb79573bc9f5040fd8c3b
2022-01-17 02:04:50 -08:00
Christian Blichmann
9229b3fa82 Fix -Wc++11-narrowing error with Clang introduced in 2546d9e
PiperOrigin-RevId: 421784429
Change-Id: Ia5d09a980db39bc8d88373dc769cb5889417502d
2022-01-14 03:40:01 -08:00
Sandboxed API Team
2546d9e85b Ability to inspect a syscall's return value.
PiperOrigin-RevId: 421552017
Change-Id: I7103720723b5e5828f80731a724c5672895dfa54
2022-01-13 06:49:19 -08:00
Sandboxed API Team
ebe4475348 Fix typo in log line that displayed decimals with 0x prefix
PiperOrigin-RevId: 421547286
Change-Id: Ie088bb7871629db919f34f365eb9b6ab7fe65917
2022-01-13 06:20:47 -08:00
Wiktor Garbacz
99b56fee19 Remove redundant glog dependency for sandbox2::sanitizer
PiperOrigin-RevId: 421500119
Change-Id: I720a3efef52868099d388685abee45be887ba430
2022-01-13 01:15:50 -08:00
Sandboxed API Team
85c8ae5125 Automated rollback of commit fac8713fbe.
PiperOrigin-RevId: 421356226
Change-Id: I4a179aeed226e005449c980e11b049759dad3878
2022-01-12 11:47:06 -08:00
Sandboxed API Team
fac8713fbe Ability to inspect a syscall's return value.
PiperOrigin-RevId: 421300791
Change-Id: I93b7e97a532f82c2b077766e22fb2fe9effe6ba2
2022-01-12 08:09:09 -08:00
Wiktor Garbacz
b0bc17e456 Fix Regs::SkipSyscallReturnValue for Aarch64
Add a test.

PiperOrigin-RevId: 420271649
Change-Id: Ifc857ec5351a0fc70547c98f57c22cf792d5d9f9
2022-01-07 05:26:26 -08:00
Christian Blichmann
d54338db3e Upgrade to libunwind 1.6.2
PiperOrigin-RevId: 420066991
Change-Id: I71295329bc3648827f085c771a1164d1aaf02cab
2022-01-06 08:26:05 -08:00
Christian Blichmann
21847a1ef1 Emulate PTRACE_GETREGSET in ptrace wrapper
Newer versions of libunwind use `PTRACE_GETREGSET` to obtain register data.
This change should make it easier to upgrade the libunwind dependency.

PiperOrigin-RevId: 420057842
Change-Id: Ib9abbeff574e457009709715f912ba5962033c5d
2022-01-06 07:33:13 -08:00
Sandboxed API Team
8d7a442b94 Update test to use sapi:✌️:Proto<>::FromMessage factory method
The bare constructor is deprecated.

PiperOrigin-RevId: 419583946
Change-Id: I7647b74e7f4be65e0bbeba1c1393601ffa87fd80
2022-01-04 07:01:28 -08:00
Christian Blichmann
3745d58587
filewrapper: _Exit instead of CHECK failing
Raw `SAPI_RAW_PCHECK` may dump core, depending on environment settings
(issue #89).
This is undesirable in the face of invalid command-line arguments.

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2022-01-03 15:00:35 +01:00
Christian Blichmann
aa3f60148c Do not run static test on AArch64 user mode emulation
PiperOrigin-RevId: 417556328
Change-Id: Ib04b3c6bbe8e5fcece11652c7a751a319899b73c
2021-12-21 00:17:22 -08:00
Wiktor Garbacz
3f5184770d Introduce util::CharPtrArray with proper ownership semantics
Replace existing calls to VecStringToCharPtrArr

PiperOrigin-RevId: 417383812
Change-Id: Ibf9d878df5ada2cb3a0872f7ca7cab96c304a5c1
2021-12-20 05:08:12 -08:00
Sandboxed API Team
a44e57e243 Update references to the new documentation
PiperOrigin-RevId: 416317448
Change-Id: Ic148364e012405cc34840c12428cbd912ed377ae
2021-12-14 09:03:29 -08:00
Christian Blichmann
11619a08f4 Remove SyscallInitializer
PiperOrigin-RevId: 416231431
Change-Id: I83575ee3a51c348912f3d13db600d104ee927265
2021-12-14 00:45:27 -08:00
Christian Blichmann
01ffc2a1c2 #Cleanup PolicyBuilder API using absl::Span
PiperOrigin-RevId: 415979969
Change-Id: I23e00a48ce9ba14c480f8d137c6ae3981a238e13
2021-12-13 01:31:59 -08:00
Christian Blichmann
354cbe89f9 Add more convenience functions to PolicyBuilder
- Allow to specify multiple syscalls with `BlockSyscallsWithErrno()`
- Add functions to allow `unlink()` and `rename()` in all their spellings

PiperOrigin-RevId: 414987303
Change-Id: Ic0e680b785e8e3a3498f20e6a7403737e63fe876
2021-12-08 06:41:21 -08:00
Sandboxed API Team
46c09e0024 Implement WaitForTsan on other sanitizers
__sanitizer_sandbox_on_notify is not tsan specific.
It's empty for other sanitizers now, but we are going to need it soon.

PiperOrigin-RevId: 414873197
Change-Id: I251ac38e5c886980b4baa7f05306643599a25090
2021-12-07 17:59:05 -08:00
Wiktor Garbacz
8979b47d7f Remove arg filter on rt_sigprocmask in AllowStaticStartup
PiperOrigin-RevId: 414692179
Change-Id: If2a5f741ad38f626287988911b85bef7a711f80a
2021-12-07 05:04:01 -08:00
Sandboxed API Team
8e8ce0955f Fix unwind module for Android-ARM64
PiperOrigin-RevId: 414673588
Change-Id: Ib40e4f6b53692440591a1a1e9e069f974832f733
2021-12-07 03:33:56 -08:00
Wiktor Garbacz
8562306c97 Add CloseAllFDsExcept test.
Move VecStringToCharPtrArr before fork, so that it cannot deadlock when other thread holds allocation lock.

PiperOrigin-RevId: 414661912
Change-Id: Ie8aa5c36693e6f86c69d67a1da51b7e7ff1ec30b
2021-12-07 02:23:23 -08:00
Wiktor Garbacz
4061666f44 Fix dependencies for sanitizer target
PiperOrigin-RevId: 414659990
Change-Id: I25215d0f03cf998fee068ae7db91b7e438fcc4f5
2021-12-07 02:13:15 -08:00
Sandboxed API Team
84c29dd3bb Relax the policy to allow stat (and possibly stat64).
PiperOrigin-RevId: 414480521
Change-Id: If0ffca2141589ea3cf0dec4b0524c50ca37489b4
2021-12-06 10:23:31 -08:00
Christian Blichmann
60eb52c17f Explicitly narrow size argument for BPF
This fixes a build error introduced in 26da6e6b0a.

PiperOrigin-RevId: 414408033
Change-Id: Ic34d5eeba3bb34f9a5ce46a05547129fbab8bce0
2021-12-06 04:51:28 -08:00
Wiktor Garbacz
4e6cafa934 Readd function comment removed by mistake
PiperOrigin-RevId: 414406963
Change-Id: Id8155b67ce063a9171b70e24b58d407415b30e78
2021-12-06 04:43:32 -08:00
Wiktor Garbacz
245a8c7650 Remove deprecated AddTmpfs
PiperOrigin-RevId: 414387983
Change-Id: I872c2f3bc1ccaf7a20d7ab97a5cb104d4f096a3f
2021-12-06 02:36:02 -08:00
Wiktor Garbacz
2a67805a13 Add prlimit64 to AllowLogForwarding
PiperOrigin-RevId: 414385430
Change-Id: I4e70d25f886f1ef65fab1b62c67e80eb45407bc7
2021-12-06 02:19:03 -08:00
Chris Kennelly
e61a84979a Internal change
PiperOrigin-RevId: 413954176
Change-Id: Ie07c1c8d96019e1605ea3b9ed58030754954ee97
2021-12-03 09:34:32 -08:00
Wiktor Garbacz
e4ef46631d Replace raw_logging with regular logging in Monitor
PiperOrigin-RevId: 413928700
Change-Id: I0bc4dd86b45c0ddd679a435003fbad2aea27fbf2
2021-12-03 07:17:36 -08:00
Wiktor Garbacz
2fa92bf47c Internal change
PiperOrigin-RevId: 413911008
Change-Id: I59cdac60c092f31fb487f032b3489341c0ba626a
2021-12-03 05:21:01 -08:00
Wiktor Garbacz
c3308b56fc Replace deprecated AddTmpfs call
PiperOrigin-RevId: 413907279
Change-Id: I3a32be4b19acab8b2b2092961df3dd9f3699261b
2021-12-03 04:56:40 -08:00
Christian Blichmann
4a6e005155 Make PtrXXX() family of functions public
PiperOrigin-RevId: 413616359
Change-Id: I553c17f0668708b00fdb12a21109ed45aeba6c66
2021-12-02 01:41:59 -08:00
Sandboxed API Team
a096056263 Automated rollback of commit b72078f692.
PiperOrigin-RevId: 413442229
Change-Id: I48d03ce200160da1c86faec29b2ca51fb1ead834
2021-12-01 09:54:44 -08:00
Sandboxed API Team
b72078f692 Automated rollback of commit 6a6c931317.
PiperOrigin-RevId: 413362657
Change-Id: Ie75672101b2aba4183f9aa3e39679a99f309e155
2021-12-01 02:56:59 -08:00
Wiktor Garbacz
f5fbe8cce5 Internal change
PiperOrigin-RevId: 413351344
Change-Id: I93962c43649fab1f73b3960044563e54449af271
2021-12-01 01:48:41 -08:00
Christian Blichmann
6a6c931317 Move away from multiple inheritance
This change is a first step to make the SAPI variable hierarchy more sensible.
It turns the `Reg<T>` class into a descendant of `Pointable`, but without
making its `PtrXXX()` methods public (hence the `using` statements). Further
changes are needed to restructure this.

There are no functional changes and the class sizes, including vtables, should
not change.

PiperOrigin-RevId: 413333120
Change-Id: I90ceeaeb7aea482016f8f4bee81489d5a9db9ade
2021-11-30 23:46:59 -08:00
Christian Blichmann
85a463372f Sandbox2: Mark tests that won't run under QEMU user emulation
PiperOrigin-RevId: 412861975
Change-Id: I0f168bc71b5738ed55b836f148ded94bf397d27d
2021-11-29 05:20:48 -08:00
Christian Blichmann
c2b7cffe78 Minielf: Use a template to load integers
Different versions of the `elf.h` header define their own integer types. For
example, even on LP64 systems, a 64-bit ELF integer types may decay into
`unsigned long long` instead of `unsigned long`.

This change replaces the various overloads with a single function template
that is well-defined for all integral types.

PiperOrigin-RevId: 410746713
Change-Id: I4b560f7541802372f01ae3d6f4a56554e51d70c8
2021-11-18 02:16:26 -08:00
Sandboxed API Team
dcfd85d74e Extend existing CPU architecture spellings in config header and define platform spellings.
PiperOrigin-RevId: 410474889
Change-Id: I41f870ad49e2203a6bdf833102c0d0a9cafa7af4
2021-11-17 02:41:07 -08:00
Wiktor Garbacz
e86322db84 Fix a race between NotifyMonitor/AwaitResult
PiperOrigin-RevId: 410463096
Change-Id: I370705131ac78f26736646596189d8cad2bb70c2
2021-11-17 01:40:42 -08:00
Sandboxed API Team
04503f9bbe Replace <bits/local_lim.h> with <climits>
PiperOrigin-RevId: 409932987
Change-Id: I388aca627d6d0f3c9d5721e66574fb8af85cc8f4
2021-11-15 03:16:28 -08:00
Sandboxed API Team
9541b657ad Use alias s6_addr instead of direct field access.
PiperOrigin-RevId: 409908616
Change-Id: I18f87b41eae3f96fd60b8cd14073bd8df66fae98
2021-11-15 01:01:20 -08:00
Sandboxed API Team
2727714012 Expose unwind symbol helpers.
PiperOrigin-RevId: 409391470
Change-Id: Iad14caabbada1278216e5e28ba55bae8dc8b9b2b
2021-11-12 05:59:51 -08:00
Wiktor Garbacz
26da6e6b0a Safer and more efficient custom syscall policies
Generate syscall jump table without using bpf_helper.
Check that any jump in the user provided policy is within the provided policy.

PiperOrigin-RevId: 409362089
Change-Id: I31493e52cf868e4b184ff79fcb26beeb75f49773
2021-11-12 02:44:41 -08:00
Wiktor Garbacz
c95837a6c1 Check and limit seccomp policy length.
PiperOrigin-RevId: 409129756
Change-Id: Ib9937495966f545fb980eba04393db640af2325f
2021-11-11 06:10:40 -08:00
Sandboxed API Team
00747d5241 Allow getpid call for log forwarding.
PiperOrigin-RevId: 407865992
Change-Id: Ia14dc5cc1628337292586955f1c17a8d8f2995de
2021-11-05 11:16:45 -07:00
Tony Li
cfb9e031dd
fix typo, master branch -> main 2021-10-17 22:52:57 -07:00
Christian Blichmann
d85f40b8b0 Modernize namespace_test a little
PiperOrigin-RevId: 402795383
Change-Id: Ia576259078f40a3ca6b96094bd15c3ea7b0b79d9
2021-10-13 04:17:46 -07:00
Christian Blichmann
1260b5f38b Move example sandboxes out of lib directories
This is mainly so that the structure of the examples follows what we do
internally (not having separate directories).

PiperOrigin-RevId: 402298115
Change-Id: I0f542607b88597572de39532364816f80a076697
2021-10-11 07:59:25 -07:00
Christian Blichmann
2c42654333 Improve examples
- CRC4: More readable policy, added explanatory comment
- Use `AllowLlvmSaniters()` in policies

PiperOrigin-RevId: 402296504
Change-Id: I6853199abedf2441eaffff9186d4d354c142e485
2021-10-11 07:50:27 -07:00
Christian Blichmann
d05dc7ba02 Reduce visibility of internal member function
This is the first change in a series that will eventually remove Sandboxed
API's use of multiple inheritance.

Drive-by:
- Rename short member names to full words
- Some reformatting
PiperOrigin-RevId: 402270954
Change-Id: I8af46b887921265a371b85603fd158ef3a8fab50
2021-10-11 05:38:01 -07:00
Christian Blichmann
df1c31188d Fix sums test under MSAN by allowing Scudo to add MAP_NORESERVE in mmap()
Note: This change allows `MAP_NORESERVE` generally, not just for MSAN. This follows
what we do for `AllowTcMalloc()/AllowSystemMalloc()`
PiperOrigin-RevId: 402231980
Change-Id: Ifa1c6b9f61f636dd6db231dde3765c3b4a40911b
2021-10-11 01:22:17 -07:00
Christian Blichmann
221e929018 Include shell-based tests in OSS builds
These were previously dependent on an internal-only testing target.

For now, this only works with Bazel, but should enable us to have better test coverage in GitHub actions.
Eventually, all of these shell-based tests should be converted to `cc_test`s.

PiperOrigin-RevId: 400713615
Change-Id: I1cabb5b72977987ef4a1803480f699b58c4d56e9
2021-10-04 07:18:36 -07:00
Christian Blichmann
98e590463b Internal change
PiperOrigin-RevId: 400144449
Change-Id: Ic0cbd6a3b27012cfb406694bdf2944a5b9905580
2021-10-04 07:18:06 -07:00
Sandboxed API Team
4050f34efc Internal Change
PiperOrigin-RevId: 399850339
Change-Id: I1cbb4d7510bff3ab4a4559cb3252dcf79d2a06b8
2021-09-29 22:12:26 -07:00
Christian Blichmann
90d1867026 Remove deprecated sapi::StatusOr<> forward declaration
PiperOrigin-RevId: 399663835
Change-Id: I92255a68e50a3b9130d3e222a2e353ee2e599c18
2021-09-29 05:39:10 -07:00
Christian Blichmann
f6d9e7fd7c Fix warning about multi-line comment
PiperOrigin-RevId: 399648071
Change-Id: I793a640310d772804726527761ad911772ff19c6
2021-09-29 03:44:32 -07:00
Wiktor Garbacz
d9d2f0e5de Use regular logging in fork client
PiperOrigin-RevId: 399623764
Change-Id: I5eaf0ff7f24e7b61c84ff9dacf8cd53889cc83d0
2021-09-29 00:46:12 -07:00
Sandboxed API Team
fb81c00fd1 Replace auto with explicit type declarations
PiperOrigin-RevId: 399419917
Change-Id: I4b7acd8ab6e2542e2971b29bed0745378b2b6743
2021-09-28 05:50:57 -07:00
Sandboxed API Team
448f393c29 Enable mmap for msan (it's already enabled for asan and tsan)
PiperOrigin-RevId: 399163710
Change-Id: I2cebb6136adb00a53e4baf18d343cf80191efcb0
2021-09-27 05:08:45 -07:00
Wiktor Garbacz
c29c510e30 Log when global forkserver is started and its exit status
PiperOrigin-RevId: 398232735
Change-Id: Ia0628cf2dee51a94938dae82bcb392384feeb74c
2021-09-22 07:16:43 -07:00
Wiktor Garbacz
b470a6ece5 Make the fd cleanup test less brittle
PiperOrigin-RevId: 398229418
Change-Id: If8af43f33b07839ea8d46b85ff77efa8557a31a8
2021-09-22 06:57:55 -07:00
Catalin Patulea
b5fb483b11 Fix formatting of pgoff.
PiperOrigin-RevId: 397763298
Change-Id: I027ef4cd381247521ee2bcce57a17c9d480efb22
2021-09-20 09:02:14 -07:00
Christian Blichmann
c400f92eaa (Mostly) internal change. Add pid() accessor.
PiperOrigin-RevId: 397070773
Change-Id: I9ebac9078f3866ef3e0061ec79da5c9f71e5f480
2021-09-16 06:57:44 -07:00
Kevin Hamacher
aea8bb2ed0 Automated rollback of commit 2036f5b2f0.
PiperOrigin-RevId: 395893427
Change-Id: Iabd32de9cd83de5cc8567834e1f91e48c521ac60
2021-09-10 03:34:44 -07:00
Sandboxed API Team
2036f5b2f0 Automated rollback of commit 4b018757c3.
PiperOrigin-RevId: 395067992
Change-Id: I5db335ed881aa81748a0fc8082091b160fe83e86
2021-09-06 04:07:11 -07:00
Kevin Hamacher
4b018757c3 Use absl::flat_hash_set + Status in favor of std::set in the sanitizer API
PiperOrigin-RevId: 395061068
Change-Id: I31548eb6fc9f27f55acf25bd6d3d0b941a529e63
2021-09-06 03:15:39 -07:00
Kevin Hamacher
eb2c5a66f4 Rework GetListOfFDs API
PiperOrigin-RevId: 395043959
Change-Id: I77ce13f0c786d3644971ed239f3106319667e979
2021-09-06 01:01:19 -07:00
Christian Blichmann
289adcff06 Internal change.
For OSS, this change should be mostly a no-op. Visible edits are due to
changed order of code and/or includes.

PiperOrigin-RevId: 394177395
Change-Id: I1d32f9fd175579e8f05c051b1307953b249d139d
2021-09-01 01:28:19 -07:00
Catalin Patulea
9ab330dc7a 'Map' symbols: add pgoff to disambiguate multiple mappings on same object.
PiperOrigin-RevId: 391520785
Change-Id: Icb05e60f778acfb9fe6f519911ce54bec65fc4ff
2021-08-18 07:14:31 -07:00
Wiktor Garbacz
59f5fa8042 Allow collecting stacktraces on normal process exit
This mainly a debugging facility.
It makes diagnosing problems where sandboxed process just randomly exits whereas unsandboxed one runs to completion due to differences in the setup/environment much easier.

PiperOrigin-RevId: 391005548
Change-Id: Ia19fe6632748da93c1f4291bb55e895f50a4e2b0
2021-08-16 03:13:15 -07:00
Sandboxed API Team
7b31deaed8 Delete deprecated sapi::Sandbox::IsActive and its remaining call sites.
PiperOrigin-RevId: 390412024
Change-Id: Iab3853b3c40dd4e9b0ff31532e8c41c2583ebc4e
2021-08-12 11:00:51 -07:00
Sandboxed API Team
dae91ff082 Fix Symbolize* tests.
PiperOrigin-RevId: 390372065
Change-Id: I1ddc9dd9238795eb0674e04c20a5c91a68582027
2021-08-12 08:03:52 -07:00
Sandboxed API Team
d631154ce5 Delete deprecated sapi::Sandbox::GetRpcChannel and its remaining call sites.
PiperOrigin-RevId: 389968873
Change-Id: Ia72e0064fa57679180f9c406f96266473f8461c2
2021-08-10 13:50:15 -07:00
Wiktor Garbacz
773dc6b18b Do not fail-hard in global forkserver startup
PiperOrigin-RevId: 389816114
Change-Id: Icd672028ff224cf01095d6590fe1cc2adb312316
2021-08-10 00:33:29 -07:00
Sandboxed API Team
165c155a08 Delete deprecated sapi::Sandbox::GetComms and its remaining call sites.
PiperOrigin-RevId: 389716023
Change-Id: I092bc37f3f3bb40554b627f9dd528525b60d67a1
2021-08-09 13:49:45 -07:00