StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 18894d57f9 Add a helper method to allow the eventfd* family of syscalls. Sandboxed API Team 2023-03-22 07:46:14 -0700
  • b50bc23138 Remove no longer needed friend declaration Wiktor Garbacz 2023-03-22 06:26:39 -0700
  • 8a38e4de47 Copy environ in sandbox2_test to get better coverage data Wiktor Garbacz 2023-03-22 05:46:25 -0700
  • 99931c2ad6 Move abort into ExecuteProcess and mark it noreturn Wiktor Garbacz 2023-03-22 04:06:25 -0700
  • b62d103426 Internal change Sandboxed API Team 2023-03-21 01:48:46 -0700
  • 9867ce3beb Make SAPI_RAW_LOG(FATAL, ...) noreturn Wiktor Garbacz 2023-03-20 05:42:28 -0700
  • 10b89d4d33 Add missing LOAD_SYSCALL_NR Wiktor Garbacz 2023-03-15 03:29:07 -0700
  • 690b31a038 Fix the poll in wait_for_sandboxee branch Wiktor Garbacz 2023-03-14 09:18:47 -0700
  • 5a2bdd436d Fix poll in unotify monitor Wiktor Garbacz 2023-03-14 07:03:40 -0700
  • cb63dfead5 Add tests for util.cc Wiktor Garbacz 2023-03-14 00:03:33 -0700
  • 10d44614fd Partial support for sandbox2::Notify in UnotifyMonitor Wiktor Garbacz 2023-03-10 00:58:59 -0800
  • 6a79282895 contrib/lodepng: Add missing dependencies Wiktor Garbacz 2023-03-09 05:10:08 -0800
  • a31584ff49 Add explicit cast to fix build error Wiktor Garbacz 2023-03-09 01:02:54 -0800
  • e031c11bdc Update naming and lambda capture for stack size Wiktor Garbacz 2023-03-09 00:13:49 -0800
  • 0d3d5d4bcb Seccomp_unotify based monitor Wiktor Garbacz 2023-03-08 08:08:35 -0800
  • 80cc894c39 Allow sched_getaffinity with sanitizers Sandboxed API Team 2023-03-08 06:50:31 -0800
  • e3b2d232b4 Add test for bpf disassembler Wiktor Garbacz 2023-03-07 05:03:22 -0800
  • e46a526865 Add explicit casts to avoid build failures Wiktor Garbacz 2023-03-07 05:02:04 -0800
  • a8db8bfcf7 PTHREAD_STACK_MIN is not always a constexpr Wiktor Garbacz 2023-03-07 04:47:20 -0800
  • 9f657e6a62 Consistently exclude examples from coverage runs Wiktor Garbacz 2023-03-06 10:02:28 -0800
  • 17553b2206 syscall_trap: Add missing includes use C++ ones Christian Blichmann 2023-03-06 05:59:46 -0800
  • 526401166e Migrate namespaces related tests out of policybuilder_test Wiktor Garbacz 2023-03-06 00:27:06 -0800
  • 64b52ff3b5 Fix stack_trace_test for ARM64 Wiktor Garbacz 2023-03-06 00:21:29 -0800
  • 550b26587f Implement DangerDefaultAllowAll using DefaultAction(AllowAllSyscalls()) Wiktor Garbacz 2023-03-03 10:25:39 -0800
  • e09c2bc215 Run more tests with coverage and sanitizers contd Wiktor Garbacz 2023-03-03 06:50:17 -0800
  • 6827dc0059 Remove superfluous set_rlimit_as(RLIM64_INFINITY) Wiktor Garbacz 2023-03-03 01:13:44 -0800
  • cd945565f5 Run more tests with coverage and sanitizers Wiktor Garbacz 2023-03-02 08:45:23 -0800
  • a613dda7f2 Test stack unwinding more thoroughly Wiktor Garbacz 2023-03-02 05:09:05 -0800
  • 0033c4563f Remove unused UnwindResult.ip, reuse RunLibUnwindAndSymbolizer Wiktor Garbacz 2023-03-02 02:39:33 -0800
  • d74dac096a Rework stack_trace_test Wiktor Garbacz 2023-03-02 01:25:02 -0800
  • dfe0b9aa6d Remove leftover DangerDefaultAllowAll Wiktor Garbacz 2023-03-02 01:21:34 -0800
  • 5a8a25e9ac Change the default action instead of appending ALLOW Wiktor Garbacz 2023-03-01 05:35:51 -0800
  • fbfbd13adf Add frame pointer unwinding fallback Wiktor Garbacz 2023-03-01 03:54:29 -0800
  • e11109c9ee Internal change Juan Vazquez 2023-02-28 07:00:24 -0800
  • 6aa97f5394 Internal changes Juan Vazquez 2023-02-28 05:33:30 -0800
  • bd14f6818d Add field to track policy source location Juan Vazquez 2023-02-24 07:54:10 -0800
  • e1246332d1 Rename and move CreateDirRecursive Wiktor Garbacz 2023-02-16 10:43:25 -0800
  • 6db17e7ab3 Use namespaced policy in most tests Wiktor Garbacz 2023-02-16 07:11:48 -0800
  • 71692bb50b Decouple sandboxed stack tracing Wiktor Garbacz 2023-02-16 05:06:50 -0800
  • d2dbbbae76 Remove redundant tests Wiktor Garbacz 2023-02-16 02:27:57 -0800
  • 3f53e81d0b Remove unused dependency Wiktor Garbacz 2023-02-15 11:34:21 -0800
  • e4c0d91e69 Remove leftover debug log Wiktor Garbacz 2023-02-14 02:50:29 -0800
  • a5d12903dd Extract SandboxeeProcess and move it down the call chain Wiktor Garbacz 2023-02-07 02:22:02 -0800
  • f289855867 Update IfThenChange after monitor split Wiktor Garbacz 2023-02-02 05:16:21 -0800
  • 34b2f6bc90 Remove AllowUnsafeKeepCapabilities() Wiktor Garbacz 2023-02-02 04:46:19 -0800
  • 8f24f2a4f0 Split PtraceMonitor into separate file Wiktor Garbacz 2023-01-30 05:08:42 -0800
  • 97d67019d2 Split out policybuilder target Wiktor Garbacz 2023-01-27 01:24:14 -0800
  • 4450c5513f Bazel: Do not expose regs.h Wiktor Garbacz 2023-01-27 00:42:55 -0800
  • f636cd86d6 Split PtraceMonitor out of Monitor Wiktor Garbacz 2023-01-23 01:41:42 -0800
  • 93ef7eb380 Explicitly close the output stream. Sandboxed API Team 2023-01-23 00:06:19 -0800
  • 8c107936da Internal BUILD changes Sandboxed API Team 2023-01-20 05:14:12 -0800
  • adb90a14a0 Internal BUILD changes Sandboxed API Team 2023-01-20 04:42:38 -0800
  • 8bf9868ec3 Protobuf doesn't directly support heterogeneous lookup with absl::string_view Wiktor Garbacz 2023-01-19 07:31:23 -0800
  • 2f64d3d925 stack_trace: pass fd to sandboxee's memory instead of using process_vm_readv Wiktor Garbacz 2023-01-19 05:44:11 -0800
  • f87b6feb18 stack_trace: do not add common libraries when not a custom fork-server Wiktor Garbacz 2023-01-19 02:47:17 -0800
  • bc6937ac82 Add logging of stack traces of all threads that were terminated by a signal or when the sandboxee did not exit normally. Disabled by default, enabled with a flag. Sandboxed API Team 2023-01-18 01:44:18 -0800
  • 58c3f80d57 Allow MADV_HUGEPAGE used by tcmalloc Wiktor Garbacz 2023-01-13 04:40:47 -0800
  • 2ae5370cfb Full syscall info in Result::ToString Wiktor Garbacz 2023-01-12 03:57:13 -0800
  • 858c407521 Replace llvm::makeArrayRef with ArrayRef constructors. Dmitri Gribenko 2023-01-10 15:13:31 -0800
  • f086c39f42 Update clients of PolicyBuilder to support architectures other than x86_64. Sandboxed API Team 2023-01-06 08:24:34 -0800
  • 1871b173c4 Add __NR_faccessat2 to the list of syscalls allowed by AllowAccess(). Sandboxed API Team 2023-01-06 00:12:59 -0800
  • 756176f206 On new process, check for the clone3 syscall. Sandboxed API Team 2023-01-05 10:01:32 -0800
  • 90ee0a7464 Update clients of PolicyBuilder to support architectures other than x86_64. Sandboxed API Team 2023-01-04 01:43:41 -0800
  • 00d42577d5 Use CLONE_VM for starting the global forkserver Wiktor Garbacz 2023-01-03 05:36:02 -0800
  • 2d52191c24 Define PR_SET_VMA* if undefined Wiktor Garbacz 2022-12-22 07:38:54 -0800
  • fc721da2b9 More precise sycall_defs Wiktor Garbacz 2022-12-22 05:00:14 -0800
  • 89a8f35f0e Use new helpers in policy_test Wiktor Garbacz 2022-12-21 06:16:29 -0800
  • 7625c3dd24 Use AllowDup helper in AddNetworkProxyPolicy Wiktor Garbacz 2022-12-21 05:35:20 -0800
  • aff27f4559 Update PolicyBuilder to include wrappers for more syscall families that differ between platforms. Sandboxed API Team 2022-12-13 09:31:29 -0800
  • 5b3450ac8d Internal change Wiktor Garbacz 2022-12-09 06:13:33 -0800
  • ee58a410d9 Handle S2 unwinding by trapping ptrace Wiktor Garbacz 2022-11-30 05:59:36 -0800
  • bd5769d40a Use SyscallTrap in NetworkProxy Wiktor Garbacz 2022-11-30 05:47:09 -0800
  • 5bf9b1aef0 Introduce SyscallTrap helper class Wiktor Garbacz 2022-11-30 05:20:42 -0800
  • 77c80b7213 unwind: Skip Mapping Symbols on ARM Wiktor Garbacz 2022-11-30 00:16:02 -0800
  • 755f29b35e Correct unwinding stop condition Wiktor Garbacz 2022-11-29 03:23:59 -0800
  • 92a8247777 Bazel: Add full support for virtual includes Christian Blichmann 2022-11-29 02:17:03 -0800
  • e5971312eb Internal change Wiktor Garbacz 2022-11-29 00:48:08 -0800
  • 11b89c0317 Internal compatible_with change Sandboxed API Team 2022-11-28 09:55:23 -0800
  • d31e691705 clang_generator: Implement limit_scan_depth feature Christian Blichmann 2022-11-23 09:09:09 -0800
  • e223ef4790 clang_generator: Skip Abseil internal functions Christian Blichmann 2022-11-23 08:46:59 -0800
  • cded8655d3 clang_generator: Skip dependent types Christian Blichmann 2022-11-23 08:31:27 -0800
  • d7fe6cd334 clang_generator: Use fully qualified names Christian Blichmann 2022-11-23 07:54:13 -0800
  • 37ca6d0fc6 clang_generator: Access type collector/function via accessors Christian Blichmann 2022-11-23 05:20:47 -0800
  • 13c5b564b6 clang_generator: Collect function types directly Christian Blichmann 2022-11-23 05:18:30 -0800
  • 3155cb0a67 Fix format string and/or arguments to match. Sandboxed API Team 2022-11-14 08:50:30 -0800
  • 67bc67bbef clang_generator: Handle inter-type dependencies better Christian Blichmann 2022-11-14 08:18:42 -0800
  • b626bf40da Migrate from cfg = "host" to cfg = "exec" Liam Miller-Cushon 2022-11-14 07:07:25 -0800
  • 1ae04ac332 clang_generator: Use fully-qualified names, emit in source order Christian Blichmann 2022-11-07 00:37:13 -0800
  • ce26b55e26 clang_generator: Turn fatal error on struc-by-value into warning Christian Blichmann 2022-11-03 06:01:50 -0700
  • 3abfefaf3b Silence some pytype errors. Rebecca Chen 2022-11-02 01:08:02 -0700
  • 4b56d5606d clang_generator: Fail header generation with struct-by-value Christian Blichmann 2022-11-02 00:42:51 -0700
  • 7e0f72e445 clang_generator: Refactor frontend test utilities Christian Blichmann 2022-11-01 08:59:48 -0700
  • c3889ce379 Fix command-line handling in sandbox2tool Christian Blichmann 2022-10-25 08:04:50 -0700
  • 6222ffe04f contrib: More fixes for flags and logging migration Christian Blichmann 2022-10-25 06:33:13 -0700
  • 6fbfb8f9bd Remove Tag constructor, add standard comment for absl::WrapUnique(new T) Christian Blichmann 2022-10-25 06:20:08 -0700
  • 8d04efa62d contrib: Replace uses of CHECK_NOTNULL Christian Blichmann 2022-10-25 05:50:16 -0700
  • 3b95bec700 Remove unused SAPI_INTERNAL_UNREACHABLE Wiktor Garbacz 2022-10-24 08:47:39 -0700
  • 4c87556901 Use Abseil's log/flags instead of glog/gflags Christian Blichmann 2022-10-20 06:48:06 -0700
  • 7dca070083 Integrate LLVM at llvm/llvm-project@06da9b94ae Benjamin Kramer 2022-10-14 10:41:17 -0700
  • 882e474032 Bazel: Add copts attribute to macros which use _default_copts where necessary Sandboxed API Team 2022-10-13 06:00:42 -0700