Sandboxed API Team 3323ddc129 Permit sandboxee's bpf() to fail ... The default policy causes immediate termination of a sandboxee that calls `bpf`(2). This does not allow for try-call use of `bpf()` to test for optional features. To support such try-call use cases, sandboxes would like to say: ``` sandbox2::PolicyBuilder builder; builder.BlockSyscallWithErrno(__NR_bpf, EPERM); ``` but this doesn't work because the default policy unconditionally treats `bpf()` as a sandbox violation. Remove the bpf violation check from the policy if `bpf()` is explicitly blocked with an errno. PiperOrigin-RevId: 345239389 Change-Id: I7fcfd3a938c610c8679edf8e1fa0238b32cc9db4		2020-12-02 08:38:32 -08:00
..
bazel	Support AArch64 and PPC64 in third party dependencies	2020-10-26 01:22:23 -07:00
docs	Internal change.	2020-03-19 09:58:28 -07:00
examples	Use actual ptrace() arguments in example	2020-11-19 06:47:31 -08:00
sandbox2	Permit sandboxee's bpf() to fail	2020-12-02 08:38:32 -08:00
tools	Emit non-type template args as part of forward decls	2020-10-28 16:48:04 +01:00
util	Build fixes for recent Bazel versions	2020-09-25 07:25:31 -07:00
BUILD.bazel	Enable log forwarding from sandboxee if enabled by the supervisor.	2020-11-04 09:24:50 -08:00
call.h	Use size_t/uintptr_t instead of uintptr_t or uint64_t where appropriate	2020-09-18 07:45:03 -07:00
client.cc	Enable log forwarding from sandboxee if enabled by the supervisor.	2020-11-04 09:24:50 -08:00
CMakeLists.txt	Enable log forwarding from sandboxee if enabled by the supervisor.	2020-11-04 09:24:50 -08:00
embed_file.cc	Replace sapi::Status with absl::Status	2020-02-27 09:24:12 -08:00
embed_file.h	Replace deprecated thread annotations macros.	2020-01-30 05:06:55 -08:00
file_toc.h	Update license header with recommended best practices	2020-01-17 05:05:29 -08:00
lenval_core.h	Update license header with recommended best practices	2020-01-17 05:05:29 -08:00
proto_arg.proto	Update license header with recommended best practices	2020-01-17 05:05:29 -08:00
proto_helper.h	Internal BUILD refactoring	2020-09-03 07:40:33 -07:00
rpcchannel.cc	Use size_t/uintptr_t instead of uintptr_t or uint64_t where appropriate	2020-09-18 07:45:03 -07:00
rpcchannel.h	Use size_t/uintptr_t instead of uintptr_t or uint64_t where appropriate	2020-09-18 07:45:03 -07:00
sandbox.cc	Cleans up statusor.h includes.	2020-10-26 09:08:41 -07:00
sandbox.h	Cleans up statusor.h includes.	2020-10-26 09:08:41 -07:00
sapi_test.cc	Modernize a few files	2020-07-20 03:07:54 -07:00
transaction.cc	Rename accessors, move away from time_t API	2020-08-07 00:30:28 -07:00
transaction.h	Rename accessors, move away from time_t API	2020-08-07 00:30:28 -07:00
var_abstract.cc	Replace sapi::Status with absl::Status	2020-02-27 09:24:12 -08:00
var_abstract.h	Modernize a few files	2020-07-20 03:07:54 -07:00
var_array.h	Use string_view instead of char* in CStr ctor	2020-10-14 02:04:05 -07:00
var_int.cc	Replace sapi::Status with absl::Status	2020-02-27 09:24:12 -08:00
var_int.h	Rename SYNC_* constants to conform to style guide	2020-07-20 07:05:44 -07:00
var_lenval.cc	Replace sapi::Status with absl::Status	2020-02-27 09:24:12 -08:00
var_lenval.h	Replace sapi::Status with absl::Status	2020-02-27 09:24:12 -08:00
var_pointable.cc	Update license header with recommended best practices	2020-01-17 05:05:29 -08:00
var_pointable.h	Rename SYNC_* constants to conform to style guide	2020-07-20 07:05:44 -07:00
var_proto.h	Cleans up statusor.h includes.	2020-10-26 09:08:41 -07:00
var_ptr.h	Rename SYNC_* constants to conform to style guide	2020-07-20 07:05:44 -07:00
var_reg.h	Use absl::StrFormat() in Reg<T>::ToString()	2020-07-22 01:21:02 -07:00
var_struct.h	Modernize a few files	2020-07-20 03:07:54 -07:00
var_type.h	Update license header with recommended best practices	2020-01-17 05:05:29 -08:00
var_void.h	Rename SYNC_* constants to conform to style guide	2020-07-20 07:05:44 -07:00
vars.h	Update license header with recommended best practices	2020-01-17 05:05:29 -08:00