sandboxed-api/sandboxed_api/sandbox2
Wiktor Garbacz 755f29b35e Correct unwinding stop condition
On successful completion, `unw_step()` returns a positive value
  if the updated cursor refers to a valid stack frame,
  or `0` if the previous stack frame was the last frame in the
  chain. On error, the negative value of one of the error-codes
  below is returned.

PiperOrigin-RevId: 491588164
Change-Id: Ie361023ef69eed6c895856832a8208f2791f644d
2022-11-29 03:24:31 -08:00
..
examples Fix command-line handling in sandbox2tool 2022-10-25 08:05:23 -07:00
network_proxy Internal compatible_with change 2022-11-28 09:55:57 -08:00
testcases Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
unwind Correct unwinding stop condition 2022-11-29 03:24:31 -08:00
util Internal compatible_with change 2022-11-28 09:55:57 -08:00
bpfdisassembler.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
bpfdisassembler.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
buffer_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
buffer.cc Remove Tag constructor, add standard comment for absl::WrapUnique(new T) 2022-10-25 06:20:51 -07:00
buffer.h Remove Tag constructor, add standard comment for absl::WrapUnique(new T) 2022-10-25 06:20:51 -07:00
BUILD.bazel Internal compatible_with change 2022-11-28 09:55:57 -08:00
client.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
client.h Sandbox2: Graciously handle mapping over Comms/Exec fds 2022-10-10 09:39:01 -07:00
CMakeLists.txt Remove Tag constructor, add standard comment for absl::WrapUnique(new T) 2022-10-25 06:20:51 -07:00
comms_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
comms_test.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
comms.cc contrib: Replace uses of CHECK_NOTNULL 2022-10-25 05:50:59 -07:00
comms.h Sandbox2: Graciously handle mapping over Comms/Exec fds 2022-10-10 09:39:01 -07:00
executor.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
executor.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
fork_client.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
fork_client.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkingclient.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
forkingclient.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkserver_bin.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
forkserver_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
forkserver.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
forkserver.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
forkserver.proto Migrate forkserver.proto to proto3 syntax 2022-03-14 07:28:23 -07:00
global_forkclient_lib_ctor.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
global_forkclient.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
global_forkclient.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
ipc_test.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
ipc.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
ipc.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
limits_test.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
limits.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
logserver.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
logserver.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
logserver.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
logsink.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
logsink.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
monitor.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
monitor.h Fix possible crash when multiple termination conditions occur simultaneously 2022-05-13 04:35:27 -07:00
mount_tree.proto Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto 2022-03-14 05:15:15 -07:00
mounts_test.cc Disable deprecation warnings 2022-04-22 04:58:02 -07:00
mounts.cc Extend ValidateInterpreter with Android_Arm64 interpreter 2022-03-30 09:45:58 -07:00
mounts.h Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto 2022-03-14 05:15:15 -07:00
namespace_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
namespace.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
namespace.h Add an option to allow mount propagation 2022-03-08 08:01:19 -08:00
notify_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
notify.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
policy_test.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
policy.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
policy.h Add option to block the ptrace system call instead of denying it. 2022-05-27 02:57:37 -07:00
policybuilder_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
policybuilder.cc Remove Tag constructor, add standard comment for absl::WrapUnique(new T) 2022-10-25 06:20:51 -07:00
policybuilder.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
README.md Update references to the new documentation 2021-12-14 09:03:29 -08:00
regs_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
regs.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
regs.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
result.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
result.h #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
sandbox2_test.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
sandbox2.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
sandbox2.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
sanitizer_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
sanitizer.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
sanitizer.h Delete deprecated ::sandbox2::Sandbox2::WaitForTsan and its remaining call sites. 2022-02-03 11:23:56 -08:00
stack_trace_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
stack_trace.cc Remove Tag constructor, add standard comment for absl::WrapUnique(new T) 2022-10-25 06:20:51 -07:00
stack_trace.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
syscall_defs.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
syscall_defs.h Make code not have a -Warray-parameter warning. 2022-08-15 22:55:51 -07:00
syscall_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
syscall.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
syscall.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
testing.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
util_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
util.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
util.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
violation.proto Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto 2022-03-14 05:15:15 -07:00

Sandbox2

Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.

There is also a Getting Started guide for Sandbox2.