sandboxed-api/sandboxed_api/sandbox2
Wiktor Garbacz 88b0a9e2e5 Fix possible crash when multiple termination conditions occur simultaneously
E.g. a failed `KillSandboxee` for a timeout would already set the exit status code while there could be an external kill pending at the same time which would try to `KillSandboxee` again and thus set exit status code again.

PiperOrigin-RevId: 448464765
Change-Id: Ic5744a576c4255504bfb1d5c4f33253b5bb32b6f
2022-05-13 04:35:27 -07:00
..
examples Introduce a transitional logging utility library 2022-04-29 02:14:06 -07:00
network_proxy Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
testcases #Cleanup: Consistently use char* argv[] instead of char** 2022-04-27 00:43:51 -07:00
unwind Apply page offset during stack unwinding/symbolization 2022-02-11 07:19:34 -08:00
util Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
bpfdisassembler.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
bpfdisassembler.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
buffer_test.cc Fix BlockSyscallsWithErrno 2022-02-21 00:46:50 -08:00
buffer.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
buffer.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
BUILD.bazel Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
client.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
client.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
CMakeLists.txt Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
comms_test.cc Changes to comms_test module to run unittests with --config=android_arm64 2022-03-29 07:16:43 -07:00
comms_test.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
comms.cc Patch sandbox2/comms module to build for Android. 2022-03-17 05:27:07 -07:00
comms.h Change to proto2::MessageLite and resolve reflextion for mobile builds 2022-03-03 04:48:30 -08:00
executor.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
executor.h Add default member initializer for sandbox2::Executor::Process members 2022-04-11 06:59:17 -07:00
fork_client.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
fork_client.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkingclient.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkingclient.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkserver_bin.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkserver_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkserver.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
forkserver.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkserver.proto Migrate forkserver.proto to proto3 syntax 2022-03-14 07:28:23 -07:00
global_forkclient_lib_ctor.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
global_forkclient.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
global_forkclient.h Introduce commandline flag to pass forkserver_bin path for Android builds. 2022-03-02 08:12:21 -08:00
ipc_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
ipc.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
ipc.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
limits_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
limits.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
logserver.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
logserver.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
logserver.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
logsink.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
logsink.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
monitor.cc Fix possible crash when multiple termination conditions occur simultaneously 2022-05-13 04:35:27 -07:00
monitor.h Fix possible crash when multiple termination conditions occur simultaneously 2022-05-13 04:35:27 -07:00
mount_tree.proto Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto 2022-03-14 05:15:15 -07:00
mounts_test.cc Disable deprecation warnings 2022-04-22 04:58:02 -07:00
mounts.cc Extend ValidateInterpreter with Android_Arm64 interpreter 2022-03-30 09:45:58 -07:00
mounts.h Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto 2022-03-14 05:15:15 -07:00
namespace_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
namespace.cc Add an option to allow mount propagation 2022-03-08 08:01:19 -08:00
namespace.h Add an option to allow mount propagation 2022-03-08 08:01:19 -08:00
notify_test.cc Remove AllowStaticStartup because AllowDynamicStartup calls this as well 2022-04-29 00:48:37 -07:00
notify.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
policy_test.cc Link more complex test cases dynamically 2022-02-16 05:59:13 -08:00
policy.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
policy.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
policybuilder_test.cc Link more complex test cases dynamically 2022-02-16 05:59:13 -08:00
policybuilder.cc Allow readlinkat with sanitizers 2022-04-29 18:23:59 -07:00
policybuilder.h Allow access to /sys/devices/system/cpu/ 2022-04-05 00:29:08 -07:00
README.md Update references to the new documentation 2021-12-14 09:03:29 -08:00
regs_test.cc Fix -Wc++11-narrowing error with Clang introduced in 2546d9e 2022-01-14 03:40:01 -08:00
regs.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
regs.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
result.cc More permissive ptrace handling in edge cases 2022-05-09 06:58:27 -07:00
result.h More permissive ptrace handling in edge cases 2022-05-09 06:58:27 -07:00
sandbox2_test.cc Link more complex test cases dynamically 2022-02-16 05:59:13 -08:00
sandbox2.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
sandbox2.h Delete deprecated ::sandbox2::Sandbox2::GetPid and its remaining call sites. 2022-02-02 09:57:11 -08:00
sanitizer_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
sanitizer.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
sanitizer.h Delete deprecated ::sandbox2::Sandbox2::WaitForTsan and its remaining call sites. 2022-02-03 11:23:56 -08:00
stack_trace_test.cc Link more complex test cases dynamically 2022-02-16 05:59:13 -08:00
stack_trace.cc Fix stack traces on Fedora 2022-03-28 04:05:36 -07:00
stack_trace.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
syscall_defs.cc Add new x86-64 syscalls 2021-06-04 01:01:34 -07:00
syscall_defs.h Move utility code into sandboxed_api/util 2021-01-13 09:25:52 -08:00
syscall_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
syscall.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
syscall.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
testing.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
util_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
util.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
util.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
violation.proto Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto 2022-03-14 05:15:15 -07:00

Sandbox2

Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.

There is also a Getting Started guide for Sandbox2.