mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00

History

Christian Blichmann aa3f60148c Do not run static test on AArch64 user mode emulation

PiperOrigin-RevId: 417556328
Change-Id: Ib04b3c6bbe8e5fcece11652c7a751a319899b73c

2021-12-21 00:17:22 -08:00

examples

Do not run static test on AArch64 user mode emulation

2021-12-21 00:17:22 -08:00

network_proxy

Use alias s6_addr instead of direct field access.

2021-11-15 01:01:20 -08:00

testcases

Add CloseAllFDsExcept test.

2021-12-07 02:23:23 -08:00

unwind

Fix unwind module for Android-ARM64

2021-12-07 03:33:56 -08:00

util

Minielf: Use a template to load integers

2021-11-18 02:16:26 -08:00

bpfdisassembler.cc

Use absl::Span in BPF disassembler

2021-04-21 05:33:12 -07:00

bpfdisassembler.h

Use absl::Span in BPF disassembler

2021-04-21 05:33:12 -07:00

buffer_test.cc

Add more convenience functions to PolicyBuilder

2021-12-08 06:41:21 -08:00

buffer.cc

Introduce sapi::OsErrorMessage() for error handling

2021-07-27 04:10:04 -07:00

buffer.h

…

BUILD.bazel

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

client.cc

Check and limit seccomp policy length.

2021-11-11 06:10:40 -08:00

client.h

…

CMakeLists.txt

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

comms_test.cc

Internal change

2021-12-03 05:21:01 -08:00

comms_test.proto

…

comms.cc

Reorder error logging before Terminate()

2021-07-29 07:12:02 -07:00

comms.h

Add workaround for active Tomoyo LSM

2021-05-10 07:04:04 -07:00

executor.cc

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

executor.h

Use FDCloser in Executor extensively

2021-08-05 04:16:11 -07:00

fork_client.cc

Use regular logging in fork client

2021-09-29 00:46:12 -07:00

fork_client.h

…

forkingclient.cc

…

forkingclient.h

…

forkserver_bin.cc

Automated rollback of commit 2036f5b2f04171d4fe973ba069760963ee7cd557.

2021-09-10 03:34:44 -07:00

forkserver_test.cc

…

forkserver.cc

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

forkserver.h

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

forkserver.proto

…

global_forkclient_lib_ctor.cc

…

global_forkclient.cc

Log when global forkserver is started and its exit status

2021-09-22 07:16:43 -07:00

global_forkclient.h

…

ipc_test.cc

…

ipc.cc

…

ipc.h

…

limits_test.cc

…

limits.h

Internal change.

2021-07-29 05:52:19 -07:00

logserver.cc

…

logserver.h

…

logserver.proto

…

logsink.cc

…

logsink.h

…

monitor.cc

Replace raw_logging with regular logging in Monitor

2021-12-03 07:17:36 -08:00

monitor.h

Internal change

2021-05-20 08:17:10 -07:00

mounts_test.cc

Internal change.

2021-09-01 01:28:19 -07:00

mounts.cc

Minor cleanup/formatting changes

2021-05-17 04:07:08 -07:00

mounts.h

Add workaround for active Tomoyo LSM

2021-05-10 07:04:04 -07:00

mounttree.proto

…

namespace_test.cc

Modernize namespace_test a little

2021-10-13 04:17:46 -07:00

namespace.cc

…

namespace.h

…

notify_test.cc

Add more convenience functions to PolicyBuilder

2021-12-08 06:41:21 -08:00

notify.h

…

policy_test.cc

Add more convenience functions to PolicyBuilder

2021-12-08 06:41:21 -08:00

policy.cc

Take a vector in Policy::AllowUnsafeKeepCapabilities()

2021-07-12 05:43:21 -07:00

policy.h

Allow collecting stacktraces on normal process exit

2021-08-16 03:13:15 -07:00

policybuilder_test.cc

Replace deprecated AddTmpfs call

2021-12-03 04:56:40 -08:00

policybuilder.cc

#Cleanup PolicyBuilder API using absl::Span

2021-12-13 01:31:59 -08:00

policybuilder.h

Remove SyscallInitializer

2021-12-14 00:45:27 -08:00

README.md

Update references to the new documentation

2021-12-14 09:03:29 -08:00

regs.cc

Introduce sapi::OsErrorMessage() for error handling

2021-07-27 04:10:04 -07:00

regs.h

…

result.cc

…

result.h

…

sandbox2_test.cc

Allow collecting stacktraces on normal process exit

2021-08-16 03:13:15 -07:00

sandbox2.cc

Fix a race between NotifyMonitor/AwaitResult

2021-11-17 01:40:42 -08:00

sandbox2.h

Readd function comment removed by mistake

2021-12-06 04:43:32 -08:00

sanitizer_test.cc

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

sanitizer.cc

Implement WaitForTsan on other sanitizers

2021-12-07 17:59:05 -08:00

sanitizer.h

Implement WaitForTsan on other sanitizers

2021-12-07 17:59:05 -08:00

stack_trace_test.cc

…

stack_trace.cc

Relax the policy to allow stat (and possibly stat64).

2021-12-06 10:23:31 -08:00

stack_trace.h

Automated rollback of commit 4a38f59728f7f8849a42422faa9846c865918ac1.

2021-06-28 02:03:06 -07:00

syscall_defs.cc

Add new x86-64 syscalls

2021-06-04 01:01:34 -07:00

syscall_defs.h

…

syscall_test.cc

…

syscall.cc

…

syscall.h

…

testing.h

…

util_test.cc

…

util.cc

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

util.h

Introduce util::CharPtrArray with proper ownership semantics

2021-12-20 05:08:12 -08:00

violation.proto

…

README.md

Sandbox2

Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.

There is also a Getting Started guide for Sandbox2.