├── .github └── workflows │ └── main.yml ├── CMakeLists.txt ├── CODE_OF_CONDUCT.md ├── LICENSE ├── README.md ├── SECURITY.md ├── include └── process_sandbox │ ├── callback_numbers.h │ ├── callbacks.h │ ├── cxxsandbox.h │ ├── filetree.h │ ├── helpers.h │ ├── netpolicy.h │ ├── path.h │ ├── platform │ ├── README.md │ ├── child_process.h │ ├── child_process_pdfork.h │ ├── child_process_vfork.h │ ├── onebitsem.h │ ├── onebitsem_futex.h │ ├── onebitsem_umtx.h │ ├── platform.h │ ├── poller.h │ ├── poller_epoll.h │ ├── poller_kqueue.h │ ├── safe_syscalls-freebsd.h │ ├── safe_syscalls-linux.h │ ├── safe_syscalls.h │ ├── sandbox.h │ ├── sandbox_capsicum.h │ ├── sandbox_seccomp-bpf.h │ ├── shm.h │ ├── shm_posix.h │ ├── socketpair.h │ ├── socketpair_posix.h │ ├── syscall_context.h │ ├── syscall_context_freebsd.h │ └── syscall_context_linux.h │ ├── sandbox.h │ ├── sandbox_fd_numbers.h │ ├── sandbox_meta_entry.h │ └── shared_memory_region.h ├── src ├── child_malloc.h ├── host_service_calls.h ├── library_runner.cc └── libsandbox.cc └── tests ├── CMakeLists.txt ├── child_process.cc ├── net-test-helpers.h ├── onebitsem-basic.cc ├── onebitsem-child.cc ├── path.cc ├── poller.cc ├── sandbox-basic.cc ├── sandbox-callback-basic.cc ├── sandbox-callback-recursive.cc ├── sandbox-crash.cc ├── sandbox-curl.cc ├── sandbox-fake-open.cc ├── sandbox-modify-pagemap.cc ├── sandbox-network.cc ├── sandbox-rpc-bounds.cc ├── sandbox-rpc-deadlock.cc ├── sandbox-zlib.cc ├── sandboxlib-basic.cc ├── sandboxlib-callback-basic.cc ├── sandboxlib-callback-recursive.cc ├── sandboxlib-crash.cc ├── sandboxlib-curl.cc ├── sandboxlib-fake-open.cc ├── sandboxlib-modify-pagemap.cc ├── sandboxlib-network.cc ├── sandboxlib-rpc-bounds.cc ├── sandboxlib-rpc-deadlock.cc ├── sandboxlib-zlib.cc ├── shm.cc ├── socketpair-sendhandle.cc ├── socketpair.cc └── zlib.inc /.github/workflows/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/.github/workflows/main.yml -------------------------------------------------------------------------------- /CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/CMakeLists.txt -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/SECURITY.md -------------------------------------------------------------------------------- /include/process_sandbox/callback_numbers.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/callback_numbers.h -------------------------------------------------------------------------------- /include/process_sandbox/callbacks.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/callbacks.h -------------------------------------------------------------------------------- /include/process_sandbox/cxxsandbox.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/cxxsandbox.h -------------------------------------------------------------------------------- /include/process_sandbox/filetree.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/filetree.h -------------------------------------------------------------------------------- /include/process_sandbox/helpers.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/helpers.h -------------------------------------------------------------------------------- /include/process_sandbox/netpolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/netpolicy.h -------------------------------------------------------------------------------- /include/process_sandbox/path.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/path.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/README.md -------------------------------------------------------------------------------- /include/process_sandbox/platform/child_process.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/child_process.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/child_process_pdfork.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/child_process_pdfork.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/child_process_vfork.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/child_process_vfork.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/onebitsem.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/onebitsem.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/onebitsem_futex.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/onebitsem_futex.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/onebitsem_umtx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/onebitsem_umtx.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/platform.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/platform.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/poller.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/poller.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/poller_epoll.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/poller_epoll.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/poller_kqueue.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/poller_kqueue.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/safe_syscalls-freebsd.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/safe_syscalls-freebsd.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/safe_syscalls-linux.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/safe_syscalls-linux.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/safe_syscalls.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/safe_syscalls.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/sandbox.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/sandbox.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/sandbox_capsicum.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/sandbox_capsicum.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/sandbox_seccomp-bpf.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/sandbox_seccomp-bpf.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/shm.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/shm.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/shm_posix.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/shm_posix.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/socketpair.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/socketpair.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/socketpair_posix.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/socketpair_posix.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/syscall_context.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/syscall_context.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/syscall_context_freebsd.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/syscall_context_freebsd.h -------------------------------------------------------------------------------- /include/process_sandbox/platform/syscall_context_linux.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/platform/syscall_context_linux.h -------------------------------------------------------------------------------- /include/process_sandbox/sandbox.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/sandbox.h -------------------------------------------------------------------------------- /include/process_sandbox/sandbox_fd_numbers.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/sandbox_fd_numbers.h -------------------------------------------------------------------------------- /include/process_sandbox/sandbox_meta_entry.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/sandbox_meta_entry.h -------------------------------------------------------------------------------- /include/process_sandbox/shared_memory_region.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/include/process_sandbox/shared_memory_region.h -------------------------------------------------------------------------------- /src/child_malloc.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/src/child_malloc.h -------------------------------------------------------------------------------- /src/host_service_calls.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/src/host_service_calls.h -------------------------------------------------------------------------------- /src/library_runner.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/src/library_runner.cc -------------------------------------------------------------------------------- /src/libsandbox.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/src/libsandbox.cc -------------------------------------------------------------------------------- /tests/CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/CMakeLists.txt -------------------------------------------------------------------------------- /tests/child_process.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/child_process.cc -------------------------------------------------------------------------------- /tests/net-test-helpers.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/net-test-helpers.h -------------------------------------------------------------------------------- /tests/onebitsem-basic.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/onebitsem-basic.cc -------------------------------------------------------------------------------- /tests/onebitsem-child.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/onebitsem-child.cc -------------------------------------------------------------------------------- /tests/path.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/path.cc -------------------------------------------------------------------------------- /tests/poller.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/poller.cc -------------------------------------------------------------------------------- /tests/sandbox-basic.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-basic.cc -------------------------------------------------------------------------------- /tests/sandbox-callback-basic.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-callback-basic.cc -------------------------------------------------------------------------------- /tests/sandbox-callback-recursive.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-callback-recursive.cc -------------------------------------------------------------------------------- /tests/sandbox-crash.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-crash.cc -------------------------------------------------------------------------------- /tests/sandbox-curl.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-curl.cc -------------------------------------------------------------------------------- /tests/sandbox-fake-open.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-fake-open.cc -------------------------------------------------------------------------------- /tests/sandbox-modify-pagemap.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-modify-pagemap.cc -------------------------------------------------------------------------------- /tests/sandbox-network.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-network.cc -------------------------------------------------------------------------------- /tests/sandbox-rpc-bounds.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-rpc-bounds.cc -------------------------------------------------------------------------------- /tests/sandbox-rpc-deadlock.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-rpc-deadlock.cc -------------------------------------------------------------------------------- /tests/sandbox-zlib.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandbox-zlib.cc -------------------------------------------------------------------------------- /tests/sandboxlib-basic.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-basic.cc -------------------------------------------------------------------------------- /tests/sandboxlib-callback-basic.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-callback-basic.cc -------------------------------------------------------------------------------- /tests/sandboxlib-callback-recursive.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-callback-recursive.cc -------------------------------------------------------------------------------- /tests/sandboxlib-crash.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-crash.cc -------------------------------------------------------------------------------- /tests/sandboxlib-curl.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-curl.cc -------------------------------------------------------------------------------- /tests/sandboxlib-fake-open.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-fake-open.cc -------------------------------------------------------------------------------- /tests/sandboxlib-modify-pagemap.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-modify-pagemap.cc -------------------------------------------------------------------------------- /tests/sandboxlib-network.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-network.cc -------------------------------------------------------------------------------- /tests/sandboxlib-rpc-bounds.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-rpc-bounds.cc -------------------------------------------------------------------------------- /tests/sandboxlib-rpc-deadlock.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-rpc-deadlock.cc -------------------------------------------------------------------------------- /tests/sandboxlib-zlib.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/sandboxlib-zlib.cc -------------------------------------------------------------------------------- /tests/shm.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/shm.cc -------------------------------------------------------------------------------- /tests/socketpair-sendhandle.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/socketpair-sendhandle.cc -------------------------------------------------------------------------------- /tests/socketpair.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/socketpair.cc -------------------------------------------------------------------------------- /tests/zlib.inc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/verona-sandbox/HEAD/tests/zlib.inc --------------------------------------------------------------------------------