Directories
¶
| Path | Synopsis |
|---|---|
|
Package arch provides abstractions around architecture-dependent details, such as syscall calling conventions, native types, etc.
|
Package arch provides abstractions around architecture-dependent details, such as syscall calling conventions, native types, etc. |
|
Package context defines the sentry's Context type.
|
Package context defines the sentry's Context type. |
|
contexttest
Package contexttest builds a test context.Context.
|
Package contexttest builds a test context.Context. |
|
Package control contains types that expose control server methods, and can be used to configure and interact with a running sandbox process.
|
Package control contains types that expose control server methods, and can be used to configure and interact with a running sandbox process. |
|
Package device defines reserved virtual kernel devices and structures for managing them.
|
Package device defines reserved virtual kernel devices and structures for managing them. |
|
Package fs implements a virtual filesystem layer.
|
Package fs implements a virtual filesystem layer. |
|
anon
Package anon implements an anonymous inode, useful for implementing inodes for pseudo filesystems.
|
Package anon implements an anonymous inode, useful for implementing inodes for pseudo filesystems. |
|
ashmem
Package ashmem implements Android ashmem module (Anonymus Shared Memory).
|
Package ashmem implements Android ashmem module (Anonymus Shared Memory). |
|
binder
Package binder implements Android Binder IPC module.
|
Package binder implements Android Binder IPC module. |
|
dev
Package dev provides a filesystem with simple devices.
|
Package dev provides a filesystem with simple devices. |
|
fdpipe
Package fdpipe implements common namedpipe opening and accessing logic.
|
Package fdpipe implements common namedpipe opening and accessing logic. |
|
filetest
Package filetest provides a test implementation of an fs.File.
|
Package filetest provides a test implementation of an fs.File. |
|
fsutil
Package fsutil provides utilities for implementing fs.InodeOperations and fs.FileOperations:
|
Package fsutil provides utilities for implementing fs.InodeOperations and fs.FileOperations: |
|
gofer
Package gofer implements a remote 9p filesystem.
|
Package gofer implements a remote 9p filesystem. |
|
host
Package host implements an fs.Filesystem for files backed by host file descriptors.
|
Package host implements an fs.Filesystem for files backed by host file descriptors. |
|
lock
Package lock is the API for POSIX-style advisory regional file locks and BSD-style full file locks.
|
Package lock is the API for POSIX-style advisory regional file locks and BSD-style full file locks. |
|
proc
Package proc implements a partial in-memory file system for profs.
|
Package proc implements a partial in-memory file system for profs. |
|
proc/device
Package device contains the proc device to avoid dependency loops.
|
Package device contains the proc device to avoid dependency loops. |
|
ramfs
Package ramfs implements an in-memory file system that can be associated with any device.
|
Package ramfs implements an in-memory file system that can be associated with any device. |
|
ramfs/test
Package test provides a simple ramfs-based filesystem for use in testing.
|
Package test provides a simple ramfs-based filesystem for use in testing. |
|
sys
Package sys implements a sysfs filesystem.
|
Package sys implements a sysfs filesystem. |
|
timerfd
Package timerfd implements the semantics of Linux timerfd objects as described by timerfd_create(2).
|
Package timerfd implements the semantics of Linux timerfd objects as described by timerfd_create(2). |
|
tmpfs
Package tmpfs is a filesystem implementation backed by memory.
|
Package tmpfs is a filesystem implementation backed by memory. |
|
tty
Package tty provide pseudoterminals via a devpts filesystem.
|
Package tty provide pseudoterminals via a devpts filesystem. |
|
Package hostcpu provides utilities for working with CPU information provided by a host Linux kernel.
|
Package hostcpu provides utilities for working with CPU information provided by a host Linux kernel. |
|
Package inet defines semantics for IP stacks.
|
Package inet defines semantics for IP stacks. |
|
Package kernel provides an emulation of the Linux kernel.
|
Package kernel provides an emulation of the Linux kernel. |
|
auth
Package auth implements an access control model that is a subset of Linux's.
|
Package auth implements an access control model that is a subset of Linux's. |
|
epoll
Package epoll provides an implementation of Linux's IO event notification facility.
|
Package epoll provides an implementation of Linux's IO event notification facility. |
|
eventfd
Package eventfd provides an implementation of Linux's file-based event notification.
|
Package eventfd provides an implementation of Linux's file-based event notification. |
|
futex
Package futex provides an implementation of the futex interface as found in the Linux kernel.
|
Package futex provides an implementation of the futex interface as found in the Linux kernel. |
|
kdefs
Package kdefs defines common kernel definitions.
|
Package kdefs defines common kernel definitions. |
|
memevent
Package memevent implements the memory usage events controller, which periodically emits events via the eventchannel.
|
Package memevent implements the memory usage events controller, which periodically emits events via the eventchannel. |
|
pipe
Package pipe provides an in-memory implementation of a unidirectional pipe.
|
Package pipe provides an in-memory implementation of a unidirectional pipe. |
|
sched
Package sched implements scheduler related features.
|
Package sched implements scheduler related features. |
|
semaphore
Package semaphore implements System V semaphores.
|
Package semaphore implements System V semaphores. |
|
time
Package time defines the Timer type, which provides a periodic timer that works by sampling a user-provided clock.
|
Package time defines the Timer type, which provides a periodic timer that works by sampling a user-provided clock. |
|
Package limits provides resource limits.
|
Package limits provides resource limits. |
|
Package loader loads a binary into a MemoryManager.
|
Package loader loads a binary into a MemoryManager. |
|
Package memmap defines semantics for memory mappings.
|
Package memmap defines semantics for memory mappings. |
|
Package memutil contains the utility functions for memory operations.
|
Package memutil contains the utility functions for memory operations. |
|
Package mm provides a memory management subsystem.
|
Package mm provides a memory management subsystem. |
|
Package platform provides a Platform abstraction.
|
Package platform provides a Platform abstraction. |
|
filemem
Package filemem provides a reusable implementation of platform.Memory.
|
Package filemem provides a reusable implementation of platform.Memory. |
|
interrupt
Package interrupt provides an interrupt helper.
|
Package interrupt provides an interrupt helper. |
|
kvm
Package kvm provides a kvm-based implementation of the platform interface.
|
Package kvm provides a kvm-based implementation of the platform interface. |
|
kvm/testutil
Package testutil provides common assembly stubs for testing.
|
Package testutil provides common assembly stubs for testing. |
|
procid
Package procid provides a way to get the current system thread identifier.
|
Package procid provides a way to get the current system thread identifier. |
|
ptrace
Package ptrace provides a ptrace-based implementation of the platform interface.
|
Package ptrace provides a ptrace-based implementation of the platform interface. |
|
ring0
Package ring0 provides basic operating system-level stubs.
|
Package ring0 provides basic operating system-level stubs. |
|
ring0/gen_offsets
Binary gen_offsets is a helper for generating offset headers.
|
Binary gen_offsets is a helper for generating offset headers. |
|
ring0/pagetables
Package pagetables provides a generic implementation of pagetables.
|
Package pagetables provides a generic implementation of pagetables. |
|
safecopy
Package safecopy provides an efficient implementation of functions to access memory that may result in SIGSEGV or SIGBUS being sent to the accessor.
|
Package safecopy provides an efficient implementation of functions to access memory that may result in SIGSEGV or SIGBUS being sent to the accessor. |
|
Package safemem provides the Block and BlockSeq types.
|
Package safemem provides the Block and BlockSeq types. |
|
Package sighandling contains helpers for handling signals to applications.
|
Package sighandling contains helpers for handling signals to applications. |
|
Package socket provides the interfaces that need to be provided by socket implementations and providers, as well as per family demultiplexing of socket creation.
|
Package socket provides the interfaces that need to be provided by socket implementations and providers, as well as per family demultiplexing of socket creation. |
|
control
Package control provides internal representations of socket control messages.
|
Package control provides internal representations of socket control messages. |
|
epsocket
Package epsocket provides an implementation of the socket.Socket interface that is backed by a tcpip.Endpoint.
|
Package epsocket provides an implementation of the socket.Socket interface that is backed by a tcpip.Endpoint. |
|
hostinet
Package hostinet implements AF_INET and AF_INET6 sockets using the host's network stack.
|
Package hostinet implements AF_INET and AF_INET6 sockets using the host's network stack. |
|
netlink
Package netlink provides core functionality for netlink sockets.
|
Package netlink provides core functionality for netlink sockets. |
|
netlink/port
Package port provides port ID allocation for netlink sockets.
|
Package port provides port ID allocation for netlink sockets. |
|
netlink/route
Package route provides a NETLINK_ROUTE socket protocol.
|
Package route provides a NETLINK_ROUTE socket protocol. |
|
rpcinet
Package rpcinet implements sockets using an RPC for each syscall.
|
Package rpcinet implements sockets using an RPC for each syscall. |
|
rpcinet/conn
Package conn is an RPC connection to a syscall RPC server.
|
Package conn is an RPC connection to a syscall RPC server. |
|
rpcinet/notifier
Package notifier implements an FD notifier implementation over RPC.
|
Package notifier implements an FD notifier implementation over RPC. |
|
unix
Package unix provides an implementation of the socket.Socket interface for the AF_UNIX protocol family.
|
Package unix provides an implementation of the socket.Socket interface for the AF_UNIX protocol family. |
|
Package state provides high-level state wrappers.
|
Package state provides high-level state wrappers. |
|
Package strace implements the logic to print out the input and the return value of each traced syscall.
|
Package strace implements the logic to print out the input and the return value of each traced syscall. |
|
Package syscalls is the interface from the application to the kernel.
|
Package syscalls is the interface from the application to the kernel. |
|
linux
Package linux provides syscall tables for amd64 Linux.
|
Package linux provides syscall tables for amd64 Linux. |
|
Package time provides a calibrated clock synchronized to a system reference clock.
|
Package time provides a calibrated clock synchronized to a system reference clock. |
|
Package uniqueid defines context.Context keys for obtaining system-wide unique identifiers.
|
Package uniqueid defines context.Context keys for obtaining system-wide unique identifiers. |
|
Package usage provides representations of resource usage.
|
Package usage provides representations of resource usage. |
|
Package usermem governs access to user memory.
|
Package usermem governs access to user memory. |
|
Package watchdog is responsible for monitoring the sentry for tasks that may potentially be stuck or looping inderterminally causing hard to debug hungs in the untrusted app.
|
Package watchdog is responsible for monitoring the sentry for tasks that may potentially be stuck or looping inderterminally causing hard to debug hungs in the untrusted app. |
Click to show internal directories.
Click to hide internal directories.