Skip to content

[llvm][clang] Sandbox filesystem reads #162151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 20 commits into
base: main
Choose a base branch
from
Draft

[llvm][clang] Sandbox filesystem reads #162151

wants to merge 20 commits into from

Conversation

@jansvoboda11
Copy link
Contributor

This PR introduces a new mechanism for enforcing a sandbox of filesystem reads from the compiler. A fatal error is raised whenever the llvm::sys::fs APIs get used directly instead of going through the blessed virtual interface of llvm::vfs::FileSystem.

@github-actions
Copy link

github-actions bot commented Oct 15, 2025
edited
Loading

⚠️ C/C++ code linter clang-tidy found issues in your code. ⚠️

You can test this locally with the following command: 
git diff -U0 origin/main...HEAD -- clang-tools-extra/clang-tidy/llvm/IOSandboxCheck.cpp clang-tools-extra/clang-tidy/llvm/IOSandboxCheck.h clang-tools-extra/clang-tidy/llvm/LLVMTidyModule.cpp |
python3 clang-tools-extra/clang-tidy/tool/clang-tidy-diff.py \
  -path build -p1 -quiet
View the output from clang-tidy here. 

clang-tools-extra/clang-tidy/llvm/IOSandboxCheck.h:7:9: warning: header guard does not follow preferred style [llvm-header-guard]
    7 | #ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_IOSANDBOXCHECK_H
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      |         LLVM_IOSANDBOXCHECK_H
    8 | #define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_IOSANDBOXCHECK_H
      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      |         LLVM_IOSANDBOXCHECK_H

@jansvoboda11
[llvm][clang] Sandbox IO operations (infrastructure)
0e29083
@jansvoboda11
[llvm][clang] Sandbox IO operations (getting vfs::RealFileSystem)
be3530f
@jansvoboda11
[llvm][clang] Sandbox IO operations (read, pread)
9c944d6
@jansvoboda11
[llvm][clang] Sandbox IO operations (mmap)
4a28775
@jansvoboda11
[llvm][clang] Sandbox IO operations (readdir)
1b01782
@jansvoboda11
[llvm][clang] Sandbox IO operations (stat, lstat, fstat)
85f9ca6
@jansvoboda11
[llvm][clang] Sandbox IO operations (getcwd)
637ff5e
@jansvoboda11
[llvm][clang] Sandbox IO operations (realpath)
54de166
@jansvoboda11
[llvm][clang] Sandbox IO operations (readlink)
84e59fa
@jansvoboda11
[llvm][clang] Sandbox IO operations (access)
175f70e
@jansvoboda11
Rename, re-layer, add build setting
17ca1e0
@jansvoboda11
[[maybe_unused]], proper CMake flag setup
5ac2edd
@jansvoboda11
noexcept
0792e51
@jansvoboda11
MSVC noexcept(X) workaround
f5fb3fd
@jansvoboda11
Initial version of a clang-tidy check
5d6acd9
@jansvoboda11
AsmPrinter + BTFDebug
26abcee
@jansvoboda11
Proper sandbox
64820bd
@jansvoboda11
Sanitizers
36094dc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jansvoboda11