Add helper to make declaring unit tests easier
Add unit_tests test_suite containing all unit tests
Fix reload rule
Update to workspace-relative header locations that were missed before
Project: Convert to bazel, part 2
The main thing to call out in this PR is that Santa.app is now embedded inside santa-driver.kext along with everything else. The package will handle updating this automatically but it should be called out in release notes to make everyone aware.
* Switch to using macos_kernel_extension and macos_xpc_service, stop using product_type.
* Have Bazel embed all related binaries inside santa-driver.kext, including Santa.app. This simplifies the :release and :reload rules.
* Add commands for unload, load and reload, removing any need to keep the Rakefile around 😃
* Make the :kernel_tests rule a command that replicates what the Rakefile did for this.
* Added a project-wide .bazelrc that always generates dSYMs
Documentation changes to follow, as all the building instructions are now out of date.
This necessitated fixing some warnings, updating the resource
locations inside some tests and updating the Travis config.
I'll send a follow-up PR shortly that adds the fuzzing targets and updates the Rakefile and documentation.
* SantaPrefixTree: Fix a threading bug.
Tests: Add logic tests for SantaPrefixTree.
* clean up
* don't ifdef so much
* more #define less #ifdef
* less lambda more of rah's ideas
* add in-kernel filemod prefix filter
* byte lookup
* added pruning and tests
* clang-format
* add TODO
* don't need seen
* review updates
* reset filter on client connect
* DisconnectClient: reset filter
AddPrefix: when a branch is needed create the whole branch immediately
* don't use strlen in HasPrefix
use strnlen in AddPrefix
up max nodes to 1024
* use new[] and delete[] for the prune "stack"
revert clang-format changes to kernel tests
remove reset node count
* words
* count not size
Add transitive whitelisting.
Binaries may be identified with WHITELIST_COMPILER rules. Any executable they output will then be marked locally with a transitive whitelist rule and allowed to run if the TransitiveWhitelistingEnabled config key is true.
* santa-driver: Fix documentation warnings
* SantaCache: Fix documentation warnings
* santactl: Always make sure that the syncserver JSON is a dictionary
The new CMake project allows the user to select which SDK version
to use. The Xcode path is also configurable to support non-standard
installation paths and/or systems with multiple versions installed.
Code signing can now be configured via command line, using the
CODESIGN_IDENTITY environment variable.
New fuzzing targets (libFuzzer)
- SantaCache
- santactl
- santad
New make targets:
- tests: Runs the tests
- fuzz: Runs the fuzzer
- redist: Regenerates the redistributable folder
- install: Installs Santa
This change does 2 major things:
1) Makes the test runnable from within Xcode, unloading any running
santad and santa-driver, loading the just-built driver from the same folder and
then running each test.
2) Makes each test responsible for declaring what should happen to
incoming requests from the driver, instead of keeping all of that
code near the top of the file. This makes each test much clearer in what
should be happening.
santa-driver: Switch to a struct for vnode IDs, holding both the filesystem ID and vnode ID.
Also drop the separate caches for root/non-root as this doesn't offer any benefit anymore.
* SantaCache: Add santactl command to print histogram of bucket distribution.
This currently only prints the distribution of the non-root cache. In the near future I'll unify the caches again which stops this being a problem.
* First draft, no UUID caching
* Cache UUID in SNTEventLog super class
* Add a configuration flag for UUID decoration
* Port from UUID to MachineID
* KVO complicance
* Remove extra newline I accidentally introduced
* Project: Update project to Xcode 9.1 and handle all the new warnings that entails.
* Project: Add library-validation and kill flags to codesigning options
