* Populate critical paths from the ES default mute set
* Attempt to fix build on older macos
* Link ES to build SNTRuleTableTest
* Workflow test
* Use preprocessor macros to support building on older SDKs
* Add API availability
The apple_rules allow versioning using an apple_bundle_version rule that extracts elements from an embedded label. We haven't been able to use this until now because the kernel extension needed access to the version in a define.
This includes:
* All of the code in Source/santa_driver containing the kernel extension
* The SNTDriverManager event provider
* All workflows in our CI related to testing if the driver builds
* Installation of the driver in install.sh. Note that code uninstalling existing instances of the driver is still intentionally kept present.
* Kernel extension-specific build rules
* Renames SNTKernelCommon to SNTCommon
* Driver version output from santactl version
* The [SNTConfigurator EnableSystemExtension] configuration key
* Initial protobuf support, maildir logging
Fix build issues in the integration test
Deduped some test code
Formatting
Address feedback from draft PR
Removed legacy labels. Updated docs.
Add in metrics. Fix protobuf logging test.
* Now use the Any proto for the LogBatch wrapper
* Changes based on PR feedback
* Added gauge metrics for spool dir
* Formatting
* Add event time to proto
* Fix build issue after rebase
* Update BUILD rules
* Updated language around protobuf logging to mark as beta
* Add a USB device blocking popup.
* Refactor SNTNotificationManager and SNTMessageWindowController to make
for generalized notification logic
* Add the configuration keys for custom block messages and resize window
* santad: only store events if there is a sync server configured
* SNTExecutionControllerTest stub sync server
Co-authored-by: Tom Burgin <bur@chromium.org>
* USB mass storage blocking.
* Add the sync service and config key for enabling mass USB storage blocking
* Update docs with the sync service key
* Add ability to forcibly remount USBs with different flags
* update EndpointSecurityTestUtil and tests that use it to properly handle multiple ES clients
Remove the check for export metrics in santad
Metrics are always collected but only exported to a monitoring system when all of the necessary config options are set. Since they're always collected santactl metrics should always return metrics data.
* sync: move sync code from santactl dir to santasyncservice dir
* clang-format
* fix tests
* s/SNTCommandSync/SNTSync
* s/SNTCommandSync/SNTSync on content
