1*ec63e07aSXin Li // Copyright 2019 Google LLC
2*ec63e07aSXin Li //
3*ec63e07aSXin Li // Licensed under the Apache License, Version 2.0 (the "License");
4*ec63e07aSXin Li // you may not use this file except in compliance with the License.
5*ec63e07aSXin Li // You may obtain a copy of the License at
6*ec63e07aSXin Li //
7*ec63e07aSXin Li // https://www.apache.org/licenses/LICENSE-2.0
8*ec63e07aSXin Li //
9*ec63e07aSXin Li // Unless required by applicable law or agreed to in writing, software
10*ec63e07aSXin Li // distributed under the License is distributed on an "AS IS" BASIS,
11*ec63e07aSXin Li // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12*ec63e07aSXin Li // See the License for the specific language governing permissions and
13*ec63e07aSXin Li // limitations under the License.
14*ec63e07aSXin Li
15*ec63e07aSXin Li // Implementation file for the sandbox2::Sandbox class.
16*ec63e07aSXin Li
17*ec63e07aSXin Li #include "sandboxed_api/sandbox2/sandbox2.h"
18*ec63e07aSXin Li
19*ec63e07aSXin Li #include <memory>
20*ec63e07aSXin Li #include <utility>
21*ec63e07aSXin Li
22*ec63e07aSXin Li #include "absl/base/call_once.h"
23*ec63e07aSXin Li #include "absl/log/check.h"
24*ec63e07aSXin Li #include "absl/log/log.h"
25*ec63e07aSXin Li #include "absl/status/status.h"
26*ec63e07aSXin Li #include "absl/status/statusor.h"
27*ec63e07aSXin Li #include "absl/time/time.h"
28*ec63e07aSXin Li #include "sandboxed_api/sandbox2/monitor_base.h"
29*ec63e07aSXin Li #include "sandboxed_api/sandbox2/monitor_ptrace.h"
30*ec63e07aSXin Li #include "sandboxed_api/sandbox2/monitor_unotify.h"
31*ec63e07aSXin Li #include "sandboxed_api/sandbox2/result.h"
32*ec63e07aSXin Li #include "sandboxed_api/sandbox2/stack_trace.h"
33*ec63e07aSXin Li
34*ec63e07aSXin Li namespace sandbox2 {
35*ec63e07aSXin Li
36*ec63e07aSXin Li namespace {
37*ec63e07aSXin Li
38*ec63e07aSXin Li class Sandbox2Peer : public internal::SandboxPeer {
39*ec63e07aSXin Li public:
Spawn(std::unique_ptr<Executor> executor,std::unique_ptr<Policy> policy)40*ec63e07aSXin Li static std::unique_ptr<SandboxPeer> Spawn(std::unique_ptr<Executor> executor,
41*ec63e07aSXin Li std::unique_ptr<Policy> policy) {
42*ec63e07aSXin Li return std::make_unique<Sandbox2Peer>(std::move(executor),
43*ec63e07aSXin Li std::move(policy));
44*ec63e07aSXin Li }
45*ec63e07aSXin Li
Sandbox2Peer(std::unique_ptr<Executor> executor,std::unique_ptr<Policy> policy)46*ec63e07aSXin Li Sandbox2Peer(std::unique_ptr<Executor> executor,
47*ec63e07aSXin Li std::unique_ptr<Policy> policy)
48*ec63e07aSXin Li : sandbox_(std::move(executor), std::move(policy)) {
49*ec63e07aSXin Li sandbox_.RunAsync();
50*ec63e07aSXin Li }
51*ec63e07aSXin Li
comms()52*ec63e07aSXin Li Comms* comms() override { return sandbox_.comms(); }
Kill()53*ec63e07aSXin Li void Kill() override { sandbox_.Kill(); }
AwaitResult()54*ec63e07aSXin Li Result AwaitResult() override { return sandbox_.AwaitResult(); }
55*ec63e07aSXin Li
56*ec63e07aSXin Li private:
57*ec63e07aSXin Li Sandbox2 sandbox_;
58*ec63e07aSXin Li };
59*ec63e07aSXin Li
60*ec63e07aSXin Li } // namespace
61*ec63e07aSXin Li
AwaitResultWithTimeout(absl::Duration timeout)62*ec63e07aSXin Li absl::StatusOr<Result> Sandbox2::AwaitResultWithTimeout(
63*ec63e07aSXin Li absl::Duration timeout) {
64*ec63e07aSXin Li CHECK(monitor_ != nullptr) << "Sandbox was not launched yet";
65*ec63e07aSXin Li return monitor_->AwaitResultWithTimeout(timeout);
66*ec63e07aSXin Li }
67*ec63e07aSXin Li
AwaitResult()68*ec63e07aSXin Li Result Sandbox2::AwaitResult() {
69*ec63e07aSXin Li return AwaitResultWithTimeout(absl::InfiniteDuration()).value();
70*ec63e07aSXin Li }
71*ec63e07aSXin Li
RunAsync()72*ec63e07aSXin Li bool Sandbox2::RunAsync() {
73*ec63e07aSXin Li CHECK(monitor_ == nullptr) << "Sandbox was launched already";
74*ec63e07aSXin Li Launch();
75*ec63e07aSXin Li
76*ec63e07aSXin Li // If the sandboxee setup failed we return 'false' here.
77*ec63e07aSXin Li if (monitor_->IsDone() &&
78*ec63e07aSXin Li monitor_->result().final_status() == Result::SETUP_ERROR) {
79*ec63e07aSXin Li return false;
80*ec63e07aSXin Li }
81*ec63e07aSXin Li return true;
82*ec63e07aSXin Li }
83*ec63e07aSXin Li
Kill()84*ec63e07aSXin Li void Sandbox2::Kill() {
85*ec63e07aSXin Li CHECK(monitor_ != nullptr) << "Sandbox was not launched yet";
86*ec63e07aSXin Li monitor_->Kill();
87*ec63e07aSXin Li }
88*ec63e07aSXin Li
DumpStackTrace()89*ec63e07aSXin Li void Sandbox2::DumpStackTrace() {
90*ec63e07aSXin Li CHECK(monitor_ != nullptr) << "Sandbox was not launched yet";
91*ec63e07aSXin Li monitor_->DumpStackTrace();
92*ec63e07aSXin Li }
93*ec63e07aSXin Li
IsTerminated() const94*ec63e07aSXin Li bool Sandbox2::IsTerminated() const {
95*ec63e07aSXin Li CHECK(monitor_ != nullptr) << "Sandbox was not launched yet";
96*ec63e07aSXin Li return monitor_->IsDone();
97*ec63e07aSXin Li }
98*ec63e07aSXin Li
set_walltime_limit(absl::Duration limit) const99*ec63e07aSXin Li void Sandbox2::set_walltime_limit(absl::Duration limit) const {
100*ec63e07aSXin Li CHECK(monitor_ != nullptr) << "Sandbox was not launched yet";
101*ec63e07aSXin Li monitor_->SetWallTimeLimit(limit);
102*ec63e07aSXin Li }
103*ec63e07aSXin Li
Launch()104*ec63e07aSXin Li void Sandbox2::Launch() {
105*ec63e07aSXin Li static absl::once_flag init_sandbox_peer_flag;
106*ec63e07aSXin Li absl::call_once(init_sandbox_peer_flag, []() {
107*ec63e07aSXin Li internal::SandboxPeer::spawn_fn_ = Sandbox2Peer::Spawn;
108*ec63e07aSXin Li });
109*ec63e07aSXin Li
110*ec63e07aSXin Li // This is a technical limitation in our stack trace collection
111*ec63e07aSXin Li // functionality.
112*ec63e07aSXin Li LOG_IF(WARNING, !policy_->GetNamespace())
113*ec63e07aSXin Li << "Using policy without namespaces, disabling stack traces on crash";
114*ec63e07aSXin Li
115*ec63e07aSXin Li monitor_ = CreateMonitor();
116*ec63e07aSXin Li monitor_->Launch();
117*ec63e07aSXin Li }
118*ec63e07aSXin Li
EnableUnotifyMonitor()119*ec63e07aSXin Li absl::Status Sandbox2::EnableUnotifyMonitor() {
120*ec63e07aSXin Li if (notify_) {
121*ec63e07aSXin Li LOG(WARNING) << "Running UnotifyMonitor with sandbox2::Notify is not fully "
122*ec63e07aSXin Li "supported. Runtime syscall decisions via "
123*ec63e07aSXin Li "EventSyscallTrap/EventSyscallTrace, notifications about "
124*ec63e07aSXin Li "signals via EventSignal will not work";
125*ec63e07aSXin Li }
126*ec63e07aSXin Li if (!policy_->GetNamespace()) {
127*ec63e07aSXin Li return absl::FailedPreconditionError(
128*ec63e07aSXin Li "Unotify monitor can only be used together with namespaces");
129*ec63e07aSXin Li }
130*ec63e07aSXin Li if (policy_->collect_stacktrace_on_signal()) {
131*ec63e07aSXin Li return absl::FailedPreconditionError(
132*ec63e07aSXin Li "Unotify monitor cannot collect stack traces on signal");
133*ec63e07aSXin Li }
134*ec63e07aSXin Li
135*ec63e07aSXin Li if (policy_->collect_stacktrace_on_exit()) {
136*ec63e07aSXin Li return absl::FailedPreconditionError(
137*ec63e07aSXin Li "Unotify monitor cannot collect stack traces on normal exit");
138*ec63e07aSXin Li }
139*ec63e07aSXin Li use_unotify_monitor_ = true;
140*ec63e07aSXin Li return absl::OkStatus();
141*ec63e07aSXin Li }
142*ec63e07aSXin Li
CreateMonitor()143*ec63e07aSXin Li std::unique_ptr<MonitorBase> Sandbox2::CreateMonitor() {
144*ec63e07aSXin Li if (!notify_) {
145*ec63e07aSXin Li notify_ = std::make_unique<Notify>();
146*ec63e07aSXin Li }
147*ec63e07aSXin Li if (use_unotify_monitor_) {
148*ec63e07aSXin Li return std::make_unique<UnotifyMonitor>(executor_.get(), policy_.get(),
149*ec63e07aSXin Li notify_.get());
150*ec63e07aSXin Li }
151*ec63e07aSXin Li return std::make_unique<PtraceMonitor>(executor_.get(), policy_.get(),
152*ec63e07aSXin Li notify_.get());
153*ec63e07aSXin Li }
154*ec63e07aSXin Li
155*ec63e07aSXin Li } // namespace sandbox2
156