EmbedFile: Reopen memfds as readonly to workaround problems with CRIU

CRIU while restoring memfd sometimes reopens them, which might result in ETXTBUSY on execveat. PiperOrigin-RevId: 553114741 Change-Id: I11ee7aabe48a2853a8921a270c6cdcc70b50a518
2024-03-22 13:11:30 +08:00 · 2023-08-02 05:27:05 -07:00 · 2023-08-02 05:27:05 -07:00 · 1c960e8389
commit 1c960e8389
parent eaa175c8d2
4 changed files with 15 additions and 15 deletions
--- a/sandboxed_api/BUILD.bazel
+++ b/sandboxed_api/BUILD.bazel
@ -47,7 +47,6 @@ cc_library(
        "//sandboxed_api/sandbox2:util",
        "//sandboxed_api/util:fileops",
        "//sandboxed_api/util:raw_logging",
-        "//sandboxed_api/util:strerror",
        "@com_google_absl//absl/container:flat_hash_map",
        "@com_google_absl//absl/strings",
        "@com_google_absl//absl/synchronization",
--- a/sandboxed_api/CMakeLists.txt
+++ b/sandboxed_api/CMakeLists.txt
@ -52,18 +52,13 @@ add_library(sapi_embed_file ${SAPI_LIB_TYPE}
 )
 add_library(sapi::embed_file ALIAS sapi_embed_file)
 target_link_libraries(sapi_embed_file
-  PRIVATE absl::flat_hash_map
-          absl::status
-          absl::statusor
-          absl::strings
-          absl::synchronization
-          sapi::fileops
-          sapi::strerror
+  PRIVATE absl::strings
          sandbox2::util
          sapi::base
+          sapi::fileops
          sapi::raw_logging
-          sapi::status
-  PUBLIC absl::log
+  PUBLIC absl::flat_hash_map
+         absl::synchronization
 )

 # sandboxed_api:sapi
--- a/sandboxed_api/embed_file.cc
+++ b/sandboxed_api/embed_file.cc
@ -20,11 +20,10 @@
 #include <sys/types.h>
 #include <unistd.h>

-#include "absl/strings/string_view.h"
+#include "absl/strings/str_cat.h"
 #include "sandboxed_api/sandbox2/util.h"
 #include "sandboxed_api/util/fileops.h"
 #include "sandboxed_api/util/raw_logging.h"
-#include "sandboxed_api/util/strerror.h"

 namespace sapi {

@ -64,7 +63,16 @@ int EmbedFile::CreateFdForFileToc(const FileToc* toc) {
  // mm/memfd.c). Since fsync() is a no-op on memfds, it doesn't help to
  // ameliorate the problem.

-  return embed_fd.Release();
+  // Instead of working around problems with CRIU we reopen the file as
+  // read-only.
+  fd = open(absl::StrCat("/proc/", getpid(), "/fd/", embed_fd.get()).c_str(),
+            O_RDONLY | O_CLOEXEC);
+  if (fd == -1) {
+    SAPI_RAW_PLOG(ERROR, "Couldn't reopen '%d' read-only through /proc",
+                  embed_fd.get());
+    return -1;
+  }
+  return fd;
 }

 int EmbedFile::GetFdForFileToc(const FileToc* toc) {
--- a/sandboxed_api/embed_file.h
+++ b/sandboxed_api/embed_file.h
@ -15,8 +15,6 @@
 #ifndef SANDBOXED_API_EMBED_FILE_H_
 #define SANDBOXED_API_EMBED_FILE_H_

-#include <vector>
-
 #include "sandboxed_api/file_toc.h"
 #include "absl/container/flat_hash_map.h"
 #include "absl/synchronization/mutex.h"