Allow stack trace collection when namespaces are disabled, if sandbox_libunwind_crash_handler==false.

PiperOrigin-RevId: 288267119 Change-Id: I5fce1b28521d3d685186717f153f20fb498c94e2
2024-03-22 13:11:30 +08:00 · 2020-01-06 02:33:25 -08:00 · 2020-01-06 02:33:25 -08:00 · 3e442b252c
commit 3e442b252c
parent aea1ecd58d
1 changed files with 7 additions and 2 deletions
--- a/sandboxed_api/sandbox2/monitor.cc
+++ b/sandboxed_api/sandbox2/monitor.cc
@ -69,6 +69,7 @@ ABSL_FLAG(bool, sandbox2_report_on_sandboxee_timeout, true,
          "Report sandbox2 sandboxee timeouts");

 ABSL_DECLARE_FLAG(bool, sandbox2_danger_danger_permit_all);
+ABSL_DECLARE_FLAG(bool, sandbox_libunwind_crash_handler);
 ABSL_DECLARE_FLAG(string, sandbox2_danger_danger_permit_all_and_log);

 namespace sandbox2 {
@ -275,7 +276,9 @@ bool Monitor::ShouldCollectStackTrace() {
  // Only get the stacktrace if we are not in the libunwind sandbox (avoid
  // recursion).
  bool stacktrace_collection_possible =
-      policy_->GetNamespace() && executor_->libunwind_sbox_for_pid_ == 0;
+      (policy_->GetNamespace() ||
+       absl::GetFlag(FLAGS_sandbox_libunwind_crash_handler) == false) &&
+      executor_->libunwind_sbox_for_pid_ == 0;
  if (!stacktrace_collection_possible) {
    LOG(ERROR) << "Cannot collect stack trace. Unwind pid "
               << executor_->libunwind_sbox_for_pid_ << ", namespace "
@ -302,8 +305,10 @@ void Monitor::SetAdditionalResultInfo(std::unique_ptr<Regs> regs) {
  result_.SetProgName(util::GetProgName(pid));
  result_.SetProcMaps(ReadProcMaps(pid_));
  if (ShouldCollectStackTrace()) {
+    auto* ns = policy_->GetNamespace();
+    const Mounts empty_mounts;
    result_.SetStackTrace(
-        GetStackTrace(result_.GetRegs(), policy_->GetNamespace()->mounts()));
+        GetStackTrace(result_.GetRegs(), ns ? ns->mounts() : empty_mounts));
    LOG(INFO) << "Stack trace: " << result_.GetStackTrace();
  } else {
    LOG(INFO) << "Stack traces have been disabled";