From 44443779bc3227e7166d87663ba5af098c20e5f8 Mon Sep 17 00:00:00 2001 From: Sandboxed API Team Date: Thu, 28 Nov 2019 08:06:37 -0800 Subject: [PATCH] Internal change PiperOrigin-RevId: 282945153 Change-Id: I26d4a9d21574fad2751708fe4bb9b38ecdd8131f --- sandboxed_api/sandbox2/sandbox2.cc | 11 +++++++---- sandboxed_api/sandbox2/sandbox2.h | 7 +++++++ sandboxed_api/sandbox2/sandbox2_test.cc | 4 ++-- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/sandboxed_api/sandbox2/sandbox2.cc b/sandboxed_api/sandbox2/sandbox2.cc index 3367cbe..05c6994 100644 --- a/sandboxed_api/sandbox2/sandbox2.cc +++ b/sandboxed_api/sandbox2/sandbox2.cc @@ -21,6 +21,7 @@ #include #include "absl/memory/memory.h" +#include "absl/time/time.h" #include "sandboxed_api/sandbox2/monitor.h" #include "sandboxed_api/sandbox2/result.h" #include "sandboxed_api/util/canonical_errors.h" @@ -99,14 +100,16 @@ bool Sandbox2::IsTerminated() const { } void Sandbox2::SetWallTimeLimit(time_t limit) const { - CHECK(monitor_ != nullptr) << "Sandbox was not launched yet"; + set_walltime_limit(absl::Seconds(limit)); +} - if (limit == 0) { +void Sandbox2::set_walltime_limit(absl::Duration limit) const { + if (limit == absl::ZeroDuration()) { VLOG(1) << "Disarming walltime timer to "; monitor_->deadline_millis_.store(0, std::memory_order_relaxed); } else { - VLOG(1) << "Will set the walltime timer to " << limit << " seconds"; - auto deadline = absl::Now() + absl::Seconds(limit); + VLOG(1) << "Will set the walltime timer to " << limit; + absl::Time deadline = absl::Now() + limit; monitor_->deadline_millis_.store(absl::ToUnixMillis(deadline), std::memory_order_relaxed); } diff --git a/sandboxed_api/sandbox2/sandbox2.h b/sandboxed_api/sandbox2/sandbox2.h index a482f0b..ea18524 100644 --- a/sandboxed_api/sandbox2/sandbox2.h +++ b/sandboxed_api/sandbox2/sandbox2.h @@ -94,8 +94,15 @@ class Sandbox2 final { // This can be useful in a persistent sandbox scenario, to impose a deadline // for responses after each request and reset the deadline in between. // Sandboxed API can be used to implement persistent sandboxes. + ABSL_DEPRECATED("Use set_walltime_limit() instead") void SetWallTimeLimit(time_t limit) const; + // Sets a wall time limit on a running sandboxee, absl::ZeroDuration() to + // disarm. This can be useful in a persistent sandbox scenario, to impose a + // deadline for responses after each request and reset the deadline in + // between. Sandboxed API can be used to implement persistent sandboxes. + void set_walltime_limit(absl::Duration limit) const; + // Gets the pid inside the executor. pid_t GetPid() { if (monitor_ != nullptr) { diff --git a/sandboxed_api/sandbox2/sandbox2_test.cc b/sandboxed_api/sandbox2/sandbox2_test.cc index 70a1a94..a7e9965 100644 --- a/sandboxed_api/sandbox2/sandbox2_test.cc +++ b/sandboxed_api/sandbox2/sandbox2_test.cc @@ -150,7 +150,7 @@ TEST(RunAsyncTest, SandboxeeTimeoutWithStacktraces) { .TryBuild()); Sandbox2 sandbox(std::move(executor), std::move(policy)); ASSERT_TRUE(sandbox.RunAsync()); - sandbox.SetWallTimeLimit(1); + sandbox.set_walltime_limit(absl::Seconds(1)); auto result = sandbox.AwaitResult(); EXPECT_EQ(result.final_status(), Result::TIMEOUT); EXPECT_THAT(result.GetStackTrace(), HasSubstr("sleep")); @@ -171,7 +171,7 @@ TEST(RunAsyncTest, SandboxeeTimeoutDisabledStacktraces) { .TryBuild()); Sandbox2 sandbox(std::move(executor), std::move(policy)); ASSERT_TRUE(sandbox.RunAsync()); - sandbox.SetWallTimeLimit(1); + sandbox.set_walltime_limit(absl::Seconds(1)); auto result = sandbox.AwaitResult(); EXPECT_EQ(result.final_status(), Result::TIMEOUT); EXPECT_THAT(result.GetStackTrace(), IsEmpty());