From 68eaa815ce240b4e9a999a8eed4cf9fed0f59ad0 Mon Sep 17 00:00:00 2001 From: Oliver Kunz Date: Mon, 14 Mar 2022 05:14:41 -0700 Subject: [PATCH] Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto PiperOrigin-RevId: 434435260 Change-Id: Ie4cfe04bf1a9357e63b6159c3d5a8b95388b5292 --- sandboxed_api/sandbox2/BUILD.bazel | 14 +++++----- sandboxed_api/sandbox2/CMakeLists.txt | 28 +++++++++---------- sandboxed_api/sandbox2/forkserver.proto | 2 +- .../{mounttree.proto => mount_tree.proto} | 14 +++++----- sandboxed_api/sandbox2/mounts.cc | 20 ++++++------- sandboxed_api/sandbox2/mounts.h | 8 +++--- sandboxed_api/sandbox2/mounts_test.cc | 12 ++++---- sandboxed_api/sandbox2/violation.proto | 2 +- 8 files changed, 50 insertions(+), 50 deletions(-) rename sandboxed_api/sandbox2/{mounttree.proto => mount_tree.proto} (88%) diff --git a/sandboxed_api/sandbox2/BUILD.bazel b/sandboxed_api/sandbox2/BUILD.bazel index 40ecfa5..fb27b8b 100644 --- a/sandboxed_api/sandbox2/BUILD.bazel +++ b/sandboxed_api/sandbox2/BUILD.bazel @@ -472,7 +472,7 @@ cc_library( hdrs = ["mounts.h"], copts = sapi_platform_copts(), deps = [ - ":mounttree_cc_proto", + ":mount_tree_cc_proto", "//sandboxed_api:config", "//sandboxed_api/sandbox2/util:minielf", "//sandboxed_api/util:file_base", @@ -495,8 +495,8 @@ cc_test( copts = sapi_platform_copts(), data = ["//sandboxed_api/sandbox2/testcases:minimal_dynamic"], deps = [ + ":mount_tree_cc_proto", ":mounts", - ":mounttree_cc_proto", "//sandboxed_api:testing", "//sandboxed_api/util:file_base", "//sandboxed_api/util:file_helpers", @@ -513,8 +513,8 @@ cc_library( hdrs = ["namespace.h"], copts = sapi_platform_copts(), deps = [ + ":mount_tree_cc_proto", ":mounts", - ":mounttree_cc_proto", ":util", ":violation_cc_proto", "//sandboxed_api/util:file_base", @@ -630,12 +630,12 @@ sapi_proto_library( name = "forkserver_proto", srcs = ["forkserver.proto"], copts = sapi_platform_copts(), - deps = [":mounttree_proto"], + deps = [":mount_tree_proto"], ) sapi_proto_library( - name = "mounttree_proto", - srcs = ["mounttree.proto"], + name = "mount_tree_proto", + srcs = ["mount_tree.proto"], ) cc_library( @@ -886,7 +886,7 @@ cc_library( sapi_proto_library( name = "violation_proto", srcs = ["violation.proto"], - deps = [":mounttree_proto"], + deps = [":mount_tree_proto"], ) cc_test( diff --git a/sandboxed_api/sandbox2/CMakeLists.txt b/sandboxed_api/sandbox2/CMakeLists.txt index c17d5a3..0a0e441 100644 --- a/sandboxed_api/sandbox2/CMakeLists.txt +++ b/sandboxed_api/sandbox2/CMakeLists.txt @@ -336,7 +336,7 @@ target_link_libraries(sandbox2_sandbox2 sandbox2::limits sandbox2::logsink sandbox2::mounts - sandbox2::mounttree_proto + sandbox2::mount_tree_proto sandbox2::namespace sandbox2::network_proxy_client sandbox2::network_proxy_server @@ -461,7 +461,7 @@ target_link_libraries(sandbox2_mounts absl::status absl::statusor absl::strings - sandbox2::mounttree_proto + sandbox2::mount_tree_proto ) # sandboxed_api/sandbox2:namespace @@ -479,7 +479,7 @@ target_link_libraries(sandbox2_namespace PRIVATE sapi::file_base sapi::fileops sandbox2::mounts - sandbox2::mounttree_proto + sandbox2::mount_tree_proto sapi::strerror sandbox2::util sandbox2::violation_proto @@ -560,20 +560,20 @@ add_library(sandbox2_forkserver_proto ${SAPI_LIB_TYPE} add_library(sandbox2::forkserver_proto ALIAS sandbox2_forkserver_proto) target_link_libraries(sandbox2_forkserver_proto PRIVATE protobuf::libprotobuf - sandbox2::mounttree_proto + sandbox2::mount_tree_proto sapi::base ) -# sandboxed_api/sandbox2:mounttree_proto -sapi_protobuf_generate_cpp(_sandbox2_mounttree_pb_h _sandbox2_mounttree_pb_cc - mounttree.proto +# sandboxed_api/sandbox2:mount_tree_proto +sapi_protobuf_generate_cpp(_sandbox2_mount_tree_pb_h _sandbox2_mount_tree_pb_cc + mount_tree.proto ) -add_library(sandbox2_mounttree_proto ${SAPI_LIB_TYPE} - ${_sandbox2_mounttree_pb_cc} - ${_sandbox2_mounttree_pb_h} +add_library(sandbox2_mount_tree_proto ${SAPI_LIB_TYPE} + ${_sandbox2_mount_tree_pb_cc} + ${_sandbox2_mount_tree_pb_h} ) -add_library(sandbox2::mounttree_proto ALIAS sandbox2_mounttree_proto) -target_link_libraries(sandbox2_mounttree_proto PRIVATE +add_library(sandbox2::mount_tree_proto ALIAS sandbox2_mount_tree_proto) +target_link_libraries(sandbox2_mount_tree_proto PRIVATE protobuf::libprotobuf sapi::base ) @@ -613,7 +613,7 @@ add_library(sandbox2_violation_proto ${SAPI_LIB_TYPE} add_library(sandbox2::violation_proto ALIAS sandbox2_violation_proto) target_link_libraries(sandbox2_violation_proto PRIVATE protobuf::libprotobuf - sandbox2::mounttree_proto + sandbox2::mount_tree_proto sapi::base ) @@ -668,7 +668,7 @@ if(SAPI_ENABLE_TESTS) absl::strings sapi::file_base sandbox2::mounts - sandbox2::mounttree_proto + sandbox2::mount_tree_proto sapi::temp_file sapi::testing sapi::status_matchers diff --git a/sandboxed_api/sandbox2/forkserver.proto b/sandboxed_api/sandbox2/forkserver.proto index 8f1ecbd..cc751d4 100644 --- a/sandboxed_api/sandbox2/forkserver.proto +++ b/sandboxed_api/sandbox2/forkserver.proto @@ -18,7 +18,7 @@ syntax = "proto2"; package sandbox2; -import "sandboxed_api/sandbox2/mounttree.proto"; +import "sandboxed_api/sandbox2/mount_tree.proto"; enum Mode { // Fork, execve and sandbox diff --git a/sandboxed_api/sandbox2/mounttree.proto b/sandboxed_api/sandbox2/mount_tree.proto similarity index 88% rename from sandboxed_api/sandbox2/mounttree.proto rename to sandboxed_api/sandbox2/mount_tree.proto index 47c8100..64fc811 100644 --- a/sandboxed_api/sandbox2/mounttree.proto +++ b/sandboxed_api/sandbox2/mount_tree.proto @@ -14,7 +14,7 @@ // A proto for serializing the sandbox2::MountTree class -syntax = "proto2"; +syntax = "proto3"; package sandbox2; @@ -26,24 +26,24 @@ message MountTree { // FileNode represents a bind mount for a regular file using "outside" as the // source. message FileNode { - required string outside = 2; - required bool is_ro = 3; + optional string outside = 2; + optional bool writable = 3; } // DirNode is like FileNode but for directories. message DirNode { - required string outside = 2; - required bool is_ro = 3; + optional string outside = 2; + optional bool writable = 3; } // TmpfsNode mounts a tmpfs with given options. message TmpfsNode { - required string tmpfs_options = 1; + optional string tmpfs_options = 1; } // RootNode is as special node for root of the MountTree message RootNode { - required bool is_ro = 3; + optional bool writable = 3; } message Node { diff --git a/sandboxed_api/sandbox2/mounts.cc b/sandboxed_api/sandbox2/mounts.cc index a74bc8f..3b6fc95 100644 --- a/sandboxed_api/sandbox2/mounts.cc +++ b/sandboxed_api/sandbox2/mounts.cc @@ -37,7 +37,7 @@ #include "absl/strings/string_view.h" #include "absl/strings/strip.h" #include "sandboxed_api/config.h" -#include "sandboxed_api/sandbox2/mounttree.pb.h" +#include "sandboxed_api/sandbox2/mount_tree.pb.h" #include "sandboxed_api/sandbox2/util/minielf.h" #include "sandboxed_api/util/fileops.h" #include "sandboxed_api/util/path.h" @@ -155,16 +155,16 @@ bool IsEquivalentNode(const MountTree::Node& n1, const MountTree::Node& n2) { switch (n1.node_case()) { case MountTree::Node::kFileNode: // Check whether files are the same (e.g. symlinks / hardlinks) - return n1.file_node().is_ro() == n2.file_node().is_ro() && + return n1.file_node().writable() == n2.file_node().writable() && IsSameFile(n1.file_node().outside(), n2.file_node().outside()); case MountTree::Node::kDirNode: // Check whether dirs are the same (e.g. symlinks / hardlinks) - return n1.dir_node().is_ro() == n2.dir_node().is_ro() && + return n1.dir_node().writable() == n2.dir_node().writable() && IsSameFile(n1.dir_node().outside(), n2.dir_node().outside()); case MountTree::Node::kTmpfsNode: return n1.tmpfs_node().tmpfs_options() == n2.tmpfs_node().tmpfs_options(); case MountTree::Node::kRootNode: - return n1.root_node().is_ro() == n2.root_node().is_ro(); + return n1.root_node().writable() == n2.root_node().writable(); default: return false; } @@ -263,7 +263,7 @@ absl::Status Mounts::AddFileAt(absl::string_view outside, MountTree::Node node; auto* file_node = node.mutable_file_node(); file_node->set_outside(std::string(outside)); - file_node->set_is_ro(is_ro); + file_node->set_writable(!is_ro); return Insert(inside, node); } @@ -272,7 +272,7 @@ absl::Status Mounts::AddDirectoryAt(absl::string_view outside, MountTree::Node node; auto dir_node = node.mutable_dir_node(); dir_node->set_outside(std::string(outside)); - dir_node->set_is_ro(is_ro); + dir_node->set_writable(!is_ro); return Insert(inside, node); } @@ -628,7 +628,7 @@ void CreateMounts(const MountTree& tree, const std::string& path, auto node = tree.node().dir_node(); MountWithDefaults(node.outside(), path, "", MS_BIND, nullptr, - node.is_ro()); + !node.writable()); break; } case MountTree::Node::kTmpfsNode: { @@ -643,7 +643,7 @@ void CreateMounts(const MountTree& tree, const std::string& path, case MountTree::Node::kFileNode: { auto node = tree.node().file_node(); MountWithDefaults(node.outside(), path, "", MS_BIND, nullptr, - node.is_ro()); + !node.writable()); // A file node has to be a leaf so we can skip traversing here. return; @@ -676,11 +676,11 @@ void RecursivelyListMountsImpl(const MountTree& tree, std::vector* inside_entries) { const MountTree::Node& node = tree.node(); if (node.has_dir_node()) { - const char* rw_str = node.dir_node().is_ro() ? "R " : "W "; + const char* rw_str = node.dir_node().writable() ? "W " : "R "; inside_entries->emplace_back(absl::StrCat(rw_str, tree_path, "/")); outside_entries->emplace_back(absl::StrCat(node.dir_node().outside(), "/")); } else if (node.has_file_node()) { - const char* rw_str = node.file_node().is_ro() ? "R " : "W "; + const char* rw_str = node.file_node().writable() ? "W " : "R "; inside_entries->emplace_back(absl::StrCat(rw_str, tree_path)); outside_entries->emplace_back(absl::StrCat(node.file_node().outside())); } else if (node.has_tmpfs_node()) { diff --git a/sandboxed_api/sandbox2/mounts.h b/sandboxed_api/sandbox2/mounts.h index 079745e..cabff64 100644 --- a/sandboxed_api/sandbox2/mounts.h +++ b/sandboxed_api/sandbox2/mounts.h @@ -22,7 +22,7 @@ #include "absl/status/status.h" #include "absl/status/statusor.h" #include "absl/strings/string_view.h" -#include "sandboxed_api/sandbox2/mounttree.pb.h" +#include "sandboxed_api/sandbox2/mount_tree.pb.h" namespace sandbox2 { @@ -36,7 +36,7 @@ class Mounts { public: Mounts() { MountTree::Node root; - root.mutable_root_node()->set_is_ro(true); + root.mutable_root_node()->set_writable(false); *mount_tree_.mutable_node() = root; } @@ -65,12 +65,12 @@ class Mounts { MountTree GetMountTree() const { return mount_tree_; } void SetRootWritable() { - mount_tree_.mutable_node()->mutable_root_node()->set_is_ro(false); + mount_tree_.mutable_node()->mutable_root_node()->set_writable(true); } bool IsRootReadOnly() const { return mount_tree_.has_node() && mount_tree_.node().has_root_node() && - mount_tree_.node().root_node().is_ro(); + !mount_tree_.node().root_node().writable(); } // Lists the outside and inside entries of the input tree in the output diff --git a/sandboxed_api/sandbox2/mounts_test.cc b/sandboxed_api/sandbox2/mounts_test.cc index 4587996..e31df76 100644 --- a/sandboxed_api/sandbox2/mounts_test.cc +++ b/sandboxed_api/sandbox2/mounts_test.cc @@ -247,25 +247,25 @@ TEST(MountTreeTest, TestList) { TEST(MountTreeTest, TestNodeEquivalence) { MountTree::Node nodes[8]; MountTree::FileNode* fn0 = nodes[0].mutable_file_node(); - fn0->set_is_ro(true); + fn0->set_writable(false); fn0->set_outside("foo"); MountTree::FileNode* fn1 = nodes[1].mutable_file_node(); - fn1->set_is_ro(true); + fn1->set_writable(false); fn1->set_outside("bar"); MountTree::DirNode* dn0 = nodes[2].mutable_dir_node(); - dn0->set_is_ro(true); + dn0->set_writable(false); dn0->set_outside("foo"); MountTree::DirNode* dn1 = nodes[3].mutable_dir_node(); - dn1->set_is_ro(true); + dn1->set_writable(false); dn1->set_outside("bar"); MountTree::TmpfsNode* tn0 = nodes[4].mutable_tmpfs_node(); tn0->set_tmpfs_options("option1"); MountTree::TmpfsNode* tn1 = nodes[5].mutable_tmpfs_node(); tn1->set_tmpfs_options("option2"); MountTree::RootNode* rn0 = nodes[6].mutable_root_node(); - rn0->set_is_ro(true); + rn0->set_writable(false); MountTree::RootNode* rn1 = nodes[7].mutable_root_node(); - rn1->set_is_ro(false); + rn1->set_writable(true); for (const MountTree::Node n : nodes) { ASSERT_TRUE(n.IsInitialized()); diff --git a/sandboxed_api/sandbox2/violation.proto b/sandboxed_api/sandbox2/violation.proto index 3c1baea..3463ed6 100644 --- a/sandboxed_api/sandbox2/violation.proto +++ b/sandboxed_api/sandbox2/violation.proto @@ -16,7 +16,7 @@ syntax = "proto3"; package sandbox2; -import "sandboxed_api/sandbox2/mounttree.proto"; +import "sandboxed_api/sandbox2/mount_tree.proto"; enum PBViolationType { VIOLATION_TYPE_UNSPECIFIED = 0;