From 99931c2ad6be11a6657b5bfc8266b6688f7ca7ae Mon Sep 17 00:00:00 2001 From: Wiktor Garbacz Date: Wed, 22 Mar 2023 04:06:25 -0700 Subject: [PATCH] Move abort into ExecuteProcess and mark it noreturn PiperOrigin-RevId: 518528953 Change-Id: Ieaa03af484188bb35f9734d69d987eabbdcc23ab --- sandboxed_api/sandbox2/BUILD.bazel | 2 +- sandboxed_api/sandbox2/CMakeLists.txt | 47 ++++++++++++++------------- sandboxed_api/sandbox2/forkserver.cc | 4 +-- sandboxed_api/sandbox2/forkserver.h | 3 +- 4 files changed, 28 insertions(+), 28 deletions(-) diff --git a/sandboxed_api/sandbox2/BUILD.bazel b/sandboxed_api/sandbox2/BUILD.bazel index d3b95b2..ee11e1f 100644 --- a/sandboxed_api/sandbox2/BUILD.bazel +++ b/sandboxed_api/sandbox2/BUILD.bazel @@ -602,13 +602,13 @@ cc_library( "//sandboxed_api/util:fileops", "//sandboxed_api/util:raw_logging", "//sandboxed_api/util:strerror", + "@com_google_absl//absl/base:core_headers", "@com_google_absl//absl/container:flat_hash_map", "@com_google_absl//absl/container:flat_hash_set", "@com_google_absl//absl/log", "@com_google_absl//absl/status", "@com_google_absl//absl/status:statusor", "@com_google_absl//absl/strings", - "@com_google_absl//absl/strings:str_format", "@org_kernel_libcap//:libcap", ], ) diff --git a/sandboxed_api/sandbox2/CMakeLists.txt b/sandboxed_api/sandbox2/CMakeLists.txt index ea0f887..4f0e76f 100644 --- a/sandboxed_api/sandbox2/CMakeLists.txt +++ b/sandboxed_api/sandbox2/CMakeLists.txt @@ -543,29 +543,30 @@ add_library(sandbox2_forkserver ${SAPI_LIB_TYPE} forkserver.h ) add_library(sandbox2::forkserver ALIAS sandbox2_forkserver) -target_link_libraries(sandbox2_forkserver PRIVATE - absl::flat_hash_map - absl::flat_hash_set - absl::status - absl::statusor - absl::str_format - absl::strings - libcap::libcap - sandbox2::bpf_helper - sandbox2::client - sandbox2::comms - sapi::fileops - sandbox2::fork_client - sandbox2::forkserver_proto - sandbox2::namespace - sandbox2::policy - sapi::strerror - sandbox2::sanitizer - sandbox2::syscall - sandbox2::unwind - sandbox2::util - sapi::base - sapi::raw_logging +target_link_libraries(sandbox2_forkserver + PRIVATE absl::flat_hash_map + absl::flat_hash_set + absl::status + absl::statusor + absl::strings + libcap::libcap + sandbox2::bpf_helper + sandbox2::client + sandbox2::comms + sapi::fileops + sandbox2::fork_client + sandbox2::forkserver_proto + sandbox2::namespace + sandbox2::policy + sapi::strerror + sandbox2::sanitizer + sandbox2::syscall + sandbox2::unwind + sandbox2::util + sapi::base + sapi::raw_logging + PUBLIC absl::core_headers + absl::log ) # sandboxed_api/sandbox2:fork_client diff --git a/sandboxed_api/sandbox2/forkserver.cc b/sandboxed_api/sandbox2/forkserver.cc index 16717b7..5f79c65 100644 --- a/sandboxed_api/sandbox2/forkserver.cc +++ b/sandboxed_api/sandbox2/forkserver.cc @@ -43,7 +43,6 @@ #include "absl/status/statusor.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" -#include "absl/strings/str_format.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" #include "libcap/include/sys/capability.h" @@ -378,13 +377,11 @@ void ForkServer::LaunchChild(const ForkRequest& request, int execve_fd, } else { ExecuteProcess(execve_fd, argv.data(), envp.data()); } - abort(); } if (will_execve) { ExecuteProcess(execve_fd, util::CharPtrArray::FromStringVector(args).data(), util::CharPtrArray::FromStringVector(envs).data()); - abort(); } } @@ -643,6 +640,7 @@ void ForkServer::ExecuteProcess(int execve_fd, const char* const* argv, } util::Syscall(__NR_exit_group, EXIT_FAILURE); + abort(); } void ForkServer::InitializeNamespaces(const ForkRequest& request, uid_t uid, diff --git a/sandboxed_api/sandbox2/forkserver.h b/sandboxed_api/sandbox2/forkserver.h index 1e00deb..6603fe1 100644 --- a/sandboxed_api/sandbox2/forkserver.h +++ b/sandboxed_api/sandbox2/forkserver.h @@ -23,6 +23,7 @@ #include #include +#include "absl/base/attributes.h" #include "absl/log/log.h" namespace sandbox2 { @@ -73,7 +74,7 @@ class ForkServer { // Executes the sandboxee, or exit with Executor::kFailedExecve. static void ExecuteProcess(int execve_fd, const char* const* argv, - const char* const* envp); + const char* const* envp) ABSL_ATTRIBUTE_NORETURN; // Runs namespace initializers for a sandboxee. static void InitializeNamespaces(const ForkRequest& request, uid_t uid,