PtraceMonitor: Add a hard deadline for waiting for kill to take effect

PiperOrigin-RevId: 555854230
Change-Id: If323725e5112344105627844910356dd14c9ad31
This commit is contained in:
Wiktor Garbacz 2023-08-11 02:00:42 -07:00 committed by Copybara-Service
parent 01e14e0bb7
commit a946cedc95
2 changed files with 14 additions and 0 deletions

View File

@ -38,6 +38,7 @@
#include "absl/log/log.h" #include "absl/log/log.h"
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/time/clock.h"
#include "absl/time/time.h" #include "absl/time/time.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/client.h"
@ -230,6 +231,10 @@ bool PtraceMonitor::KillSandboxee() {
SetExitStatusCode(Result::INTERNAL_ERROR, Result::FAILED_KILL); SetExitStatusCode(Result::INTERNAL_ERROR, Result::FAILED_KILL);
return false; return false;
} }
constexpr absl::Duration kGracefullKillTimeout = absl::Milliseconds(500);
if (hard_deadline_ == absl::InfiniteFuture()) {
hard_deadline_ = absl::Now() + kGracefullKillTimeout;
}
return true; return true;
} }
@ -303,6 +308,12 @@ void PtraceMonitor::Run() {
// All possible still running children of main process, will be killed due to // All possible still running children of main process, will be killed due to
// PTRACE_O_EXITKILL ptrace() flag. // PTRACE_O_EXITKILL ptrace() flag.
while (result().final_status() == Result::UNSET) { while (result().final_status() == Result::UNSET) {
if (absl::Now() >= hard_deadline_) {
LOG(WARNING) << "Hard deadline exceeded (timed_out=" << timed_out_
<< ", external_kill=" << external_kill_
<< ", network_violation=" << network_violation_ << ").";
break;
}
int64_t deadline = deadline_millis_.load(std::memory_order_relaxed); int64_t deadline = deadline_millis_.load(std::memory_order_relaxed);
if (deadline != 0 && absl::Now() >= absl::FromUnixMillis(deadline)) { if (deadline != 0 && absl::Now() >= absl::FromUnixMillis(deadline)) {
VLOG(1) << "Sandbox process hit timeout due to the walltime timer"; VLOG(1) << "Sandbox process hit timeout due to the walltime timer";

View File

@ -27,6 +27,7 @@
#include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_map.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"
#include "absl/synchronization/notification.h" #include "absl/synchronization/notification.h"
#include "absl/time/time.h"
#include "sandboxed_api/sandbox2/executor.h" #include "sandboxed_api/sandbox2/executor.h"
#include "sandboxed_api/sandbox2/monitor_base.h" #include "sandboxed_api/sandbox2/monitor_base.h"
#include "sandboxed_api/sandbox2/notify.h" #include "sandboxed_api/sandbox2/notify.h"
@ -154,6 +155,8 @@ class PtraceMonitor : public MonitorBase {
// Syscalls that are running, whose result values we want to inspect. // Syscalls that are running, whose result values we want to inspect.
absl::flat_hash_map<pid_t, Syscall> syscalls_in_progress_; absl::flat_hash_map<pid_t, Syscall> syscalls_in_progress_;
sigset_t sset_; sigset_t sset_;
// Deadline after which sandboxee get terminated via PTRACE_O_EXITKILL.
absl::Time hard_deadline_ = absl::InfiniteFuture();
// Monitor thread object. // Monitor thread object.
std::unique_ptr<std::thread> thread_; std::unique_ptr<std::thread> thread_;