Internal change.

PiperOrigin-RevId: 387565158
Change-Id: I7b5293b614fae74abae1f9a347b0ef414028b8ea
This commit is contained in:
Christian Blichmann 2021-07-29 05:51:48 -07:00 committed by Copybara-Service
parent 85c58dc2d7
commit f14aeee0ad
5 changed files with 11 additions and 17 deletions

View File

@ -447,10 +447,6 @@ absl::Status Sandbox::SetWallTimeLimit(absl::Duration limit) const {
return absl::OkStatus(); return absl::OkStatus();
} }
absl::Status Sandbox::SetWallTimeLimit(time_t limit) const {
return SetWallTimeLimit(absl::Seconds(limit));
}
void Sandbox::Exit() const { void Sandbox::Exit() const {
if (!is_active()) { if (!is_active()) {
return; return;

View File

@ -48,7 +48,7 @@ class Sandbox {
absl::Status Init(); absl::Status Init();
ABSL_DEPRECATED("Use sapi::Sandbox::is_active() instead") ABSL_DEPRECATED("Use sapi::Sandbox::is_active() instead")
bool IsActive() const { return is_active(); } bool IsActive() const { return this->is_active(); }
// Returns whether the current sandboxing session is active. // Returns whether the current sandboxing session is active.
bool is_active() const; bool is_active() const;
@ -65,11 +65,11 @@ class Sandbox {
sandbox2::Comms* comms() const { return comms_; } sandbox2::Comms* comms() const { return comms_; }
ABSL_DEPRECATED("Use sapi::Sandbox::rpc_channel() instead") ABSL_DEPRECATED("Use sapi::Sandbox::rpc_channel() instead")
RPCChannel* GetRpcChannel() const { return rpc_channel_.get(); } RPCChannel* GetRpcChannel() const { return this->rpc_channel(); }
RPCChannel* rpc_channel() const { return rpc_channel_.get(); } RPCChannel* rpc_channel() const { return rpc_channel_.get(); }
ABSL_DEPRECATED("Use sapi::Sandbox::pid() instead") ABSL_DEPRECATED("Use sapi::Sandbox::pid() instead")
int GetPid() const { return pid_; } int GetPid() const { return this->pid(); }
int pid() const { return pid_; } int pid() const { return pid_; }
// Synchronizes the underlying memory for the pointer before the call. // Synchronizes the underlying memory for the pointer before the call.
@ -115,7 +115,9 @@ class Sandbox {
absl::Status SetWallTimeLimit(absl::Duration limit) const; absl::Status SetWallTimeLimit(absl::Duration limit) const;
ABSL_DEPRECATED( ABSL_DEPRECATED(
"Use sapi::Sandbox::SetWallTimeLimit(absl::Duration) overload instead") "Use sapi::Sandbox::SetWallTimeLimit(absl::Duration) overload instead")
absl::Status SetWallTimeLimit(time_t limit) const; absl::Status SetWallTimeLimit(time_t limit) const {
return this->SetWallTimeLimit(absl::Seconds(limit));
}
protected: protected:

View File

@ -19,6 +19,7 @@
#define SANDBOXED_API_SANDBOX2_LIMITS_H_ #define SANDBOXED_API_SANDBOX2_LIMITS_H_
#include <sys/resource.h> #include <sys/resource.h>
#include <cstdint> #include <cstdint>
#include <ctime> #include <ctime>
@ -34,7 +35,7 @@ class Limits final {
Limits(const Limits&) = delete; Limits(const Limits&) = delete;
Limits& operator=(const Limits&) = delete; Limits& operator=(const Limits&) = delete;
// Rlimit-s getters/setters. // rlimits getters/setters.
// //
// Use RLIM64_INFINITY for unlimited values, but remember that some of those // Use RLIM64_INFINITY for unlimited values, but remember that some of those
// cannot exceed system limits (e.g. RLIMIT_NOFILE). // cannot exceed system limits (e.g. RLIMIT_NOFILE).

View File

@ -484,10 +484,10 @@ class PolicyBuilder final {
"Explicitly specify tmpfs size by using AddTmpfs(inside, sz) instead") "Explicitly specify tmpfs size by using AddTmpfs(inside, sz) instead")
PolicyBuilder& AddTmpfs(absl::string_view inside) { PolicyBuilder& AddTmpfs(absl::string_view inside) {
LOG(WARNING) << "Tmpfs size not specified, defaulting to 4 MiB"; LOG(WARNING) << "Tmpfs size not specified, defaulting to 4 MiB";
return AddTmpfs(inside, 4 << 20 /* 4 MiB */); return this->AddTmpfs(inside, /*size=*/4ULL << 20 /* 4 MiB */);
} }
PolicyBuilder& AddTmpfs(absl::string_view inside, size_t sz); PolicyBuilder& AddTmpfs(absl::string_view inside, size_t size);
// Allows unrestricted access to the network by *not* creating a network // Allows unrestricted access to the network by *not* creating a network
// namespace. Note that this only disables the network namespace. To actually // namespace. Note that this only disables the network namespace. To actually

View File

@ -104,12 +104,7 @@ class Sandbox2 final {
void set_walltime_limit(absl::Duration limit) const; void set_walltime_limit(absl::Duration limit) const;
// Gets the pid inside the executor. // Gets the pid inside the executor.
pid_t GetPid() { pid_t GetPid() { return monitor_ != nullptr ? monitor_->pid_ : -1; }
if (monitor_ != nullptr) {
return monitor_->pid_;
}
return -1;
}
// Gets the comms inside the executor. // Gets the comms inside the executor.
Comms* comms() { Comms* comms() {