diff --git a/sandboxed_api/sandbox2/monitor_ptrace.cc b/sandboxed_api/sandbox2/monitor_ptrace.cc index 55612c7..fac743a 100644 --- a/sandboxed_api/sandbox2/monitor_ptrace.cc +++ b/sandboxed_api/sandbox2/monitor_ptrace.cc @@ -29,7 +29,9 @@ #include #include #include +#include #include +#include #include #include #include @@ -55,6 +57,7 @@ #include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/executor.h" +#include "sandboxed_api/sandbox2/notify.h" #include "sandboxed_api/sandbox2/policy.h" #include "sandboxed_api/sandbox2/regs.h" #include "sandboxed_api/sandbox2/result.h" @@ -242,6 +245,10 @@ bool PtraceMonitor::KillSandboxee() { SetExitStatusCode(Result::INTERNAL_ERROR, Result::FAILED_KILL); return false; } + constexpr absl::Duration kGracefullKillTimeout = absl::Milliseconds(1000); + if (hard_deadline_ == absl::InfiniteFuture()) { + hard_deadline_ = absl::Now() + kGracefullKillTimeout; + } return true; } @@ -315,6 +322,13 @@ void PtraceMonitor::Run() { // All possible still running children of main process, will be killed due to // PTRACE_O_EXITKILL ptrace() flag. while (result().final_status() == Result::UNSET) { + if (absl::Now() >= hard_deadline_) { + LOG(WARNING) << "Hard deadline exceeded (timed_out=" << timed_out_ + << ", external_kill=" << external_kill_ + << ", network_violation=" << network_violation_ << ")."; + SetExitStatusCode(Result::TIMEOUT, 0); + break; + } int64_t deadline = deadline_millis_.load(std::memory_order_relaxed); if (deadline != 0 && absl::Now() >= absl::FromUnixMillis(deadline)) { VLOG(1) << "Sandbox process hit timeout due to the walltime timer"; diff --git a/sandboxed_api/sandbox2/monitor_ptrace.h b/sandboxed_api/sandbox2/monitor_ptrace.h index 02994b2..0c9570a 100644 --- a/sandboxed_api/sandbox2/monitor_ptrace.h +++ b/sandboxed_api/sandbox2/monitor_ptrace.h @@ -156,6 +156,8 @@ class PtraceMonitor : public MonitorBase { // Syscalls that are running, whose result values we want to inspect. absl::flat_hash_map syscalls_in_progress_; sigset_t sset_; + // Deadline after which sandboxee get terminated via PTRACE_O_EXITKILL. + absl::Time hard_deadline_ = absl::InfiniteFuture(); // Monitor thread object. std::unique_ptr thread_;