// Copyright 2019 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // Implementation file for the sandbox2::Client class. #include "sandboxed_api/sandbox2/client.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "absl/base/attributes.h" #include "absl/base/macros.h" #include "absl/memory/memory.h" #include "absl/strings/numbers.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" #include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/sanitizer.h" #include "sandboxed_api/util/raw_logging.h" #include "sandboxed_api/util/strerror.h" namespace sandbox2 { using ::sapi::StrError; Client::Client(Comms* comms) : comms_(comms) { char* fdmap_envvar = getenv(kFDMapEnvVar); if (!fdmap_envvar) { return; } absl::flat_hash_map vars = absl::StrSplit(fdmap_envvar, ',', absl::SkipEmpty()); for (const auto& [name, mapped_fd] : vars) { int fd; SAPI_RAW_CHECK(absl::SimpleAtoi(mapped_fd, &fd), "failed to parse fd map"); SAPI_RAW_CHECK(fd_map_.emplace(std::string(name), fd).second, "could not insert mapping into fd map (duplicate)"); } unsetenv(kFDMapEnvVar); } std::string Client::GetFdMapEnvVar() const { return absl::StrCat(kFDMapEnvVar, "=", absl::StrJoin(fd_map_, ",", absl::PairFormatter(","))); } void Client::PrepareEnvironment() { SetUpIPC(); SetUpCwd(); } void Client::EnableSandbox() { ReceivePolicy(); ApplyPolicyAndBecomeTracee(); } void Client::SandboxMeHere() { PrepareEnvironment(); EnableSandbox(); } void Client::SetUpCwd() { { // Get the current working directory to check if we are in a mount // namespace. // Note: glibc 2.27 no longer returns a relative path in that case, but // fails with ENOENT and returns a nullptr instead. The code still // needs to run on lower version for the time being. char cwd_buf[PATH_MAX + 1] = {0}; char* cwd = getcwd(cwd_buf, ABSL_ARRAYSIZE(cwd_buf)); SAPI_RAW_PCHECK(cwd != nullptr || errno == ENOENT, "no current working directory"); // Outside of the mount namespace, the path is of the form // '(unreachable)/...'. Only check for the slash, since Linux might make up // other prefixes in the future. if (errno == ENOENT || cwd_buf[0] != '/') { SAPI_RAW_VLOG(1, "chdir into mount namespace, cwd was '%s'", cwd_buf); // If we are in a mount namespace but fail to chdir, then it can lead to a // sandbox escape -- we need to fail with FATAL if the chdir fails. SAPI_RAW_PCHECK(chdir("/") != -1, "corrective chdir"); } } // Receive the user-supplied current working directory and change into it. std::string cwd; SAPI_RAW_CHECK(comms_->RecvString(&cwd), "receiving working directory"); if (!cwd.empty()) { // On the other hand this chdir can fail without a sandbox escape. It will // probably not have the intended behavior though. if (chdir(cwd.c_str()) == -1) { SAPI_RAW_VLOG( 1, "chdir(%s) failed, falling back to previous cwd or / (with " "namespaces). Use Executor::SetCwd() to set a working directory: %s", cwd.c_str(), StrError(errno).c_str()); } } } void Client::SetUpIPC() { uint32_t num_of_fd_pairs; SAPI_RAW_CHECK(comms_->RecvUint32(&num_of_fd_pairs), "receiving number of fd pairs"); SAPI_RAW_CHECK(fd_map_.empty(), "fd map not empty"); SAPI_RAW_VLOG(1, "Will receive %d file descriptor pairs", num_of_fd_pairs); for (uint32_t i = 0; i < num_of_fd_pairs; ++i) { int32_t requested_fd; int32_t fd; std::string name; SAPI_RAW_CHECK(comms_->RecvInt32(&requested_fd), "receiving requested fd"); SAPI_RAW_CHECK(comms_->RecvFD(&fd), "receiving current fd"); SAPI_RAW_CHECK(comms_->RecvString(&name), "receiving name string"); if (requested_fd != -1 && fd != requested_fd) { if (requested_fd > STDERR_FILENO && fcntl(requested_fd, F_GETFD) != -1) { // Dup2 will silently close the FD if one is already at requested_fd. // If someone is using the deferred sandbox entry, ie. SandboxMeHere, // the application might have something actually using that fd. // Therefore let's log a big warning if that FD is already in use. // Note: this check doesn't happen for STDIN,STDOUT,STDERR. SAPI_RAW_LOG( WARNING, "Cloning received fd %d over %d which is already open and will " "be silently closed. This may lead to unexpected behavior!", fd, requested_fd); } SAPI_RAW_VLOG(1, "Cloning received fd=%d onto fd=%d", fd, requested_fd); SAPI_RAW_PCHECK(dup2(fd, requested_fd) != -1, ""); // Close the newly received FD if it differs from the new one. close(fd); fd = requested_fd; } if (!name.empty()) { SAPI_RAW_CHECK(fd_map_.emplace(name, fd).second, "duplicate fd mapping"); } } } void Client::ReceivePolicy() { std::vector bytes; SAPI_RAW_CHECK(comms_->RecvBytes(&bytes), "receive bytes"); policy_ = std::move(bytes); } void Client::ApplyPolicyAndBecomeTracee() { // When running under TSAN, we need to notify TSANs background thread that we // want it to exit and wait for it to be done. When not running under TSAN, // this function does nothing. sanitizer::WaitForTsan(); // Creds can be received w/o synchronization, once the connection is // established. pid_t cred_pid; uid_t cred_uid ABSL_ATTRIBUTE_UNUSED; gid_t cred_gid ABSL_ATTRIBUTE_UNUSED; SAPI_RAW_CHECK(comms_->RecvCreds(&cred_pid, &cred_uid, &cred_gid), "receiving credentials"); SAPI_RAW_CHECK(prctl(PR_SET_DUMPABLE, 1) == 0, "setting PR_SET_DUMPABLE flag"); if (prctl(PR_SET_PTRACER, cred_pid) == -1) { SAPI_RAW_VLOG(1, "No YAMA on this system. Continuing"); } SAPI_RAW_CHECK(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == 0, "setting PR_SET_NO_NEW_PRIVS flag"); SAPI_RAW_CHECK(prctl(PR_SET_KEEPCAPS, 0) == 0, "setting PR_SET_KEEPCAPS flag"); sock_fprog prog; SAPI_RAW_CHECK(policy_.size() / sizeof(sock_filter) <= std::numeric_limits::max(), "seccomp policy too long"); prog.len = static_cast(policy_.size() / sizeof(sock_filter)); prog.filter = reinterpret_cast(&policy_.front()); SAPI_RAW_VLOG(1, "Applying policy in PID %zd, sock_fprog.len: %" PRId16 " entries (%" PRIuPTR " bytes)", syscall(__NR_gettid), prog.len, policy_.size()); // Signal executor we are ready to have limits applied on us and be ptraced. // We want limits at the last moment to avoid triggering them too early and we // want ptrace at the last moment to avoid synchronization deadlocks. SAPI_RAW_CHECK(comms_->SendUint32(kClient2SandboxReady), "receiving ready signal from executor"); uint32_t ret; // wait for confirmation SAPI_RAW_CHECK(comms_->RecvUint32(&ret), "receving confirmation from executor"); SAPI_RAW_CHECK(ret == kSandbox2ClientDone, "invalid confirmation from executor"); int result = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, reinterpret_cast(&prog)); SAPI_RAW_PCHECK(result != -1, "setting seccomp filter"); SAPI_RAW_PCHECK(result == 0, "synchronizing threads using SECCOMP_FILTER_FLAG_TSYNC flag " "for thread=%d", result); } int Client::GetMappedFD(const std::string& name) { auto it = fd_map_.find(name); SAPI_RAW_CHECK(it != fd_map_.end(), "mapped fd not found (function called twice?)"); int fd = it->second; fd_map_.erase(it); return fd; } bool Client::HasMappedFD(const std::string& name) { return fd_map_.find(name) != fd_map_.end(); } void Client::SendLogsToSupervisor() { // This LogSink will register itself and send all logs to the executor until // the object is destroyed. logsink_ = absl::make_unique(GetMappedFD(LogSink::kLogFDName)); } NetworkProxyClient* Client::GetNetworkProxyClient() { if (proxy_client_ == nullptr) { proxy_client_ = absl::make_unique( GetMappedFD(NetworkProxyClient::kFDName)); } return proxy_client_.get(); } absl::Status Client::InstallNetworkProxyHandler() { if (fd_map_.find(NetworkProxyClient::kFDName) == fd_map_.end()) { return absl::FailedPreconditionError( "InstallNetworkProxyHandler() must be called at most once after the " "sandbox is installed. Also, the NetworkProxyServer needs to be " "enabled."); } return NetworkProxyHandler::InstallNetworkProxyHandler( GetNetworkProxyClient()); } } // namespace sandbox2