sandboxed-api/sandboxed_api/sandbox2/sanitizer.cc
Catalin Patulea 4344bbceba Add optional VLOG(1) for additional process info on Syscall Violation.
PiperOrigin-RevId: 368900451
Change-Id: I331d0e239e2f3176c435bd42012d155d60d0b1ac
2021-04-16 12:43:08 -07:00

206 lines
5.5 KiB
C++

// Copyright 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Implementation file for the sandbox2::sanitizer namespace.
#include "sandboxed_api/sandbox2/sanitizer.h"
#if defined(THREAD_SANITIZER)
#include <sanitizer/tsan_interface.h>
#endif
#include <dirent.h>
#include <fcntl.h>
#include <sys/prctl.h>
#include <syscall.h>
#include <unistd.h>
#include <cerrno>
#include <csignal>
#include <cstring>
#include <fstream>
#include <sstream>
#include <string>
#include <utility>
#include <vector>
#include "absl/strings/numbers.h"
#include "absl/strings/str_cat.h"
#include "absl/strings/str_split.h"
#include "sandboxed_api/sandbox2/util.h"
#include "sandboxed_api/util/file_helpers.h"
#include "sandboxed_api/util/fileops.h"
#include "sandboxed_api/util/raw_logging.h"
#include "sandboxed_api/util/strerror.h"
namespace sandbox2::sanitizer {
namespace {
namespace file = ::sapi::file;
namespace file_util = ::sapi::file_util;
using ::sapi::StrError;
constexpr char kProcSelfFd[] = "/proc/self/fd";
// Reads filenames inside the directory and converts them to numerical values.
bool ListNumericalDirectoryEntries(const std::string& directory,
std::set<int>* nums) {
std::vector<std::string> entries;
std::string error;
if (!file_util::fileops::ListDirectoryEntries(directory, &entries, &error)) {
SAPI_RAW_LOG(WARNING, "List directory entries for '%s' failed: %s",
kProcSelfFd, error.c_str());
return false;
}
for (const auto& entry : entries) {
int num;
if (!absl::SimpleAtoi(entry, &num)) {
SAPI_RAW_LOG(WARNING, "Cannot convert %s to a number", entry.c_str());
return false;
}
nums->insert(num);
}
return true;
}
} // namespace
bool GetListOfFDs(std::set<int>* fds) {
if (!ListNumericalDirectoryEntries(kProcSelfFd, fds)) {
return false;
}
// Exclude the dirfd which was opened in ListDirectoryEntries.
// Most probably will be the highest fd, hence the reverse order.
for (auto it = fds->rbegin(), end = fds->rend(); it != end; ++it) {
if (access(absl::StrCat(kProcSelfFd, "/", *it).c_str(), F_OK) != 0) {
fds->erase(*it);
break;
}
}
return true;
}
bool GetListOfTasks(int pid, std::set<int>* tasks) {
const std::string task_dir = absl::StrCat("/proc/", pid, "/task");
return ListNumericalDirectoryEntries(task_dir, tasks);
}
bool CloseAllFDsExcept(const std::set<int>& fd_exceptions) {
std::set<int> fds;
if (!GetListOfFDs(&fds)) {
return false;
}
for (auto fd : fds) {
if (fd_exceptions.find(fd) != fd_exceptions.end()) {
continue;
}
SAPI_RAW_VLOG(2, "Closing FD:%d", fd);
close(fd);
}
return true;
}
bool MarkAllFDsAsCOEExcept(const std::set<int>& fd_exceptions) {
std::set<int> fds;
if (!GetListOfFDs(&fds)) {
return false;
}
for (auto fd : fds) {
if (fd_exceptions.find(fd) != fd_exceptions.end()) {
continue;
}
SAPI_RAW_VLOG(2, "Marking FD:%d as close-on-exec", fd);
int flags = fcntl(fd, F_GETFD);
if (flags == -1) {
SAPI_RAW_PLOG(ERROR, "fcntl(%d, F_GETFD) failed", fd);
return false;
}
if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) == -1) {
SAPI_RAW_PLOG(ERROR, "fcntl(%d, F_SETFD, %x | FD_CLOEXEC) failed", fd,
flags);
return false;
}
}
return true;
}
int GetNumberOfThreads(int pid) {
std::string thread_str = util::GetProcStatusLine(pid, "Threads");
if (thread_str.empty()) {
return -1;
}
int threads;
if (!absl::SimpleAtoi(thread_str, &threads)) {
SAPI_RAW_LOG(ERROR, "Couldn't convert '%s' to a number",
thread_str.c_str());
return -1;
}
SAPI_RAW_VLOG(1, "Found %d threads in pid: %d", threads, pid);
return threads;
}
void WaitForTsan() {
#if defined(THREAD_SANITIZER)
static bool ABSL_ATTRIBUTE_UNUSED dummy_tsan_once = []() {
__sanitizer_sandbox_on_notify(nullptr);
return true;
}();
const pid_t pid = getpid();
int threads;
for (int retry = 0; retry < 10; ++retry) {
threads = GetNumberOfThreads(pid);
if (threads == -1 || threads == 1) {
break;
}
absl::SleepFor(absl::Milliseconds(100));
}
#endif
}
bool SanitizeCurrentProcess(const std::set<int>& fd_exceptions,
bool close_fds) {
SAPI_RAW_VLOG(1, "Sanitizing PID: %zu, close_fds: %d", syscall(__NR_getpid),
close_fds);
// Put process in a separate session (and a new process group).
setsid();
// If the parent goes down, so should we.
if (prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0) != 0) {
SAPI_RAW_PLOG(ERROR, "prctl(PR_SET_PDEATHSIG, SIGKILL) failed");
return false;
}
// Close or mark as close-on-exec open file descriptors.
if (close_fds) {
if (!CloseAllFDsExcept(fd_exceptions)) {
SAPI_RAW_LOG(ERROR, "Failed to close all fds");
return false;
}
} else {
if (!MarkAllFDsAsCOEExcept(fd_exceptions)) {
SAPI_RAW_LOG(ERROR, "Failed to mark all fds as closed");
return false;
}
}
return true;
}
} // namespace sandbox2::sanitizer