1*ec63e07aSXin Li // Copyright 2019 Google LLC
2*ec63e07aSXin Li //
3*ec63e07aSXin Li // Licensed under the Apache License, Version 2.0 (the "License");
4*ec63e07aSXin Li // you may not use this file except in compliance with the License.
5*ec63e07aSXin Li // You may obtain a copy of the License at
6*ec63e07aSXin Li //
7*ec63e07aSXin Li // https://www.apache.org/licenses/LICENSE-2.0
8*ec63e07aSXin Li //
9*ec63e07aSXin Li // Unless required by applicable law or agreed to in writing, software
10*ec63e07aSXin Li // distributed under the License is distributed on an "AS IS" BASIS,
11*ec63e07aSXin Li // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12*ec63e07aSXin Li // See the License for the specific language governing permissions and
13*ec63e07aSXin Li // limitations under the License.
14*ec63e07aSXin Li
15*ec63e07aSXin Li // The sandbox2::util namespace provides various, uncategorized, functions
16*ec63e07aSXin Li // useful for creating sandboxes.
17*ec63e07aSXin Li
18*ec63e07aSXin Li #ifndef SANDBOXED_API_SANDBOX2_UTIL_H_
19*ec63e07aSXin Li #define SANDBOXED_API_SANDBOX2_UTIL_H_
20*ec63e07aSXin Li
21*ec63e07aSXin Li #include <sys/types.h>
22*ec63e07aSXin Li
23*ec63e07aSXin Li #include <cstdint>
24*ec63e07aSXin Li #include <string>
25*ec63e07aSXin Li #include <vector>
26*ec63e07aSXin Li
27*ec63e07aSXin Li #include "absl/base/attributes.h"
28*ec63e07aSXin Li #include "absl/base/macros.h"
29*ec63e07aSXin Li #include "absl/status/statusor.h"
30*ec63e07aSXin Li
31*ec63e07aSXin Li namespace sandbox2::util {
32*ec63e07aSXin Li
33*ec63e07aSXin Li void DumpCoverageData();
34*ec63e07aSXin Li
35*ec63e07aSXin Li // An char ptr array limited by the terminating nullptr entry (like environ
36*ec63e07aSXin Li // or argv).
37*ec63e07aSXin Li class CharPtrArray {
38*ec63e07aSXin Li public:
39*ec63e07aSXin Li CharPtrArray(char* const* array);
40*ec63e07aSXin Li static CharPtrArray FromStringVector(const std::vector<std::string>& vec);
41*ec63e07aSXin Li
array()42*ec63e07aSXin Li const std::vector<const char*>& array() const { return array_; }
43*ec63e07aSXin Li
data()44*ec63e07aSXin Li const char* const* data() const { return array_.data(); }
45*ec63e07aSXin Li
46*ec63e07aSXin Li std::vector<std::string> ToStringVector() const;
47*ec63e07aSXin Li
48*ec63e07aSXin Li private:
49*ec63e07aSXin Li CharPtrArray(const std::vector<std::string>& vec);
50*ec63e07aSXin Li
51*ec63e07aSXin Li const std::string content_;
52*ec63e07aSXin Li std::vector<const char*> array_;
53*ec63e07aSXin Li };
54*ec63e07aSXin Li
55*ec63e07aSXin Li // Converts an array of char* (terminated by a nullptr, like argv, or environ
56*ec63e07aSXin Li // arrays), to an std::vector<std::string>.
57*ec63e07aSXin Li ABSL_DEPRECATED("Use CharPtrArray(arr).ToStringVector() instead")
CharPtrArrToVecString(char * const * arr,std::vector<std::string> * vec)58*ec63e07aSXin Li inline void CharPtrArrToVecString(char* const* arr,
59*ec63e07aSXin Li std::vector<std::string>* vec) {
60*ec63e07aSXin Li *vec = sandbox2::util::CharPtrArray(arr).ToStringVector();
61*ec63e07aSXin Li }
62*ec63e07aSXin Li
63*ec63e07aSXin Li // Returns the program name (via /proc/self/comm) for a given PID.
64*ec63e07aSXin Li std::string GetProgName(pid_t pid);
65*ec63e07aSXin Li
66*ec63e07aSXin Li // Returns the command line (via /proc/self/cmdline) for a given PID. The
67*ec63e07aSXin Li // argument separators '\0' are converted to spaces.
68*ec63e07aSXin Li std::string GetCmdLine(pid_t pid);
69*ec63e07aSXin Li
70*ec63e07aSXin Li // Returns the specified line from /proc/<pid>/status for a given PID. 'value'
71*ec63e07aSXin Li // is a field name like "Threads" or "Tgid".
72*ec63e07aSXin Li std::string GetProcStatusLine(int pid, const std::string& value);
73*ec63e07aSXin Li
74*ec63e07aSXin Li // Invokes a syscall, avoiding on-stack argument promotion, as it might happen
75*ec63e07aSXin Li // with vararg syscall() function.
76*ec63e07aSXin Li long Syscall(long sys_no, // NOLINT
77*ec63e07aSXin Li uintptr_t a1 = 0, uintptr_t a2 = 0, uintptr_t a3 = 0,
78*ec63e07aSXin Li uintptr_t a4 = 0, uintptr_t a5 = 0, uintptr_t a6 = 0);
79*ec63e07aSXin Li
80*ec63e07aSXin Li // Fork based on clone() which updates glibc's PID/TID caches - Based on:
81*ec63e07aSXin Li // https://chromium.googlesource.com/chromium/src/+/9eb564175dbd452196f782da2b28e3e8e79c49a5%5E!/
82*ec63e07aSXin Li //
83*ec63e07aSXin Li // Return values as for 'man 2 fork'.
84*ec63e07aSXin Li pid_t ForkWithFlags(int flags);
85*ec63e07aSXin Li
86*ec63e07aSXin Li // Creates a new memfd.
87*ec63e07aSXin Li bool CreateMemFd(int* fd, const char* name = "buffer_file");
88*ec63e07aSXin Li
89*ec63e07aSXin Li // Executes a the program given by argv and the specified environment and
90*ec63e07aSXin Li // captures any output to stdout/stderr.
91*ec63e07aSXin Li absl::StatusOr<int> Communicate(const std::vector<std::string>& argv,
92*ec63e07aSXin Li const std::vector<std::string>& envv,
93*ec63e07aSXin Li std::string* output);
94*ec63e07aSXin Li
95*ec63e07aSXin Li // Returns signal description.
96*ec63e07aSXin Li std::string GetSignalName(int signo);
97*ec63e07aSXin Li
98*ec63e07aSXin Li // Returns rlimit resource name
99*ec63e07aSXin Li std::string GetRlimitName(int resource);
100*ec63e07aSXin Li
101*ec63e07aSXin Li // Returns ptrace event name
102*ec63e07aSXin Li std::string GetPtraceEventName(int event);
103*ec63e07aSXin Li
104*ec63e07aSXin Li // Reads a path string (NUL-terminated, shorter than PATH_MAX) from another
105*ec63e07aSXin Li // process memory
106*ec63e07aSXin Li absl::StatusOr<std::string> ReadCPathFromPid(pid_t pid, uintptr_t ptr);
107*ec63e07aSXin Li
108*ec63e07aSXin Li // Wrapper for execveat(2).
109*ec63e07aSXin Li int Execveat(int dirfd, const char* pathname, const char* const argv[],
110*ec63e07aSXin Li const char* const envp[], int flags, uintptr_t extra_arg = 0);
111*ec63e07aSXin Li
112*ec63e07aSXin Li } // namespace sandbox2::util
113*ec63e07aSXin Li
114*ec63e07aSXin Li #endif // SANDBOXED_API_SANDBOX2_UTIL_H_
115