/// <nodoc />
public OptionsBuilder(Options opts)
{
Verbose = opts.Verbose;
LogToStdOut = opts.LogToStdOut;
ReportQueueSizeMB = opts.ReportQueueSizeMB;
EnableReportBatching = opts.EnableReportBatching;
EnableTelemetry = opts.EnableTelemetry;
ProcessTimeout = opts.ProcessTimeout;
TrackDirectoryCreation = opts.TrackDirectoryCreation;
SandboxKindUsed = opts.SandboxKindUsed;
}
/// <nodoc />
public Options(bool verbose, bool logToStdOut, uint reportQueueSizeMB, bool enableTelemetry, int processTimeout, bool trackDirectoryCreation, bool enableReportBatching, SandboxKind sandboxKind)
{
Verbose = verbose;
LogToStdOut = logToStdOut;
ReportQueueSizeMB = reportQueueSizeMB;
EnableReportBatching = enableReportBatching;
EnableTelemetry = enableTelemetry;
ProcessTimeout = processTimeout;
TrackDirectoryCreation = trackDirectoryCreation;
SandboxKindUsed = sandboxKind;
}
static private Sandbox.Configuration ConfigurationForSandboxKind(SandboxKind kind)
{
switch (kind)
{
case SandboxKind.MacOsEndpointSecurity:
return(Sandbox.Configuration.EndpointSecuritySandboxType);
case SandboxKind.MacOsDetours:
return(Sandbox.Configuration.DetoursSandboxType);
case SandboxKind.MacOsHybrid:
return(Sandbox.Configuration.HybridSandboxType);
case SandboxKind.MacOsKext:
return(Sandbox.Configuration.KextType);
default:
throw new BuildXLException($"Could not find mapping for sandbox configration with sandbox kind: {kind}", ExceptionRootCause.FailFast);
}
}
/// <nodoc />
public static SandboxedProcessInfo Deserialize(Stream stream, LoggingContext loggingContext, IDetoursEventListener detoursEventListener)
{
using (var reader = new BuildXLReader(false, stream, true))
{
string arguments = reader.ReadNullableString();
string commandLine = reader.ReadNullableString();
bool disableConHostSharing = reader.ReadBoolean();
string fileName = reader.ReadNullableString();
Encoding standardInputEncoding = reader.ReadNullable(r => r.ReadEncoding());
Encoding standardOutputEncoding = reader.ReadNullable(r => r.ReadEncoding());
Encoding standardErrorEncoding = reader.ReadNullable(r => r.ReadEncoding());
string workingDirectory = reader.ReadNullableString();
IBuildParameters buildParameters = null;
var envVars = reader.ReadNullable(r => r.ReadReadOnlyList(r2 => new KeyValuePair <string, string>(r2.ReadString(), r2.ReadString())));
if (envVars != null)
{
buildParameters = BuildParameters.GetFactory().PopulateFromDictionary(envVars.ToDictionary(kvp => kvp.Key, kvp => kvp.Value));
}
string[] allowedSurvivingChildNames = reader.ReadNullable(r => r.ReadReadOnlyList(r2 => r2.ReadString()))?.ToArray();
int maxLengthInMemory = reader.ReadInt32();
TimeSpan? timeout = reader.ReadNullableStruct(r => r.ReadTimeSpan());
TimeSpan nestedProcessTerminationTimeout = reader.ReadTimeSpan();
long pipSemiStableHash = reader.ReadInt64();
string timeoutDumpDirectory = reader.ReadNullableString();
SandboxKind sandboxKind = (SandboxKind)reader.ReadByte();
string pipDescription = reader.ReadNullableString();
SandboxedProcessStandardFiles sandboxedProcessStandardFiles = SandboxedProcessStandardFiles.Deserialize(reader);
StandardInputInfo standardInputSourceInfo = reader.ReadNullable(r => StandardInputInfo.Deserialize(r));
SandboxObserverDescriptor standardObserverDescriptor = reader.ReadNullable(r => SandboxObserverDescriptor.Deserialize(r));
FileAccessManifest fam = reader.ReadNullable(r => FileAccessManifest.Deserialize(stream));
return(new SandboxedProcessInfo(
new PathTable(),
new StandardFileStorage(sandboxedProcessStandardFiles),
fileName,
fam,
disableConHostSharing,
// TODO: serialize/deserialize container configuration.
containerConfiguration: ContainerConfiguration.DisabledIsolation,
loggingContext: loggingContext,
detoursEventListener: detoursEventListener)
{
m_arguments = arguments,
m_commandLine = commandLine,
StandardInputEncoding = standardInputEncoding,
StandardOutputEncoding = standardOutputEncoding,
StandardErrorEncoding = standardErrorEncoding,
WorkingDirectory = workingDirectory,
EnvironmentVariables = buildParameters,
AllowedSurvivingChildProcessNames = allowedSurvivingChildNames,
MaxLengthInMemory = maxLengthInMemory,
Timeout = timeout,
NestedProcessTerminationTimeout = nestedProcessTerminationTimeout,
PipSemiStableHash = pipSemiStableHash,
TimeoutDumpDirectory = timeoutDumpDirectory,
SandboxKind = sandboxKind,
PipDescription = pipDescription,
SandboxedProcessStandardFiles = sandboxedProcessStandardFiles,
StandardInputSourceInfo = standardInputSourceInfo,
StandardObserverDescriptor = standardObserverDescriptor
});
}
}
/// <summary>
/// Initializes the ES sandbox
/// </summary>
public SandboxConnection(SandboxKind kind, bool isInTestMode = false, bool measureCpuTimes = false)
{
Kind = kind;
m_reportQueueLastEnqueueTime = 0;
m_sandboxConnectionInfo = new Sandbox.SandboxConnectionInfo()
{
Config = ConfigurationForSandboxKind(kind),
Error = Sandbox.SandboxSuccess
};
MeasureCpuTimes = measureCpuTimes;
IsInTestMode = isInTestMode;
var process = System.Diagnostics.Process.GetCurrentProcess();
Sandbox.InitializeSandbox(ref m_sandboxConnectionInfo, process.Id);
if (m_sandboxConnectionInfo.Error != Sandbox.SandboxSuccess)
{
throw new BuildXLException($@"Unable to initialize generic sandbox, please check the sources for error code: {m_sandboxConnectionInfo.Error})");
}
#if DEBUG
ProcessUtilities.SetNativeConfiguration(true);
#else
ProcessUtilities.SetNativeConfiguration(false);
#endif
m_AccessReportCallback = (Sandbox.AccessReport report, int code) =>
{
if (code != Sandbox.ReportQueueSuccessCode)
{
var message = "Sandbox event delivery failed with error: " + code;
throw new BuildXLException(message, ExceptionRootCause.MissingRuntimeDependency);
}
// Stamp the access report with a dequeue timestamp
report.Statistics.DequeueTime = Sandbox.GetMachAbsoluteTime();
// Update last received timestamp
Volatile.Write(ref m_lastReportReceivedTimestampTicks, DateTime.UtcNow.Ticks);
// Remember the latest enqueue time
Volatile.Write(ref m_reportQueueLastEnqueueTime, report.Statistics.EnqueueTime);
// The only way it can happen that no process is found for 'report.PipId' is when that pip is
// explicitly terminated (e.g., because it timed out or Ctrl-c was pressed)
if (m_pipProcesses.TryGetValue(report.PipId, out var process))
{
// if the process is found, its ProcessId must match the RootPid of the report.
if (process.ProcessId != report.RootPid)
{
throw new BuildXLException("The process id from the lookup did not match the file access report process id", ExceptionRootCause.FailFast);
}
else
{
process.PostAccessReport(report);
}
}
};
Sandbox.ObserverFileAccessReports(ref m_sandboxConnectionInfo, m_AccessReportCallback, Marshal.SizeOf <Sandbox.AccessReport>());
}