work

Author: MikailBag

minion-ffi/src/lib.rs

@@ -5,6 +5,7 @@ use std::{
     ffi::{CStr, OsString},
     mem::{self},
     os::raw::c_char,
+    sync::Arc,
 };
 
 #[repr(i32)]
@@ -119,7 +120,7 @@ pub struct SandboxOptions {
 }
 
 #[derive(Clone)]
-pub struct Sandbox(Box<dyn minion::erased::Sandbox>);
+pub struct Sandbox(Arc<dyn minion::erased::Sandbox>);
 
 /// # Safety
 /// `out` must be valid

src/command.rs

@@ -2,12 +2,13 @@ use crate::{erased, InputSpecification, OutputSpecification, StdioSpecification}
 use std::{
     ffi::{OsStr, OsString},
     path::{Path, PathBuf},
+    sync::Arc,
 };
 
 /// Child process builder
 #[derive(Default, Debug)]
 pub struct Command {
-    sandbox: Option<Box<dyn erased::Sandbox>>,
+    sandbox: Option<Arc<dyn erased::Sandbox>>,
     exe: Option<PathBuf>,
     argv: Vec<OsString>,
     env: Vec<OsString>,
@@ -56,7 +57,7 @@ impl Command {
         backend.spawn(options)
     }
 
-    pub fn sandbox(&mut self, sandbox: Box<dyn erased::Sandbox>) -> &mut Self {
+    pub fn sandbox(&mut self, sandbox: Arc<dyn erased::Sandbox>) -> &mut Self {
         self.sandbox.replace(sandbox);
         self
     }

src/erased.rs

@@ -3,28 +3,20 @@
 //!
 //! Please note that this API is not type-safe. For example, if you pass
 //! `Sandbox` instance to another backend, it will panic.
+use std::{any::Any, sync::Arc};
 
 /// Type-erased `Sandbox`
 pub trait Sandbox: std::fmt::Debug {
-    fn id(&self) -> String;
+    fn id(&self) -> &str;
     fn check_cpu_tle(&self) -> anyhow::Result<bool>;
     fn check_real_tle(&self) -> anyhow::Result<bool>;
     fn kill(&self) -> anyhow::Result<()>;
     fn resource_usage(&self) -> anyhow::Result<crate::ResourceUsageData>;
-    #[doc(hidden)]
-    fn clone_to_box(&self) -> Box<dyn Sandbox>;
-    #[doc(hidden)]
-    fn clone_into_box_any(&self) -> Box<dyn std::any::Any>;
-}
-
-impl Clone for Box<dyn Sandbox> {
-    fn clone(&self) -> Self {
-        self.clone_to_box()
-    }
+    fn into_arc_any(self: Arc<Self>) -> Arc<dyn Any + Send + Sync + 'static>;
 }
 
 impl<S: crate::Sandbox> Sandbox for S {
-    fn id(&self) -> String {
+    fn id(&self) -> &str {
         self.id()
     }
     fn check_cpu_tle(&self) -> anyhow::Result<bool> {
@@ -39,12 +31,8 @@ impl<S: crate::Sandbox> Sandbox for S {
     fn resource_usage(&self) -> anyhow::Result<crate::ResourceUsageData> {
         self.resource_usage().map_err(Into::into)
     }
-    fn clone_to_box(&self) -> Box<dyn Sandbox> {
-        Box::new(self.clone())
-    }
-
-    fn clone_into_box_any(&self) -> Box<dyn std::any::Any> {
-        Box::new(self.clone())
+    fn into_arc_any(self: Arc<Self>) -> Arc<dyn Any + Send + Sync + 'static> {
+        self
     }
 }
 
@@ -96,36 +84,33 @@ impl<C: crate::ChildProcess> ChildProcess for C {
 
 /// Type-erased `Backend`
 pub trait Backend {
-    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Box<dyn Sandbox>>;
+    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Arc<dyn Sandbox>>;
     fn spawn(&self, options: ChildProcessOptions) -> anyhow::Result<Box<dyn ChildProcess>>;
 }
 
 impl<B: crate::Backend> Backend for B {
-    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Box<dyn Sandbox>> {
+    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Arc<dyn Sandbox>> {
         let sb = <Self as crate::Backend>::new_sandbox(&self, options)?;
-        Ok(Box::new(sb))
+        Ok(Arc::new(sb))
     }
 
     fn spawn(&self, options: ChildProcessOptions) -> anyhow::Result<Box<dyn ChildProcess>> {
-        let down_sandbox = options
-            .sandbox
-            .clone_into_box_any()
-            .downcast()
-            .expect("sandbox type mismatch");
+        let any_sandbox = options.sandbox.clone().into_arc_any();
+        let down_sandbox = any_sandbox.downcast().expect("sandbox type mismatch");
         let down_options = crate::ChildProcessOptions {
             arguments: options.arguments,
             environment: options.environment,
             path: options.path,
             pwd: options.pwd,
             stdio: options.stdio,
-            sandbox: *down_sandbox,
+            sandbox: down_sandbox,
         };
         let cp = <Self as crate::Backend>::spawn(&self, down_options)?;
         Ok(Box::new(cp))
     }
 }
 
-pub type ChildProcessOptions = crate::ChildProcessOptions<Box<dyn Sandbox>>;
+pub type ChildProcessOptions = crate::ChildProcessOptions<dyn Sandbox>;
 
 /// Returns backend instance
 pub fn setup() -> anyhow::Result<Box<dyn Backend>> {

src/lib.rs

@@ -17,6 +17,8 @@ pub mod windows;
 
 pub mod erased;
 
+mod util;
+
 use serde::{Deserialize, Serialize};
 
 #[cfg(target_os = "linux")]
@@ -27,6 +29,7 @@ use std::{
     fmt::Debug,
     io::{Read, Write},
     time::Duration,
+    sync::Arc,
 };
 
 /// This functions checks for system configurations issues.
@@ -123,9 +126,9 @@ impl SandboxOptions {
 }
 
 /// Represents highly-isolated sandbox
-pub trait Sandbox: Clone + Debug + 'static {
+pub trait Sandbox: Send + Sync + Debug + 'static {
     type Error: StdError + Send + Sync + 'static;
-    fn id(&self) -> String;
+    fn id(&self) -> &str;
 
     /// Returns true if sandbox exceeded CPU time limit
     fn check_cpu_tle(&self) -> Result<bool, Self::Error>;
@@ -255,11 +258,11 @@ pub struct StdioSpecification {
 /// This type should only be used by Backend implementations
 /// Use `Command` instead
 #[derive(Debug, Clone)]
-pub struct ChildProcessOptions<Sandbox> {
+pub struct ChildProcessOptions<Sandbox: ?Sized> {
     pub path: PathBuf,
     pub arguments: Vec<OsString>,
     pub environment: Vec<OsString>,
-    pub sandbox: Sandbox,
+    pub sandbox: Arc<Sandbox>,
     pub stdio: StdioSpecification,
     /// Child's working dir. Relative to `sandbox` isolation_root
     pub pwd: PathBuf,

src/linux/jail_common.rs

@@ -2,7 +2,6 @@ use crate::{
     linux::util::{Fd, Pid},
     SharedDir,
 };
-use rand::seq::SliceRandom;
 use serde::{Deserialize, Serialize};
 use std::{ffi::OsString, path::PathBuf, time::Duration};
 use tiny_nix_ipc::Socket;
@@ -23,18 +22,6 @@ pub(crate) struct JailOptions {
     pub(crate) allow_mount_ns_failure: bool,
 }
 
-const ID_CHARS: &[u8] = b"qwertyuiopasdfghjklzxcvbnm1234567890";
-const ID_SIZE: usize = 8;
-
-pub(crate) fn gen_jail_id() -> String {
-    let mut gen = rand::thread_rng();
-    let mut out = Vec::new();
-    for _i in 0..ID_SIZE {
-        let ch = *(ID_CHARS.choose(&mut gen).unwrap());
-        out.push(ch);
-    }
-    String::from_utf8_lossy(&out[..]).to_string()
-}
 
 #[derive(Serialize, Deserialize, Clone, Debug)]
 pub(crate) struct JobQuery {

src/linux/sandbox.rs

@@ -50,11 +50,9 @@ impl SandboxState {
     }
 }
 
-#[derive(Clone)]
-pub struct LinuxSandbox(Arc<LinuxSandboxInner>);
 
 #[repr(C)]
-struct LinuxSandboxInner {
+pub struct LinuxSandbox {
     id: String,
     options: SandboxOptions,
     zygote_sock: Mutex<Socket>,
@@ -93,7 +91,7 @@ impl Sandbox for LinuxSandbox {
     type Error = Error;
 
     fn id(&self) -> String {
-        self.0.id.clone()
+        self.0.id
     }
 
     fn check_cpu_tle(&self) -> Result<bool, Error> {
@@ -133,7 +131,7 @@ impl LinuxSandbox {
     fn poll_state(&self) -> Result<(), Error> {
         for _ in 0..5 {
             let mut buf = [0; 4];
-            let num_read = nix::unistd::read(self.0.watchdog_chan, &mut buf).or_else(|err| {
+            let num_read = nix::unistd::read(self.watchdog_chan, &mut buf).or_else(|err| {
                 if let Some(errno) = err.as_errno() {
                     if errno as i32 == libc::EAGAIN {
                         return Ok(0);

src/util.rs

@@ -0,0 +1,14 @@
+use rand::seq::SliceRandom;
+
+const ID_CHARS: &[u8] = b"qwertyuiopasdfghjklzxcvbnm1234567890";
+const ID_SIZE: usize = 8;
+
+pub(crate) fn gen_jail_id() -> String {
+    let mut gen = rand::thread_rng();
+    let mut out = Vec::new();
+    for _i in 0..ID_SIZE {
+        let ch = *(ID_CHARS.choose(&mut gen).unwrap());
+        out.push(ch);
+    }
+    String::from_utf8_lossy(&out[..]).to_string()
+}

src/windows/sandbox.rs

@@ -1,10 +1,13 @@
+use std::ffi::OsString;
+use std::os::windows::ffi::OsStrExt;
+
 use crate::{
     windows::{Cvt, Error},
     ResourceUsageData,
 };
 
 use winapi::um::{
-    jobapi2::{QueryInformationJobObject, TerminateJobObject},
+    jobapi2::{CreateJobObjectW, QueryInformationJobObject, TerminateJobObject},
     winnt::{
         JobObjectBasicAccountingInformation, JobObjectExtendedLimitInformation,
         JobObjectLimitViolationInformation, HANDLE, JOBOBJECT_BASIC_ACCOUNTING_INFORMATION,
@@ -13,21 +16,31 @@ use winapi::um::{
     },
 };
 
-#[derive(Debug, Clone)]
+#[derive(Debug)]
 pub struct WindowsSandbox {
     job: HANDLE,
+    id: String,
 }
 
+unsafe impl Send for WindowsSandbox {}
+unsafe impl Sync for WindowsSandbox {}
+
 impl WindowsSandbox {
     pub(in crate::windows) fn create() -> Result<Self, Error> {
-        todo!()
+        let id = crate::util::gen_jail_id();
+        let name: OsString = format!("minion-sandbox-{}", id).into();
+        let wide_name: Vec<u16> = name.encode_wide().collect();
+        let job = unsafe {
+            Cvt::nonzero(CreateJobObjectW(std::ptr::null_mut(), wide_name.as_ptr()) as i32)? as HANDLE
+        };
+        Ok(Self { job, id })
     }
 }
 
 impl crate::Sandbox for WindowsSandbox {
     type Error = Error;
 
-    fn id(&self) -> String {
+    fn id(&self) -> &str {
         todo!()
     }