Build the forkserver in sandboxed-api am: d7972be9d3

Original change: https://android-review.googlesource.com/c/platform/external/sandboxed-api/+/2833670

Change-Id: Ic389b18d38c77ccea68cff3db7572df310f24328
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

6 files changed, 130 insertions, 31 deletions

diff --git a/Android.bp b/Android.bp
index f2d96db..ad5423c 100644
--- a/Android.bp
+++ b/Android.bp
@@ -16,9 +16,7 @@
 // Usage is only approved for sandboxing host-side Cuttlefish tools to run them
 // in Google's internal production environment.
 package {
-    default_visibility: [
-        "//device/google/cuttlefish:__subpackages__",
-    ]
+    default_visibility: [":__subpackages__"]
 }
 
 cc_defaults {
@@ -36,6 +34,7 @@ cc_library {
         "sandboxed_api/sandbox2/logserver.proto",
         "sandboxed_api/sandbox2/mount_tree.proto",
         "sandboxed_api/sandbox2/violation.proto",
+        "sandboxed_api/sandbox2/unwind/unwind.proto",
         "sandboxed_api/util/status.proto",
     ],
     proto: {
@@ -46,22 +45,66 @@ cc_library {
     defaults: ["sandboxed_api_defaults"],
 }
 
+cc_defaults {
+    name: "sandboxed_api_cc_defaults",
+    static_libs: [
+        "libabsl_host",
+        "libcap",
+        "libprotobuf-cpp-full",
+        "sandboxed_api_proto",
+    ],
+    arch: {
+        x86: {
+            enabled: false,
+        },
+    },
+    target: {
+        linux_glibc: {
+            cflags: [
+                "-include android/sandboxed_api_glibc_compat.h",
+            ],
+            include_dirs: [
+                "bionic/libc/kernel/android/uapi",
+                "bionic/libc/kernel/uapi",
+            ],
+        },
+        linux_musl: {
+            cflags: [
+                "-include android/sandboxed_api_musl_compat.h",
+            ],
+        },
+    },
+    cflags: [
+        "-Wno-unused-parameter",
+        "-fbracket-depth=768", // for syscall_defs.cc
+    ],
+    defaults: ["sandboxed_api_defaults"],
+}
+
+
 cc_library {
-    name: "sandboxed_api",
+    name: "sandboxed_api_shared_with_forkserver",
     srcs: [
+        "android/unwind.cc",
         "sandboxed_api/config.cc",
         "sandboxed_api/sandbox2/bpfdisassembler.cc",
         "sandboxed_api/sandbox2/buffer.cc",
+        "sandboxed_api/sandbox2/client.cc",
         "sandboxed_api/sandbox2/comms.cc",
+        "sandboxed_api/sandbox2/forkserver.cc",
         "sandboxed_api/sandbox2/ipc.cc",
         "sandboxed_api/sandbox2/logserver.cc",
         "sandboxed_api/sandbox2/logsink.cc",
         "sandboxed_api/sandbox2/mounts.cc",
         "sandboxed_api/sandbox2/namespace.cc",
+        "sandboxed_api/sandbox2/network_proxy/client.cc",
         "sandboxed_api/sandbox2/regs.cc",
         "sandboxed_api/sandbox2/result.cc",
+        "sandboxed_api/sandbox2/sanitizer.cc",
         "sandboxed_api/sandbox2/syscall.cc",
         "sandboxed_api/sandbox2/syscall_defs.cc",
+        "sandboxed_api/sandbox2/unwind/ptrace_hook.cc",
+        "sandboxed_api/sandbox2/unwind/unwind.cc",
         "sandboxed_api/sandbox2/util.cc",
         "sandboxed_api/sandbox2/util/bpf_helper.c",
         "sandboxed_api/sandbox2/util/maps_parser.cc",
@@ -75,32 +118,17 @@ cc_library {
         "sandboxed_api/util/strerror.cc",
         "sandboxed_api/util/temp_file.cc",
     ],
-    static_libs: [
-        "libabsl_host",
-        "sandboxed_api_proto",
-        "libprotobuf-cpp-full",
+    defaults: ["sandboxed_api_cc_defaults"],
+}
+
+cc_binary {
+    name: "sandboxed_api_forkserver",
+    srcs: [
+        "sandboxed_api/sandbox2/forkserver_bin.cc",
     ],
-    arch: {
-        x86: {
-            enabled: false,
-        },
-    },
-    target: {
-        linux_glibc: {
-            enabled: false,
-            cflags: [
-                // Typo in old glibc
-                "-DPTRACE_EVENT_SECCOMP=PTRAVE_EVENT_SECCOMP",
-            ],
-        },
-        linux_musl: {
-            enabled: true,
-        },
-    },
-    cflags: [
-        "-Wno-unused-parameter",
-        "-fbracket-depth=768", // for syscall_defs.cc
+    static_libs: [
+        "sandboxed_api_shared_with_forkserver",
     ],
-    defaults: ["sandboxed_api_defaults"],
+    defaults: ["sandboxed_api_cc_defaults"],
 }
 
diff --git a/android/sandboxed_api_glibc_compat.h b/android/sandboxed_api_glibc_compat.h
new file mode 100644
index 0000000..5765cf0
--- /dev/null
+++ b/android/sandboxed_api_glibc_compat.h
@@ -0,0 +1,19 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+#pragma once
+
+// Typo in old glibc
+#define PTRACE_EVENT_SECCOMP PTRAVE_EVENT_SECCOMP
+
diff --git a/android/sandboxed_api_musl_compat.h b/android/sandboxed_api_musl_compat.h
new file mode 100644
index 0000000..370a57c
--- /dev/null
+++ b/android/sandboxed_api_musl_compat.h
@@ -0,0 +1,17 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+#pragma once
+
+typedef int __ptrace_request;
diff --git a/android/unwind.cc b/android/unwind.cc
new file mode 100644
index 0000000..dc97c9a
--- /dev/null
+++ b/android/unwind.cc
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <sys/types.h>
+
+#include <string>
+#include <vector>
+
+#include "absl/status/status.h"
+#include "absl/status/statusor.h"
+
+namespace sandbox2 {
+
+absl::StatusOr<std::vector<std::string>> RunLibUnwindAndSymbolizer(pid_t, int) {
+  return absl::UnimplementedError("libunwind not available in android");
+}
+
+}
diff --git a/sandboxed_api/sandbox2/forkserver.cc b/sandboxed_api/sandbox2/forkserver.cc
index 47ff877..1106e02 100644
--- a/sandboxed_api/sandbox2/forkserver.cc
+++ b/sandboxed_api/sandbox2/forkserver.cc
@@ -50,7 +50,7 @@
 #include "absl/strings/str_join.h"
 #include "absl/strings/str_split.h"
 #include "absl/strings/string_view.h"
-#include "libcap/include/sys/capability.h"
+#include "sys/capability.h" // AOSP: match libcap exported includes
 #include "sandboxed_api/sandbox2/client.h"
 #include "sandboxed_api/sandbox2/comms.h"
 #include "sandboxed_api/sandbox2/fork_client.h"
diff --git a/sandboxed_api/sandbox2/unwind/unwind.cc b/sandboxed_api/sandbox2/unwind/unwind.cc
index 19e572c..01b4e44 100644
--- a/sandboxed_api/sandbox2/unwind/unwind.cc
+++ b/sandboxed_api/sandbox2/unwind/unwind.cc
@@ -33,7 +33,7 @@
 #include "absl/strings/match.h"
 #include "absl/strings/str_cat.h"
 #include "absl/strings/string_view.h"
-#include "libunwind-ptrace.h"
+//#include "libunwind-ptrace.h" Android: libunwind was removed in aosp/1670175
 #include "sandboxed_api/config.h"
 #include "sandboxed_api/sandbox2/comms.h"
 #include "sandboxed_api/sandbox2/unwind/ptrace_hook.h"
@@ -87,6 +87,7 @@ absl::StatusOr<std::vector<uintptr_t>> UnwindUsingFramePointer(pid_t pid,
   return ips;
 }
 
+#if 0 // Android: libunwind is not available
 absl::StatusOr<std::vector<uintptr_t>> RunLibUnwind(pid_t pid, int max_frames) {
   static unw_addr_space_t as =
       unw_create_addr_space(&_UPT_accessors, 0 /* byte order */);
@@ -152,6 +153,7 @@ absl::StatusOr<std::vector<uintptr_t>> RunLibUnwind(pid_t pid, int max_frames) {
   }
   return ips;
 }
+#endif
 
 absl::StatusOr<std::vector<std::string>> SymbolizeStacktrace(
     pid_t pid, const std::vector<uintptr_t>& ips) {
@@ -288,11 +290,13 @@ bool RunLibUnwindAndSymbolizer(Comms* comms) {
   return comms->SendProtoBuf(msg);
 }
 
+#if 0
 absl::StatusOr<std::vector<std::string>> RunLibUnwindAndSymbolizer(
     pid_t pid, int max_frames) {
   SAPI_ASSIGN_OR_RETURN(std::vector<uintptr_t> ips,
                         RunLibUnwind(pid, max_frames));
   return SymbolizeStacktrace(pid, ips);
 }
+#endif
 
 }  // namespace sandbox2