Gitiles
Code Review Sign In
gerrit.omnirom.org / android_build_soong / 876b12ffddf0999d302e678d58c0838d3e02c8d1 / . / cmd / sbox / sbox.go
blob: 3364f503f9f4de0e8a12e224729e885b9483766a [file] [log] [blame]
// Copyright 2017 Google Inc. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package main
import (
"bytes"
"crypto/sha1"
"encoding/hex"
"errors"
"flag"
"fmt"
"io"
"io/ioutil"
"os"
"os/exec"
"path/filepath"
"strconv"
"strings"
"time"
"android/soong/cmd/sbox/sbox_proto"
"android/soong/makedeps"
"android/soong/response"
"google.golang.org/protobuf/encoding/prototext"
)
var (
sandboxesRoot string
outputDir string
manifestFile string
keepOutDir bool
writeIfChanged bool
)
const (
depFilePlaceholder = "__SBOX_DEPFILE__"
sandboxDirPlaceholder = "__SBOX_SANDBOX_DIR__"
)
func init() {
flag.StringVar(&sandboxesRoot, "sandbox-path", "",
"root of temp directory to put the sandbox into")
flag.StringVar(&outputDir, "output-dir", "",
"directory which will contain all output files and only output files")
flag.StringVar(&manifestFile, "manifest", "",
"textproto manifest describing the sandboxed command(s)")
flag.BoolVar(&keepOutDir, "keep-out-dir", false,
"whether to keep the sandbox directory when done")
flag.BoolVar(&writeIfChanged, "write-if-changed", false,
"only write the output files if they have changed")
}
func usageViolation(violation string) {
if violation != "" {
fmt.Fprintf(os.Stderr, "Usage error: %s.\n\n", violation)
}
fmt.Fprintf(os.Stderr,
"Usage: sbox --manifest <manifest> --sandbox-path <sandboxPath>\n")
flag.PrintDefaults()
os.Exit(1)
}
func main() {
flag.Usage = func() {
usageViolation("")
}
flag.Parse()
error := run()
if error != nil {
fmt.Fprintln(os.Stderr, error)
os.Exit(1)
}
}
func findAllFilesUnder(root string) (paths []string) {
paths = []string{}
filepath.Walk(root, func(path string, info os.FileInfo, err error) error {
if !info.IsDir() {
relPath, err := filepath.Rel(root, path)
if err != nil {
// couldn't find relative path from ancestor?
panic(err)
}
paths = append(paths, relPath)
}
return nil
})
return paths
}
func run() error {
if manifestFile == "" {
usageViolation("--manifest <manifest> is required and must be non-empty")
}
if sandboxesRoot == "" {
// In practice, the value of sandboxesRoot will mostly likely be at a fixed location relative to OUT_DIR,
// and the sbox executable will most likely be at a fixed location relative to OUT_DIR too, so
// the value of sandboxesRoot will most likely be at a fixed location relative to the sbox executable
// However, Soong also needs to be able to separately remove the sandbox directory on startup (if it has anything left in it)
// and by passing it as a parameter we don't need to duplicate its value
usageViolation("--sandbox-path <sandboxPath> is required and must be non-empty")
}
manifest, err := readManifest(manifestFile)
if err != nil {
return err
}
if len(manifest.Commands) == 0 {
return fmt.Errorf("at least one commands entry is required in %q", manifestFile)
}
// setup sandbox directory
err = os.MkdirAll(sandboxesRoot, 0777)
if err != nil {
return fmt.Errorf("failed to create %q: %w", sandboxesRoot, err)
}
// This tool assumes that there are no two concurrent runs with the same
// manifestFile. It should therefore be safe to use the hash of the
// manifestFile as the temporary directory name. We do this because it
// makes the temporary directory name deterministic. There are some
// tools that embed the name of the temporary output in the output, and
// they otherwise cause non-determinism, which then poisons actions
// depending on this one.
hash := sha1.New()
hash.Write([]byte(manifestFile))
tempDir := filepath.Join(sandboxesRoot, "sbox", hex.EncodeToString(hash.Sum(nil)))
err = os.RemoveAll(tempDir)
if err != nil {
return err
}
err = os.MkdirAll(tempDir, 0777)
if err != nil {
return fmt.Errorf("failed to create temporary dir in %q: %w", sandboxesRoot, err)
}
// In the common case, the following line of code is what removes the sandbox
// If a fatal error occurs (such as if our Go process is killed unexpectedly),
// then at the beginning of the next build, Soong will wipe the temporary
// directory.
defer func() {
// in some cases we decline to remove the temp dir, to facilitate debugging
if !keepOutDir {
os.RemoveAll(tempDir)
}
}()
// If there is more than one command in the manifest use a separate directory for each one.
useSubDir := len(manifest.Commands) > 1
var commandDepFiles []string
for i, command := range manifest.Commands {
localTempDir := tempDir
if useSubDir {
localTempDir = filepath.Join(localTempDir, strconv.Itoa(i))
}
depFile, err := runCommand(command, localTempDir, i)
if err != nil {
// Running the command failed, keep the temporary output directory around in
// case a user wants to inspect it for debugging purposes. Soong will delete
// it at the beginning of the next build anyway.
keepOutDir = true
return err
}
if depFile != "" {
commandDepFiles = append(commandDepFiles, depFile)
}
}
outputDepFile := manifest.GetOutputDepfile()
if len(commandDepFiles) > 0 && outputDepFile == "" {
return fmt.Errorf("Sandboxed commands used %s but output depfile is not set in manifest file",
depFilePlaceholder)
}
if outputDepFile != "" {
// Merge the depfiles from each command in the manifest to a single output depfile.
err = rewriteDepFiles(commandDepFiles, outputDepFile)
if err != nil {
return fmt.Errorf("failed merging depfiles: %w", err)
}
}
return nil
}
// createCommandScript will create and return an exec.Cmd that runs rawCommand.
//
// rawCommand is executed via a script in the sandbox.
// scriptPath is the temporary where the script is created.
// scriptPathInSandbox is the path to the script in the sbox environment.
//
// returns an exec.Cmd that can be ran from within sbox context if no error, or nil if error.
// caller must ensure script is cleaned up if function succeeds.
func createCommandScript(rawCommand, scriptPath, scriptPathInSandbox string) (*exec.Cmd, error) {
err := os.WriteFile(scriptPath, []byte(rawCommand), 0644)
if err != nil {
return nil, fmt.Errorf("failed to write command %s... to %s",
rawCommand[0:40], scriptPath)
}
return exec.Command("bash", scriptPathInSandbox), nil
}
// readManifest reads an sbox manifest from a textproto file.
func readManifest(file string) (*sbox_proto.Manifest, error) {
manifestData, err := ioutil.ReadFile(file)
if err != nil {
return nil, fmt.Errorf("error reading manifest %q: %w", file, err)
}
manifest := sbox_proto.Manifest{}
err = prototext.Unmarshal(manifestData, &manifest)
if err != nil {
return nil, fmt.Errorf("error parsing manifest %q: %w", file, err)
}
return &manifest, nil
}
// runCommand runs a single command from a manifest. If the command references the
// __SBOX_DEPFILE__ placeholder it returns the name of the depfile that was used.
func runCommand(command *sbox_proto.Command, tempDir string, commandIndex int) (depFile string, err error) {
rawCommand := command.GetCommand()
if rawCommand == "" {
return "", fmt.Errorf("command is required")
}
// Remove files from the output directory
err = clearOutputDirectory(command.CopyAfter, outputDir, writeType(writeIfChanged))
if err != nil {
return "", err
}
pathToTempDirInSbox := tempDir
if command.GetChdir() {
pathToTempDirInSbox = "."
}
err = os.MkdirAll(tempDir, 0777)
if err != nil {
return "", fmt.Errorf("failed to create %q: %w", tempDir, err)
}
// Copy in any files specified by the manifest.
err = copyFiles(command.CopyBefore, "", tempDir, requireFromExists, alwaysWrite)
if err != nil {
return "", err
}
err = copyRspFiles(command.RspFiles, tempDir, pathToTempDirInSbox)
if err != nil {
return "", err
}
if strings.Contains(rawCommand, depFilePlaceholder) {
depFile = filepath.Join(pathToTempDirInSbox, "deps.d")
rawCommand = strings.Replace(rawCommand, depFilePlaceholder, depFile, -1)
}
if strings.Contains(rawCommand, sandboxDirPlaceholder) {
rawCommand = strings.Replace(rawCommand, sandboxDirPlaceholder, pathToTempDirInSbox, -1)
}
// Emulate ninja's behavior of creating the directories for any output files before
// running the command.
err = makeOutputDirs(command.CopyAfter, tempDir)
if err != nil {
return "", err
}
scriptName := fmt.Sprintf("sbox_command.%d.bash", commandIndex)
scriptPath := joinPath(tempDir, scriptName)
scriptPathInSandbox := joinPath(pathToTempDirInSbox, scriptName)
cmd, err := createCommandScript(rawCommand, scriptPath, scriptPathInSandbox)
if err != nil {
return "", err
}
buf := &bytes.Buffer{}
cmd.Stdin = os.Stdin
cmd.Stdout = buf
cmd.Stderr = buf
if command.GetChdir() {
cmd.Dir = tempDir
path := os.Getenv("PATH")
absPath, err := makeAbsPathEnv(path)
if err != nil {
return "", err
}
err = os.Setenv("PATH", absPath)
if err != nil {
return "", fmt.Errorf("Failed to update PATH: %w", err)
}
}
err = cmd.Run()
if err != nil {
// The command failed, do a best effort copy of output files out of the sandbox. This is
// especially useful for linters with baselines that print an error message on failure
// with a command to copy the output lint errors to the new baseline. Use a copy instead of
// a move to leave the sandbox intact for manual inspection
copyFiles(command.CopyAfter, tempDir, "", allowFromNotExists, writeType(writeIfChanged))
}
// If the command was executed but failed with an error, print a debugging message before
// the command's output so it doesn't scroll the real error message off the screen.
if exit, ok := err.(*exec.ExitError); ok && !exit.Success() {
fmt.Fprintf(os.Stderr,
"The failing command was run inside an sbox sandbox in temporary directory\n"+
"%s\n"+
"The failing command line can be found in\n"+
"%s\n",
tempDir, scriptPath)
}
// Write the command's combined stdout/stderr.
os.Stdout.Write(buf.Bytes())
if err != nil {
return "", err
}
err = validateOutputFiles(command.CopyAfter, tempDir, outputDir, rawCommand)
if err != nil {
return "", err
}
// the created files match the declared files; now move them
err = moveFiles(command.CopyAfter, tempDir, "", writeType(writeIfChanged))
if err != nil {
return "", err
}
return depFile, nil
}
// makeOutputDirs creates directories in the sandbox dir for every file that has a rule to be copied
// out of the sandbox. This emulate's Ninja's behavior of creating directories for output files
// so that the tools don't have to.
func makeOutputDirs(copies []*sbox_proto.Copy, sandboxDir string) error {
for _, copyPair := range copies {
dir := joinPath(sandboxDir, filepath.Dir(copyPair.GetFrom()))
err := os.MkdirAll(dir, 0777)
if err != nil {
return err
}
}
return nil
}
// validateOutputFiles verifies that all files that have a rule to be copied out of the sandbox
// were created by the command.
func validateOutputFiles(copies []*sbox_proto.Copy, sandboxDir, outputDir, rawCommand string) error {
var missingOutputErrors []error
var incorrectOutputDirectoryErrors []error
for _, copyPair := range copies {
fromPath := joinPath(sandboxDir, copyPair.GetFrom())
fileInfo, err := os.Stat(fromPath)
if err != nil {
missingOutputErrors = append(missingOutputErrors, fmt.Errorf("%s: does not exist", fromPath))
continue
}
if fileInfo.IsDir() {
missingOutputErrors = append(missingOutputErrors, fmt.Errorf("%s: not a file", fromPath))
}
toPath := copyPair.GetTo()
if rel, err := filepath.Rel(outputDir, toPath); err != nil {
return err
} else if strings.HasPrefix(rel, "../") {
incorrectOutputDirectoryErrors = append(incorrectOutputDirectoryErrors,
fmt.Errorf("%s is not under %s", toPath, outputDir))
}
}
const maxErrors = 25
if len(incorrectOutputDirectoryErrors) > 0 {
errorMessage := ""
more := 0
if len(incorrectOutputDirectoryErrors) > maxErrors {
more = len(incorrectOutputDirectoryErrors) - maxErrors
incorrectOutputDirectoryErrors = incorrectOutputDirectoryErrors[:maxErrors]
}
for _, err := range incorrectOutputDirectoryErrors {
errorMessage += err.Error() + "\n"
}
if more > 0 {
errorMessage += fmt.Sprintf("...%v more", more)
}
return errors.New(errorMessage)
}
if len(missingOutputErrors) > 0 {
// find all created files for making a more informative error message
createdFiles := findAllFilesUnder(sandboxDir)
// build error message
errorMessage := "mismatch between declared and actual outputs\n"
errorMessage += "in sbox command(" + rawCommand + ")\n\n"
errorMessage += "in sandbox " + sandboxDir + ",\n"
errorMessage += fmt.Sprintf("failed to create %v files:\n", len(missingOutputErrors))
for _, missingOutputError := range missingOutputErrors {
errorMessage += " " + missingOutputError.Error() + "\n"
}
if len(createdFiles) < 1 {
errorMessage += "created 0 files."
} else {
errorMessage += fmt.Sprintf("did create %v files:\n", len(createdFiles))
creationMessages := createdFiles
if len(creationMessages) > maxErrors {
creationMessages = creationMessages[:maxErrors]
creationMessages = append(creationMessages, fmt.Sprintf("...%v more", len(createdFiles)-maxErrors))
}
for _, creationMessage := range creationMessages {
errorMessage += " " + creationMessage + "\n"
}
}
return errors.New(errorMessage)
}
return nil
}
type existsType bool
const (
requireFromExists existsType = false
allowFromNotExists = true
)
type writeType bool
const (
alwaysWrite writeType = false
onlyWriteIfChanged = true
)
// copyFiles copies files in or out of the sandbox. If exists is allowFromNotExists then errors
// caused by a from path not existing are ignored. If write is onlyWriteIfChanged then the output
// file is compared to the input file and not written to if it is the same, avoiding updating
// the timestamp.
func copyFiles(copies []*sbox_proto.Copy, fromDir, toDir string, exists existsType, write writeType) error {
for _, copyPair := range copies {
fromPath := joinPath(fromDir, copyPair.GetFrom())
toPath := joinPath(toDir, copyPair.GetTo())
err := copyOneFile(fromPath, toPath, copyPair.GetExecutable(), exists, write)
if err != nil {
return fmt.Errorf("error copying %q to %q: %w", fromPath, toPath, err)
}
}
return nil
}
// copyOneFile copies a file and its permissions. If forceExecutable is true it adds u+x to the
// permissions. If exists is allowFromNotExists it returns nil if the from path doesn't exist.
// If write is onlyWriteIfChanged then the output file is compared to the input file and not written to
// if it is the same, avoiding updating the timestamp.
func copyOneFile(from string, to string, forceExecutable bool, exists existsType,
write writeType) error {
err := os.MkdirAll(filepath.Dir(to), 0777)
if err != nil {
return err
}
stat, err := os.Stat(from)
if err != nil {
if os.IsNotExist(err) && exists == allowFromNotExists {
return nil
}
return err
}
perm := stat.Mode()
if forceExecutable {
perm = perm | 0100 // u+x
}
if write == onlyWriteIfChanged && filesHaveSameContents(from, to) {
return nil
}
in, err := os.Open(from)
if err != nil {
return err
}
defer in.Close()
// Remove the target before copying. In most cases the file won't exist, but if there are
// duplicate copy rules for a file and the source file was read-only the second copy could
// fail.
err = os.Remove(to)
if err != nil && !os.IsNotExist(err) {
return err
}
out, err := os.Create(to)
if err != nil {
return err
}
defer func() {
out.Close()
if err != nil {
os.Remove(to)
}
}()
_, err = io.Copy(out, in)
if err != nil {
return err
}
if err = out.Close(); err != nil {
return err
}
if err = os.Chmod(to, perm); err != nil {
return err
}
return nil
}
// copyRspFiles copies rsp files into the sandbox with path mappings, and also copies the files
// listed into the sandbox.
func copyRspFiles(rspFiles []*sbox_proto.RspFile, toDir, toDirInSandbox string) error {
for _, rspFile := range rspFiles {
err := copyOneRspFile(rspFile, toDir, toDirInSandbox)
if err != nil {
return err
}
}
return nil
}
// copyOneRspFiles copies an rsp file into the sandbox with path mappings, and also copies the files
// listed into the sandbox.
func copyOneRspFile(rspFile *sbox_proto.RspFile, toDir, toDirInSandbox string) error {
in, err := os.Open(rspFile.GetFile())
if err != nil {
return err
}
defer in.Close()
files, err := response.ReadRspFile(in)
if err != nil {
return err
}
for i, from := range files {
// Convert the real path of the input file into the path inside the sandbox using the
// path mappings.
to := applyPathMappings(rspFile.PathMappings, from)
// Copy the file into the sandbox.
err := copyOneFile(from, joinPath(toDir, to), false, requireFromExists, alwaysWrite)
if err != nil {
return err
}
// Rewrite the name in the list of files to be relative to the sandbox directory.
files[i] = joinPath(toDirInSandbox, to)
}
// Convert the real path of the rsp file into the path inside the sandbox using the path
// mappings.
outRspFile := joinPath(toDir, applyPathMappings(rspFile.PathMappings, rspFile.GetFile()))
err = os.MkdirAll(filepath.Dir(outRspFile), 0777)
if err != nil {
return err
}
out, err := os.Create(outRspFile)
if err != nil {
return err
}
defer out.Close()
// Write the rsp file with converted paths into the sandbox.
err = response.WriteRspFile(out, files)
if err != nil {
return err
}
return nil
}
// applyPathMappings takes a list of path mappings and a path, and returns the path with the first
// matching path mapping applied. If the path does not match any of the path mappings then it is
// returned unmodified.
func applyPathMappings(pathMappings []*sbox_proto.PathMapping, path string) string {
for _, mapping := range pathMappings {
if strings.HasPrefix(path, mapping.GetFrom()+"/") {
return joinPath(mapping.GetTo()+"/", strings.TrimPrefix(path, mapping.GetFrom()+"/"))
}
}
return path
}
// moveFiles moves files specified by a set of copy rules. It uses os.Rename, so it is restricted
// to moving files where the source and destination are in the same filesystem. This is OK for
// sbox because the temporary directory is inside the out directory. If write is onlyWriteIfChanged
// then the output file is compared to the input file and not written to if it is the same, avoiding
// updating the timestamp. Otherwise it always updates the timestamp of the new file.
func moveFiles(copies []*sbox_proto.Copy, fromDir, toDir string, write writeType) error {
for _, copyPair := range copies {
fromPath := joinPath(fromDir, copyPair.GetFrom())
toPath := joinPath(toDir, copyPair.GetTo())
err := os.MkdirAll(filepath.Dir(toPath), 0777)
if err != nil {
return err
}
if write == onlyWriteIfChanged && filesHaveSameContents(fromPath, toPath) {
continue
}
err = os.Rename(fromPath, toPath)
if err != nil {
return err
}
// Update the timestamp of the output file in case the tool wrote an old timestamp (for example, tar can extract
// files with old timestamps).
now := time.Now()
err = os.Chtimes(toPath, now, now)
if err != nil {
return err
}
}
return nil
}
// clearOutputDirectory removes all files in the output directory if write is alwaysWrite, or
// any files not listed in copies if write is onlyWriteIfChanged
func clearOutputDirectory(copies []*sbox_proto.Copy, outputDir string, write writeType) error {
if outputDir == "" {
return fmt.Errorf("output directory must be set")
}
if write == alwaysWrite {
// When writing all the output files remove the whole output directory
return os.RemoveAll(outputDir)
}
outputFiles := make(map[string]bool, len(copies))
for _, copyPair := range copies {
outputFiles[copyPair.GetTo()] = true
}
existingFiles := findAllFilesUnder(outputDir)
for _, existingFile := range existingFiles {
fullExistingFile := filepath.Join(outputDir, existingFile)
if !outputFiles[fullExistingFile] {
err := os.Remove(fullExistingFile)
if err != nil {
return fmt.Errorf("failed to remove obsolete output file %s: %w", fullExistingFile, err)
}
}
}
return nil
}
// Rewrite one or more depfiles so that it doesn't include the (randomized) sandbox directory
// to an output file.
func rewriteDepFiles(ins []string, out string) error {
var mergedDeps []string
for _, in := range ins {
data, err := ioutil.ReadFile(in)
if err != nil {
return err
}
deps, err := makedeps.Parse(in, bytes.NewBuffer(data))
if err != nil {
return err
}
mergedDeps = append(mergedDeps, deps.Inputs...)
}
deps := makedeps.Deps{
// Ninja doesn't care what the output file is, so we can use any string here.
Output: "outputfile",
Inputs: mergedDeps,
}
// Make the directory for the output depfile in case it is in a different directory
// than any of the output files.
outDir := filepath.Dir(out)
err := os.MkdirAll(outDir, 0777)
if err != nil {
return fmt.Errorf("failed to create %q: %w", outDir, err)
}
return ioutil.WriteFile(out, deps.Print(), 0666)
}
// joinPath wraps filepath.Join but returns file without appending to dir if file is
// absolute.
func joinPath(dir, file string) string {
if filepath.IsAbs(file) {
return file
}
return filepath.Join(dir, file)
}
// filesHaveSameContents compares the contents if two files, returning true if they are the same
// and returning false if they are different or any errors occur.
func filesHaveSameContents(a, b string) bool {
// Compare the sizes of the two files
statA, err := os.Stat(a)
if err != nil {
return false
}
statB, err := os.Stat(b)
if err != nil {
return false
}
if statA.Size() != statB.Size() {
return false
}
// Open the two files
fileA, err := os.Open(a)
if err != nil {
return false
}
defer fileA.Close()
fileB, err := os.Open(b)
if err != nil {
return false
}
defer fileB.Close()
// Compare the files 1MB at a time
const bufSize = 1 * 1024 * 1024
bufA := make([]byte, bufSize)
bufB := make([]byte, bufSize)
remain := statA.Size()
for remain > 0 {
toRead := int64(bufSize)
if toRead > remain {
toRead = remain
}
_, err = io.ReadFull(fileA, bufA[:toRead])
if err != nil {
return false
}
_, err = io.ReadFull(fileB, bufB[:toRead])
if err != nil {
return false
}
if bytes.Compare(bufA[:toRead], bufB[:toRead]) != 0 {
return false
}
remain -= toRead
}
return true
}
func makeAbsPathEnv(pathEnv string) (string, error) {
pathEnvElements := filepath.SplitList(pathEnv)
for i, p := range pathEnvElements {
if !filepath.IsAbs(p) {
absPath, err := filepath.Abs(p)
if err != nil {
return "", fmt.Errorf("failed to make PATH entry %q absolute: %w", p, err)
}
pathEnvElements[i] = absPath
}
}
return strings.Join(pathEnvElements, string(filepath.ListSeparator)), nil
}