diff options
author | 2016-09-20 13:21:51 +0000 | |
---|---|---|
committer | 2016-09-21 07:04:19 +0000 | |
commit | 4795564177d5fe62a10bf69acbd6a4f925a0022e (patch) | |
tree | 60caf61c7d21c77f60de02df9b532782ad3572b3 /src/main | |
parent | 9daa5d788ba8435a8547c640ef0999070926e93a (diff) |
Add flag --nosandbox/--no_sandbox/--no-sandbox to disable sandbox.
--
MOS_MIGRATED_REVID=133697962
Diffstat (limited to 'src/main')
6 files changed, 68 insertions, 39 deletions
diff --git a/src/main/java/com/google/devtools/build/lib/actions/BaseSpawn.java b/src/main/java/com/google/devtools/build/lib/actions/BaseSpawn.java index 697645d730..dd2d5de509 100644 --- a/src/main/java/com/google/devtools/build/lib/actions/BaseSpawn.java +++ b/src/main/java/com/google/devtools/build/lib/actions/BaseSpawn.java @@ -31,9 +31,7 @@ import java.util.Map; import java.util.Set; import javax.annotation.concurrent.Immutable; -/** - * Base implementation of a Spawn. - */ +/** Base implementation of a Spawn. */ @Immutable public class BaseSpawn implements Spawn { private final ImmutableList<String> arguments; @@ -72,12 +70,13 @@ public class BaseSpawn implements Spawn { * Returns a new Spawn. The caller must not modify the parameters after the call; neither will * this method. */ - public BaseSpawn(List<String> arguments, - Map<String, String> environment, - Map<String, String> executionInfo, - RunfilesSupplier runfilesSupplier, - ActionExecutionMetadata action, - ResourceSet localResources) { + public BaseSpawn( + List<String> arguments, + Map<String, String> environment, + Map<String, String> executionInfo, + RunfilesSupplier runfilesSupplier, + ActionExecutionMetadata action, + ResourceSet localResources) { this( arguments, environment, @@ -93,7 +92,8 @@ public class BaseSpawn implements Spawn { * Returns a new Spawn. The caller must not modify the parameters after the call; neither will * this method. */ - public BaseSpawn(List<String> arguments, + public BaseSpawn( + List<String> arguments, Map<String, String> environment, Map<String, String> executionInfo, Map<PathFragment, Artifact> runfilesManifests, @@ -110,10 +110,9 @@ public class BaseSpawn implements Spawn { ImmutableSet.<PathFragment>of()); } - /** - * Returns a new Spawn. - */ - public BaseSpawn(List<String> arguments, + /** Returns a new Spawn. */ + public BaseSpawn( + List<String> arguments, Map<String, String> environment, Map<String, String> executionInfo, ActionExecutionMetadata action, @@ -151,6 +150,11 @@ public class BaseSpawn implements Spawn { } @Override + public boolean hasNoSandbox() { + return executionInfo.containsKey("nosandbox"); + } + + @Override public boolean isRemotable() { return !executionInfo.containsKey("local"); } @@ -186,9 +190,11 @@ public class BaseSpawn implements Spawn { info.addAllArgument(getArguments()); for (Map.Entry<String, String> variable : getEnvironment().entrySet()) { - info.addVariable(EnvironmentVariable.newBuilder() - .setName(variable.getKey()) - .setValue(variable.getValue()).build()); + info.addVariable( + EnvironmentVariable.newBuilder() + .setName(variable.getKey()) + .setValue(variable.getValue()) + .build()); } for (ActionInput input : getInputFiles()) { // Explicitly ignore middleman artifacts here. @@ -268,38 +274,38 @@ public class BaseSpawn implements Spawn { } @Override - public ActionOwner getOwner() { return action.getOwner(); } + public ActionOwner getOwner() { + return action.getOwner(); + } @Override - public String getMnemonic() { return action.getMnemonic(); } + public String getMnemonic() { + return action.getMnemonic(); + } - /** - * Convert a working dir + environment map + arg list into a Bourne shell - * command. - */ - public static String asShellCommand(Collection<String> arguments, - Path workingDirectory, - Map<String, String> environment) { + /** Convert a working dir + environment map + arg list into a Bourne shell command. */ + public static String asShellCommand( + Collection<String> arguments, Path workingDirectory, Map<String, String> environment) { // We print this command out in such a way that it can safely be // copied+pasted as a Bourne shell command. This is extremely valuable for // debugging. - return CommandFailureUtils.describeCommand(CommandDescriptionForm.COMPLETE, - arguments, environment, workingDirectory.getPathString()); + return CommandFailureUtils.describeCommand( + CommandDescriptionForm.COMPLETE, arguments, environment, workingDirectory.getPathString()); } - /** - * A local spawn requiring zero resources. - */ + /** A local spawn requiring zero resources. */ public static class Local extends BaseSpawn { - public Local(List<String> arguments, Map<String, String> environment, - ActionExecutionMetadata action) { + public Local( + List<String> arguments, Map<String, String> environment, ActionExecutionMetadata action) { this(arguments, environment, ImmutableMap.<String, String>of(), action); } - public Local(List<String> arguments, Map<String, String> environment, - Map<String, String> executionInfo, ActionExecutionMetadata action) { - super(arguments, environment, buildExecutionInfo(executionInfo), - action, ResourceSet.ZERO); + public Local( + List<String> arguments, + Map<String, String> environment, + Map<String, String> executionInfo, + ActionExecutionMetadata action) { + super(arguments, environment, buildExecutionInfo(executionInfo), action, ResourceSet.ZERO); } private static ImmutableMap<String, String> buildExecutionInfo( diff --git a/src/main/java/com/google/devtools/build/lib/actions/DelegateSpawn.java b/src/main/java/com/google/devtools/build/lib/actions/DelegateSpawn.java index d72a686679..45a1496259 100644 --- a/src/main/java/com/google/devtools/build/lib/actions/DelegateSpawn.java +++ b/src/main/java/com/google/devtools/build/lib/actions/DelegateSpawn.java @@ -45,6 +45,11 @@ public class DelegateSpawn implements Spawn { } @Override + public boolean hasNoSandbox() { + return spawn.hasNoSandbox(); + } + + @Override public ImmutableList<Artifact> getFilesetManifests() { return spawn.getFilesetManifests(); } diff --git a/src/main/java/com/google/devtools/build/lib/actions/Spawn.java b/src/main/java/com/google/devtools/build/lib/actions/Spawn.java index 3e24fdca19..a069db6209 100644 --- a/src/main/java/com/google/devtools/build/lib/actions/Spawn.java +++ b/src/main/java/com/google/devtools/build/lib/actions/Spawn.java @@ -36,6 +36,11 @@ public interface Spawn { boolean isRemotable(); /** + * Returns true iff this command should be executed without a sandbox. + */ + boolean hasNoSandbox(); + + /** * Out-of-band data for this spawn. This can be used to signal hints (hardware requirements, * local vs. remote) to the execution subsystem. * diff --git a/src/main/java/com/google/devtools/build/lib/analysis/actions/SpawnAction.java b/src/main/java/com/google/devtools/build/lib/analysis/actions/SpawnAction.java index 612d661442..6e34e0ffbd 100644 --- a/src/main/java/com/google/devtools/build/lib/analysis/actions/SpawnAction.java +++ b/src/main/java/com/google/devtools/build/lib/analysis/actions/SpawnAction.java @@ -506,6 +506,7 @@ public class SpawnAction extends AbstractAction implements ExecutionInfoSpecifie private ParamFileInfo paramFileInfo = null; private String mnemonic = "Unknown"; private ExtraActionInfoSupplier<?> extraActionInfoSupplier = null; + private boolean disableSandboxing = false; /** * Creates a SpawnAction builder. @@ -656,6 +657,13 @@ public class SpawnAction extends AbstractAction implements ExecutionInfoSpecifie env = this.environment; } + if (disableSandboxing) { + ImmutableMap.Builder<String, String> builder = ImmutableMap.builder(); + builder.putAll(executionInfo); + builder.put("nosandbox", "1"); + executionInfo = builder.build(); + } + return createSpawnAction( owner, tools, @@ -1137,5 +1145,10 @@ public class SpawnAction extends AbstractAction implements ExecutionInfoSpecifie paramFileInfo = new ParamFileInfo(parameterFileType, charset, flagPrefix, always); return this; } + + public Builder disableSandboxing() { + this.disableSandboxing = true; + return this; + } } } diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java index 7634e33af2..ad09fa34a0 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java @@ -151,7 +151,7 @@ public class DarwinSandboxedStrategy extends SandboxStrategy { Executor executor = actionExecutionContext.getExecutor(); // Certain actions can't run remotely or in a sandbox - pass them on to the standalone strategy. - if (!spawn.isRemotable()) { + if (!spawn.isRemotable() || spawn.hasNoSandbox()) { SandboxHelpers.fallbackToNonSandboxedExecution(spawn, actionExecutionContext, executor); return; } diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java index 0e38d0d891..3d60a8416e 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java @@ -90,7 +90,7 @@ public class LinuxSandboxedStrategy extends SandboxStrategy { Executor executor = actionExecutionContext.getExecutor(); // Certain actions can't run remotely or in a sandbox - pass them on to the standalone strategy. - if (!spawn.isRemotable()) { + if (!spawn.isRemotable() || spawn.hasNoSandbox()) { SandboxHelpers.fallbackToNonSandboxedExecution(spawn, actionExecutionContext, executor); return; } |