work

Author: MikailBag

.github/workflows/rust.yml

@@ -91,7 +91,7 @@ jobs:
       - name: Run tests (Windows)
         if: matrix.os == 'windows-2019'
         run: |
-          ./out.minion-tests.exe
+          ./out/minion-tests.exe
         timeout-minutes: 3 
       - name: Collect logs
         if: always()

Cargo.lock

@@ -5,20 +5,24 @@ authors = ["Mikail Bagishov <[email protected]>"]
 edition = "2018"
 
 [dependencies]
-
 rand = "0.7.3"
 serde = { version = "1.0.106", features = ["derive"] }
-serde_json = "1.0.51"
 backtrace = "0.3.46"
 thiserror = "1.0.19"
 anyhow = "1.0.32"
+tracing = "0.1.19"
 
 [target.'cfg(target_os="linux")'.dependencies]
 tiny-nix-ipc = { git = "https://github.com/myfreeweb/tiny-nix-ipc", features = ["ser_json", "zero_copy"] }
 procfs = "0.7.8"
 nix = {git = "https://github.com/nix-rust/nix"}
 libc = "0.2.68"
 errno = "0.2.5"
+serde_json = "1.0.51"
+
+[target.'cfg(target_os="windows")'.dependencies]
+winapi = { version = "0.3.9", features = ["std", "processthreadsapi", "jobapi2", "errhandlingapi",
+ "namedpipeapi", "fileapi", "synchapi", "winnt", "userenv", "handleapi", "securitybaseapi", "sddl"] }
 
 [workspace]
 members = ["minion-ffi", ".", "minion-tests", "minion-cli"]

Cargo.toml

@@ -2,9 +2,10 @@
 #![cfg_attr(minion_nightly, warn(unsafe_op_in_unsafe_fn))]
 use minion::{self};
 use std::{
-    ffi::{CStr, OsStr, OsString},
+    ffi::{CStr, OsString},
     mem::{self},
     os::raw::c_char,
+    sync::Arc,
 };
 
 #[repr(i32)]
@@ -42,11 +43,23 @@ pub enum WaitOutcome {
 
 /// # Safety
 /// `buf` must be valid, readable pointer
+#[cfg(target_os = "linux")]
 unsafe fn get_string(buf: *const c_char) -> OsString {
     use std::os::unix::ffi::OsStrExt;
     let buf = unsafe { CStr::from_ptr(buf) };
     let buf = buf.to_bytes();
-    let s = OsStr::from_bytes(buf);
+    let s = std::ffi::OsStr::from_bytes(buf);
+    s.to_os_string()
+}
+/// # Safety
+/// `buf` must be valid, readable pointer
+#[cfg(target_os = "windows")]
+unsafe fn get_string(buf: *const c_char) -> OsString {
+    use std::os::windows::ffi::OsStringExt;
+    let buf = unsafe { CStr::from_ptr(buf) };
+    let buf = buf.to_bytes();
+    assert!(buf.len() % 2 == 0);
+    let s = OsString::from_wide(unsafe { buf.align_to::<u16>().1 });
     s.to_os_string()
 }
 
@@ -107,7 +120,7 @@ pub struct SandboxOptions {
 }
 
 #[derive(Clone)]
-pub struct Sandbox(Box<dyn minion::erased::Sandbox>);
+pub struct Sandbox(Arc<dyn minion::erased::Sandbox>);
 
 /// # Safety
 /// `out` must be valid

minion-ffi/src/lib.rs

@@ -4,11 +4,14 @@ version = "0.1.0"
 authors = ["Mikail Bagishov <[email protected]>"]
 edition = "2018"
 
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
 [dependencies]
 once_cell = "1.4.0"
 minion = {path = ".."}
 clap = "2.33.1"
-nix = "0.17.0"
 tempfile = "3.1.0"
+
+[target.'cfg(target_os="linux")'.dependencies]
+nix = "0.17.0"
+
+[target.'cfg(target_os="windows")'.dependencies]
+winapi = { version = "0.3.9", features = ["processthreadsapi"] }

minion-tests/Cargo.toml

@@ -50,7 +50,19 @@ impl crate::TestCase for TTlFork {
         (TODO: verify this is not wall-clock time limit)"
     }
     fn test(&self) -> ! {
+        #[cfg(target_os = "linux")]
         nix::unistd::fork().unwrap();
+        #[cfg(target_os = "winfows")]
+        unsafe {
+            winapi::um::processthreadsapi::CreateThread(
+                std::ptr::null_mut(),
+                0,
+                exceed_time_limit,
+                self,
+                0,
+                std::ptr::null_mut(),
+            );
+        }
         exceed_time_limit()
     }
     fn check(&self, cp: &mut dyn ChildProcess, _: &dyn Sandbox) {
@@ -71,7 +83,12 @@ impl crate::TestCase for TIdle {
         checks that it still will be killed"
     }
     fn test(&self) -> ! {
+        #[cfg(target_os = "linux")]
         nix::unistd::sleep(1_000_000_000);
+        #[cfg(target_os = "windows")]
+        unsafe {
+            winapi::um::synchapi::Sleep(1_000_000_000);
+        };
         std::process::exit(0)
     }
     fn check(&self, cp: &mut dyn ChildProcess, _: &dyn Sandbox) {
@@ -147,6 +164,7 @@ impl crate::TestCase for TSecurity {
     fn description(&self) -> &'static str {
         "verifies that isolated program can not make certain bad things"
     }
+    #[cfg(target_os = "linux")]
     fn test(&self) -> ! {
         // Check we can not read pid1's environment.
         let err = std::fs::read("/proc/1/environ").unwrap_err();
@@ -164,6 +182,11 @@ impl crate::TestCase for TSecurity {
         assert!(matches!(err, nix::Error::Sys(nix::errno::Errno::EPERM)));
         std::process::exit(24)
     }
+    #[cfg(target_os = "windows")]
+    fn test(&self) -> ! {
+        // TODO
+        std::process::exit(24)
+    }
     fn check(&self, cp: &mut dyn ChildProcess, _sb: &dyn Sandbox) {
         super::assert_exit_code(cp, 24);
         super::assert_empty(&mut cp.stdout().unwrap());

minion-tests/src/tests/simple.rs

@@ -0,0 +1 @@
+merge_imports = true

rustfmt.toml

@@ -2,12 +2,13 @@ use crate::{erased, InputSpecification, OutputSpecification, StdioSpecification}
 use std::{
     ffi::{OsStr, OsString},
     path::{Path, PathBuf},
+    sync::Arc,
 };
 
 /// Child process builder
 #[derive(Default, Debug)]
 pub struct Command {
-    sandbox: Option<Box<dyn erased::Sandbox>>,
+    sandbox: Option<Arc<dyn erased::Sandbox>>,
     exe: Option<PathBuf>,
     argv: Vec<OsString>,
     env: Vec<OsString>,
@@ -56,7 +57,7 @@ impl Command {
         backend.spawn(options)
     }
 
-    pub fn sandbox(&mut self, sandbox: Box<dyn erased::Sandbox>) -> &mut Self {
+    pub fn sandbox(&mut self, sandbox: Arc<dyn erased::Sandbox>) -> &mut Self {
         self.sandbox.replace(sandbox);
         self
     }

src/command.rs

@@ -3,28 +3,20 @@
 //!
 //! Please note that this API is not type-safe. For example, if you pass
 //! `Sandbox` instance to another backend, it will panic.
+use std::{any::Any, sync::Arc};
 
 /// Type-erased `Sandbox`
 pub trait Sandbox: std::fmt::Debug {
-    fn id(&self) -> String;
+    fn id(&self) -> &str;
     fn check_cpu_tle(&self) -> anyhow::Result<bool>;
     fn check_real_tle(&self) -> anyhow::Result<bool>;
     fn kill(&self) -> anyhow::Result<()>;
     fn resource_usage(&self) -> anyhow::Result<crate::ResourceUsageData>;
-    #[doc(hidden)]
-    fn clone_to_box(&self) -> Box<dyn Sandbox>;
-    #[doc(hidden)]
-    fn clone_into_box_any(&self) -> Box<dyn std::any::Any>;
-}
-
-impl Clone for Box<dyn Sandbox> {
-    fn clone(&self) -> Self {
-        self.clone_to_box()
-    }
+    fn into_arc_any(self: Arc<Self>) -> Arc<dyn Any + Send + Sync + 'static>;
 }
 
 impl<S: crate::Sandbox> Sandbox for S {
-    fn id(&self) -> String {
+    fn id(&self) -> &str {
         self.id()
     }
     fn check_cpu_tle(&self) -> anyhow::Result<bool> {
@@ -39,12 +31,8 @@ impl<S: crate::Sandbox> Sandbox for S {
     fn resource_usage(&self) -> anyhow::Result<crate::ResourceUsageData> {
         self.resource_usage().map_err(Into::into)
     }
-    fn clone_to_box(&self) -> Box<dyn Sandbox> {
-        Box::new(self.clone())
-    }
-
-    fn clone_into_box_any(&self) -> Box<dyn std::any::Any> {
-        Box::new(self.clone())
+    fn into_arc_any(self: Arc<Self>) -> Arc<dyn Any + Send + Sync + 'static> {
+        self
     }
 }
 
@@ -58,8 +46,7 @@ pub trait ChildProcess {
         &self,
         timeout: Option<std::time::Duration>,
     ) -> anyhow::Result<crate::WaitOutcome>;
-    fn poll(&self) -> anyhow::Result<()>;
-    fn is_finished(&self) -> anyhow::Result<bool>;
+    fn is_finished(&self) -> bool;
 }
 
 impl<C: crate::ChildProcess> ChildProcess for C {
@@ -90,50 +77,48 @@ impl<C: crate::ChildProcess> ChildProcess for C {
     ) -> anyhow::Result<crate::WaitOutcome> {
         self.wait_for_exit(timeout).map_err(Into::into)
     }
-    fn poll(&self) -> anyhow::Result<()> {
-        self.poll().map_err(Into::into)
-    }
-    fn is_finished(&self) -> anyhow::Result<bool> {
-        self.is_finished().map_err(Into::into)
+    fn is_finished(&self) -> bool {
+        self.is_finished()
     }
 }
 
 /// Type-erased `Backend`
 pub trait Backend {
-    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Box<dyn Sandbox>>;
+    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Arc<dyn Sandbox>>;
     fn spawn(&self, options: ChildProcessOptions) -> anyhow::Result<Box<dyn ChildProcess>>;
 }
 
 impl<B: crate::Backend> Backend for B {
-    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Box<dyn Sandbox>> {
+    fn new_sandbox(&self, options: crate::SandboxOptions) -> anyhow::Result<Arc<dyn Sandbox>> {
         let sb = <Self as crate::Backend>::new_sandbox(&self, options)?;
-        Ok(Box::new(sb))
+        Ok(Arc::new(sb))
     }
 
     fn spawn(&self, options: ChildProcessOptions) -> anyhow::Result<Box<dyn ChildProcess>> {
-        let down_sandbox = options
-            .sandbox
-            .clone_into_box_any()
-            .downcast()
-            .expect("sandbox type mismatch");
+        let any_sandbox = options.sandbox.clone().into_arc_any();
+        let down_sandbox = any_sandbox.downcast().expect("sandbox type mismatch");
         let down_options = crate::ChildProcessOptions {
             arguments: options.arguments,
             environment: options.environment,
             path: options.path,
             pwd: options.pwd,
             stdio: options.stdio,
-            sandbox: *down_sandbox,
+            sandbox: down_sandbox,
         };
         let cp = <Self as crate::Backend>::spawn(&self, down_options)?;
         Ok(Box::new(cp))
     }
 }
 
-pub type ChildProcessOptions = crate::ChildProcessOptions<Box<dyn Sandbox>>;
+pub type ChildProcessOptions = crate::ChildProcessOptions<dyn Sandbox>;
 
 /// Returns backend instance
 pub fn setup() -> anyhow::Result<Box<dyn Backend>> {
-    Ok(Box::new(crate::linux::LinuxBackend::new(
+    #[cfg(target_os = "linux")]
+    return Ok(Box::new(crate::linux::LinuxBackend::new(
         crate::linux::Settings::new(),
-    )?))
+    )?));
+
+    #[cfg(target_os = "windows")]
+    return Ok(Box::new(crate::windows::WindowsBackend::new()));
 }