Automated rollback of commit 47b072b.

PiperOrigin-RevId: 869969399
Change-Id: I429f6fcbc8ae569c82dbac9c758aa7ee35ccb09a

Author: Sandboxed API Team

sandboxed_api/sandbox2/fork_client.cc

@@ -15,8 +15,6 @@
 #include "sandboxed_api/sandbox2/fork_client.h"
 
 #include <sys/types.h>
-#include <syscall.h>
-#include <unistd.h>
 
 #include <cstdint>
 
@@ -31,14 +29,6 @@ namespace sandbox2 {
 
 using ::sapi::file_util::fileops::FDCloser;
 
-namespace {
-
-int pidfd_open(pid_t pid, unsigned int flags) {
-  return syscall(__NR_pidfd_open, pid, flags);
-}
-
-}  // namespace
-
 ForkClient::ForkClient(pid_t pid, Comms* comms, bool is_global)
     : pid_(pid), comms_(comms), is_global_(is_global) {
 }
@@ -78,23 +68,14 @@ SandboxeeProcess ForkClient::SendRequest(const ForkRequest& request,
     LOG(ERROR) << "Receiving init PID from the ForkServer failed";
     return process;
   }
-  if (pid != 0) {  // No init process if pid is 0
-    process.init_pid = static_cast<pid_t>(pid);
-    process.init_pidfd = FDCloser(pidfd_open(process.init_pid, 0));
-    PCHECK(process.init_pidfd.get() != -1)
-        << "Failed to open pidfd for init process";
-  }
+  process.init_pid = static_cast<pid_t>(pid);
 
   // Receive sandboxee process ID.
   if (!comms_->RecvInt32(&pid)) {
     LOG(ERROR) << "Receiving sandboxee PID from the ForkServer failed";
     return process;
   }
   process.main_pid = static_cast<pid_t>(pid);
-  process.main_pidfd = FDCloser(pidfd_open(process.main_pid, 0));
-  PCHECK(process.main_pidfd.get() != -1)
-      << "Failed to open pidfd for main process";
-
   if (request.monitor_type() == FORKSERVER_MONITOR_UNOTIFY) {
     int fd = -1;
     if (!comms_->RecvFD(&fd)) {

sandboxed_api/sandbox2/fork_client.h

@@ -32,10 +32,8 @@ class Comms;
 class ForkRequest;
 
 struct SandboxeeProcess {
-  pid_t init_pid = 0;
-  sapi::file_util::fileops::FDCloser init_pidfd;
-  pid_t main_pid = 0;
-  sapi::file_util::fileops::FDCloser main_pidfd;
+  pid_t init_pid = -1;
+  pid_t main_pid = -1;
   sapi::file_util::fileops::FDCloser status_fd;
 };
 
@@ -44,7 +42,6 @@ class ForkClient {
   ForkClient(pid_t pid, Comms* comms) : ForkClient(pid, comms, false) {}
   ForkClient(const ForkClient&) = delete;
   ForkClient& operator=(const ForkClient&) = delete;
-
   ~ForkClient();
 
   // Runs a custom transaction over the Comms channel.

sandboxed_api/sandbox2/monitor_unotify.cc

@@ -125,10 +125,6 @@ absl::Status WaitForTaskToStop(pid_t pid) {
                              : absl::InternalError("task did not stop");
 }
 
-int pidfd_send_signal(int pidfd, int sig, siginfo_t* info, unsigned int flags) {
-  return syscall(__NR_pidfd_send_signal, pidfd, sig, info, flags);
-}
-
 }  // namespace
 
 UnotifyMonitor::UnotifyMonitor(Executor* executor, Policy* policy,
@@ -424,20 +420,16 @@ void UnotifyMonitor::NotifyMonitor() {
 
 bool UnotifyMonitor::KillSandboxee() {
   VLOG(1) << "Sending SIGKILL to the PID: " << process_.main_pid;
-  if (pidfd_send_signal(process_.main_pidfd.get(), SIGKILL, nullptr, 0) != 0) {
+  if (kill(process_.main_pid, SIGKILL) != 0) {
     PLOG(ERROR) << "Could not send SIGKILL to PID " << process_.main_pid;
-    SetExitStatusCode(Result::INTERNAL_ERROR, Result::FAILED_KILL);
     return false;
   }
   return true;
 }
 
 void UnotifyMonitor::KillInit() {
   VLOG(1) << "Sending SIGKILL to the PID: " << process_.init_pid;
-  if (process_.init_pid != 0 &&
-      pidfd_send_signal(process_.init_pidfd.get(), SIGKILL, nullptr, 0) != 0 &&
-      errno != ESRCH) {
-    // Ignore ESRCH (process not found), as it is not an error.
+  if (kill(process_.init_pid, SIGKILL) != 0) {
     PLOG(ERROR) << "Could not send SIGKILL to PID " << process_.init_pid;
   }
 }