sandbox

type ForkExecContext struct {
	Pid  uintptr
	Pipe [2]int

	ArgV []*byte
	EnvV []*byte
}

type RLimit struct {
	Type int
	Cur  uint64
	Max  uint64
}

type RunnerResult struct {
	Status int
	Error  string
}

type RunnerSession struct {
	// Channel to stream result back (init)
	ResultChan chan RunnerSessionResult

	// Internal result stream (init)
	InternalResultChan chan RunnerResult

	// Pid of child
	Pid  int
	Pgid int

	// Execveat (init)
	ExecFile uintptr
	ExecArgs []string
	ExecEnv  []string

	// Seccomp profile
	Seccomp *unix.SockFprog

	// Whether or not the initial exec was called
	ExecUsed bool

	// Whether or not the process has exited
	ProcExited bool

	// File descriptors to set: [newfd]oldfd (init)
	Files map[int]uintptr

	// Folder where file is executed
	Workspace string

	// Resource limits with rlimit
	RLimits []RLimit

	// Hard timeout, includes time spent preparing sandbox, done by goroutine -> kill (init)
	HardTimeout time.Duration

	// Soft timeout, done by process (init)
	TimeLimit time.Duration

	// Maximum memory, in bytes (init)
	MemoryLimit uint64

	// Maximum size of new files a process can create (init)
	FSizeLimit int64

	// Maximum number of processes that can be created (init)
	NProcLimit int64

	// Whether or not the process should be sandboxed with seccomp + ptrace (init)
	SandboxWithSeccomp bool

	// Seccomp profile (init)
	SeccompProfile util.SandboxProfile

	// Exit code
	ExitCode int

	// Start time
	StartTime time.Time

	// Max memory allocated at a point (kb)
	MemoryUsed int64
}

type RunnerSessionResult struct {
	Status     int
	ExitCode   int
	Error      string
	TimeUsed   time.Duration
	MemoryUsed int64
}