sandbox: Add support for passing arbitrary environment variables

Author: davidlattimore

CONFIG.md

@@ -159,9 +159,23 @@ test.sandbox.make_writable = [
 ]
 ```
 
+If you need to pass particular environment variables into a sandboxed process, you can list them as
+follows:
+
+```toml
+[pkg.foo.test.sandbox]
+pass_env = [
+    "VAR1",
+    "VAR2",
+]
+```
+
+This will cause the variables "VAR1" and "VAR2", if set, to be passed to the sandboxed process - in
+this case the tests for the package `foo`.
+
 ### Sandboxing rustc
 
-If you have a sandbox configuation, then from config version 2 onwards, rustc will be run in a
+If you have a sandbox configuration, then from config version 2 onwards, rustc will be run in a
 sandbox. This means that all proc macros get sandboxed. Controlling the sandbox on a per-proc-macro
 basis unfortunately isn't supported yet, but hopefully will in future. This means that if you have
 for example one proc macro that needs network access, you'd need to enable network access for the
@@ -241,7 +255,7 @@ file. e.g.
 profile = "cackle-release"
 ```
 
-You can also override with the `--profile` flag, which takes precidence over the config file.
+You can also override with the `--profile` flag, which takes precedence over the config file.
 
 Cackle supports analysing references even when inlining occurs, so it can work to some extent even
 with optimisations enabled, however it's more likely that you'll run into false attribution bugs,

src/config.rs

@@ -94,6 +94,9 @@ pub(crate) struct SandboxConfig {
 
     #[serde(default)]
     pub(crate) make_writable: Vec<PathBuf>,
+
+    #[serde(default)]
+    pub(crate) pass_env: Vec<String>,
 }
 
 #[derive(Deserialize, Serialize, Debug, Default, Clone, PartialEq, Eq, Hash)]

src/config_editor.rs

@@ -1345,10 +1345,7 @@ mod tests {
                 crate_sel: crate_sel.clone(),
                 sandbox_config: SandboxConfig {
                     kind: Some(crate::config::SandboxKind::Bubblewrap),
-                    extra_args: vec![],
-                    allow_network: None,
-                    bind_writable: vec![],
-                    make_writable: vec![],
+                    ..Default::default()
                 },
                 binary_path: PathBuf::new(),
                 sandbox_config_display: None,

src/sandbox.rs

@@ -82,6 +82,9 @@ pub(crate) fn from_config(config: &SandboxConfig) -> Result<Option<Box<dyn Sandb
     sandbox.set_env(OsStr::new("USER"), OsStr::new("user"));
     sandbox.pass_env("PATH");
     sandbox.pass_env("HOME");
+    for env in &config.pass_env {
+        sandbox.pass_env(env);
+    }
 
     // Allow read access to the crate's root source directory.
     sandbox.ro_bind(Path::new(&get_env("CARGO_MANIFEST_DIR")?));

test_crates/cackle.toml

@@ -139,6 +139,9 @@ allow_apis = [
 test.sandbox.bind_writable = [
     "crab-9/scratch"
 ]
+test.sandbox.pass_env = [
+    "CRAB_9_CRASH_TEST",
+]
 test.allow_apis = [
     "env",
     "fs",

test_crates/crab-9/src/lib.rs

@@ -46,4 +46,11 @@ mod tests {
     fn it_works() {
         access_files();
     }
+
+    #[test]
+    fn conditional_crash() {
+        if std::env::var("CRAB_9_CRASH_TEST").is_ok() {
+            panic!("Deliberate crash");
+        }
+    }
 }