king
/
v811_spc009
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8f4c154c05'
${ noResults }
v811_spc009/external/libbrillo/brillo/minijail/minijail.h

145 lines
4.5 KiB
Raw Blame History

// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef LIBBRILLO_BRILLO_MINIJAIL_MINIJAIL_H_
#define LIBBRILLO_BRILLO_MINIJAIL_MINIJAIL_H_
#include <vector>
extern "C" {
#include <linux/capability.h>
#include <sys/types.h>
}
#include <base/lazy_instance.h>
#include <brillo/brillo_export.h>
#include <libminijail.h>
#include "base/macros.h"
namespace brillo {
// A Minijail abstraction allowing Minijail mocking in tests.
class BRILLO_EXPORT Minijail {
public:
virtual ~Minijail();
// This is a singleton -- use Minijail::GetInstance()->Foo().
static Minijail* GetInstance();
// minijail_new
virtual struct minijail* New();
// minijail_destroy
virtual void Destroy(struct minijail* jail);
// minijail_change_uid/minijail_change_gid
virtual void DropRoot(struct minijail* jail, uid_t uid, gid_t gid);
// minijail_change_user/minijail_change_group
virtual bool DropRoot(struct minijail* jail,
const char* user,
const char* group);
// minijail_namespace_pids
virtual void EnterNewPidNamespace(struct minijail* jail);
// minijail_mount_tmp
virtual void MountTmp(struct minijail* jail);
// minijail_use_seccomp_filter/minijail_no_new_privs/
// minijail_parse_seccomp_filters
virtual void UseSeccompFilter(struct minijail* jail, const char* path);
// minijail_use_caps
virtual void UseCapabilities(struct minijail* jail, uint64_t capmask);
// minijail_reset_signal_mask
virtual void ResetSignalMask(struct minijail* jail);
// minijail_close_open_fds
virtual void CloseOpenFds(struct minijail* jail);
// minijail_preserve_fd
virtual void PreserveFd(struct minijail* jail, int parent_fd, int child_fd);
// minijail_enter
virtual void Enter(struct minijail* jail);
// minijail_run_pid
virtual bool Run(struct minijail* jail, std::vector<char*> args, pid_t* pid);
// minijail_run_pid and waitpid
virtual bool RunSync(struct minijail* jail,
std::vector<char*> args,
int* status);
// minijail_run_pid_pipes, with |pstdout_fd| and |pstderr_fd| set to NULL.
virtual bool RunPipe(struct minijail* jail,
std::vector<char*> args,
pid_t* pid,
int* stdin);
// minijail_run_pid_pipes
virtual bool RunPipes(struct minijail* jail,
std::vector<char*> args,
pid_t* pid,
int* stdin,
int* stdout,
int* stderr);
// minijail_run_env_pid_pipes
virtual bool RunEnvPipes(struct minijail* jail,
std::vector<char*> args,
std::vector<char*> env,
pid_t* pid,
int* stdin,
int* stdout,
int* stderr);
// Run() and Destroy()
virtual bool RunAndDestroy(struct minijail* jail,
std::vector<char*> args,
pid_t* pid);
// RunSync() and Destroy()
virtual bool RunSyncAndDestroy(struct minijail* jail,
std::vector<char*> args,
int* status);
// RunPipe() and Destroy()
virtual bool RunPipeAndDestroy(struct minijail* jail,
std::vector<char*> args,
pid_t* pid,
int* stdin);
// RunPipes() and Destroy()
virtual bool RunPipesAndDestroy(struct minijail* jail,
std::vector<char*> args,
pid_t* pid,
int* stdin,
int* stdout,
int* stderr);
// RunEnvPipes() and Destroy()
virtual bool RunEnvPipesAndDestroy(struct minijail* jail,
std::vector<char*> args,
std::vector<char*> env,
pid_t* pid,
int* stdin,
int* stdout,
int* stderr);
protected:
Minijail();
private:
friend base::LazyInstanceTraitsBase<Minijail>;
DISALLOW_COPY_AND_ASSIGN(Minijail);
};
} // namespace brillo
#endif // LIBBRILLO_BRILLO_MINIJAIL_MINIJAIL_H_
Reference in new issue View Git Blame Copy Permalink