Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform / minijail / refs/heads/0.11.257.B / . / options.h
blob: 68e36e992b9301cf7cde72db827b664dc5ec6f0c [file] [log] [blame]
drewry@google.combd940e92009-12-07 19:13:27 +0000[diff] [blame]1// Copyright (c) 2009 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4// Some portions Copyright (c) 2009 The Chromium Authors.
5//
6// Options abstract class for minijails.
7#ifndef __CHROMEOS_MINIJAIL_OPTIONS_H
8#define __CHROMEOS_MINIJAIL_OPTIONS_H
9
10#include <base/basictypes.h>
11#include <base/logging.h>
12#include <base/scoped_ptr.h>
13
14#include "minijail/env.h"
15
16namespace chromeos {
17namespace minijail {
18
19class Options {
20 public:
21 Options() : env_(new Env),
22 executable_path_(NULL),
23 argument_count_(0),
24 arguments_(NULL),
25 environment_(NULL),
26 add_readonly_mounts_(false),
27 change_gid_(false),
28 change_uid_(false),
29 disable_tracing_(false),
30 enforce_syscalls_benchmark_(false),
31 enforce_syscalls_by_source_(false),
32 gid_(0),
33 namespace_vfs_(false),
34 namespace_pid_(false),
35 sanitize_environment_(false),
36 uid_(0),
37 use_capabilities_(false) { }
38
39 virtual ~Options() { }
40
41 // Takes ownership of an Env pointer
42 virtual const Env *env() const { return env_.get(); }
43 virtual void set_env(Env *env) { env_.reset(env); }
44
45 //// Methods for configuring the binary to be run.
46
47 // Sets the path to the executable when Run() is called in the jail.
48 // Pointer ownership is not taken.
49 virtual void set_executable_path(const char *exe) { executable_path_ = exe; }
50 virtual const char *executable_path() const { return executable_path_; }
51 // Sets an array of arguments to use for running the executable.
52 // Pointer ownership is not taken.
53 virtual void set_arguments(char * const *argv, int count)
54 { arguments_ = argv; argument_count_ = count; }
55 virtual char * const *arguments() const { return arguments_; }
56 virtual int argument_count() const { return argument_count_; }
57 // Sets the baseline environment for the executable.
58 // Pointer ownership is not taken.
59 virtual void set_environment(char * const *envp) { environment_ = envp; }
60 virtual char * const *environment() const { return environment_; }
61
62 //// Methods for configuring the jail.
63
64 // Determines if a read-only /proc will be mounted.
65 // This option requires namespace_vfs_ = true.
66 // If enabled, this option forcibly enables namespace_vfs_.
67 virtual void set_add_readonly_mounts(bool val) { add_readonly_mounts_ = val; }
68 virtual bool add_readonly_mounts() const { return add_readonly_mounts_; }
69 // Disables cross-process tracing and core dumps. This may cause problems
70 // when generating crash dumps. Options around that are TBD.
71 virtual void set_disable_tracing(bool val) { disable_tracing_ = val; }
72 virtual bool disable_tracing() const { return disable_tracing_; }
73 // Enable no-op syscall filtering for raw benchmarking.
74 virtual void set_enforce_syscalls_benchmark(bool val)
75 { enforce_syscalls_benchmark_ = val; }
76 virtual bool enforce_syscalls_benchmark() const
77 { return enforce_syscalls_benchmark_; }
78 // Enable kernel enforcement that all system calls originate from
79 // read-only memory areas.
80 virtual void set_enforce_syscalls_by_source(bool val)
81 { enforce_syscalls_by_source_ = val; }
82 virtual bool enforce_syscalls_by_source() const
83 { return enforce_syscalls_by_source_; }
84 // The value passed with this is numeric GID to transition to.
85 // Calling this implies a gid change will be attempted.
86 // TODO(wad) All supplementary groups are dropped.
87 virtual void set_gid(gid_t val) { gid_ = val; change_gid_ = true; }
88 virtual gid_t gid() const { return gid_; }
89 // Sets VFS namespacing. This is needed to have a custom
90 // filesystem view (read-only mounts, etc).
91 virtual void set_namespace_vfs(bool val) { namespace_vfs_ = val; }
92 virtual bool namespace_vfs() const { return namespace_vfs_; }
93 // Enable PID namespacing. This will result in the process being
94 // executed to be PID 1 in their own process tree. The process will
95 // not have visibility into other running processes (except via
96 // /proc if not remounted).
97 // TODO(wad) add init-like functionality and start the first process as pid 2.
98 virtual void set_namespace_pid(bool val) { namespace_pid_ = val; }
99 virtual bool namespace_pid() const { return namespace_pid_; }
100 // Enables environment variable scrubbing.
101 virtual void set_sanitize_environment(bool val)
102 { sanitize_environment_ = val; }
103 virtual bool sanitize_environment() const
104 { return sanitize_environment_; }
105 // The value passed with this is the numeric UID to transition to.
106 virtual void set_uid(uid_t val) { uid_ = val; change_uid_ = true; }
107 virtual uid_t uid() const { return uid_; }
108 // Enables the use and sanitization of POSIX capabilities.
109 // Without kKeepCapabilities, all capabilities save CAP_SETPCAP are
110 // removed from the effective, inherited, permitted and bounding sets.
111 virtual void set_use_capabilities(bool val) { use_capabilities_ = val; }
112 virtual bool use_capabilities() const { return use_capabilities_; }
113
114#if 0
115 TODO(wad): additional functionality:
116 virtual void set_cgroup_dir(const string& val) { cgroup_dir_ = val; }
117 virtual const string& cgroup_dir() const { return cgroup_dir_; }
118
119 virtual void set_supplemental_groups(std::vector<std::string>& val)
120 { supplemental_groups_ = val; }
121 virtual const std::vector<std::string> *supplemental_groups() const
122 { return supplemental_groups_; }
123
124 virtual void set_bounding_set(uint64 val) { bounding_set_ = val; }
125 virtual uint64 bounding_set() const { return bounding_set_; }
126
127 virtual void set_use_delayed_chroot(bool val) { use_delayed_chroot_ = val; }
128 virtual bool use_delayed_chroot() const { return use_delayed_chroot_; }
129
130 virtual void set_memory_limit(int64 val) { memory_limit_ = val; }
131 virtual int64 memory_limit() const { return memory_limit_; }
132
133 virtual void set_cpu_limit(int64 val) { cpu_limit_ = val; }
134 virtual int64 cpu_limit() const { return cpu_limit_; }
135
136 virtual void set_open_file_limit(int32 val) { open_file_limit_ = val; }
137 virtual int32 open_file_limit() const { return open_file_limit_; }
138
139 TODO(wad) other rlimits
140
141 virtual void set_chroot(const std::string val) { chroot_ = val; }
142 virtual const std::string chroot() const { return chroot_; }
143
144 virtual void set_install_device_shims(bool val)
145 { install_device_shims_ = val; }
146 virtual bool install_device_shims() const { return install_device_shims_; }
147#endif
148
149 //// Helper methods
150 // Indicate if the uid was set.
151 virtual bool change_uid() const { return change_uid_; }
152 // Indicate if the gid was set.
153 virtual bool change_gid() const { return change_uid_; }
154 // Ensures that all inter-dependent options are properly set.
155 virtual bool FixUpDependencies();
156
157
158 private:
159 scoped_ptr<Env> env_;
160 const char *executable_path_;
161 int argument_count_;
162 char * const *arguments_;
163 char * const *environment_;
164
165 bool add_readonly_mounts_;
166 bool change_gid_;
167 bool change_uid_;
168 bool disable_tracing_;
169 bool enforce_syscalls_benchmark_;
170 bool enforce_syscalls_by_source_;
171 gid_t gid_;
172 bool namespace_vfs_;
173 bool namespace_pid_;
174 bool sanitize_environment_;
175 uid_t uid_;
176 bool use_capabilities_;
177
178 DISALLOW_COPY_AND_ASSIGN(Options);
179};
180
181} // namespace minijail
182} // namespace chromeos
183
184#endif // __CHROMEOS_MINIJAIL_OPTIONS_H