Blame - cros-disks/sandboxed_init.h - chromium.googlesource.com/chromiumos/platform2

blob: e860b23cf2a6ee09dc6c484862d7b7f7c9f24a7b [file] [log] [blame]

Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	1	// Copyright 2019 The Chromium OS Authors. All rights reserved.
				2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
				4
				5	#ifndef CROS_DISKS_SANDBOXED_INIT_H_
				6	#define CROS_DISKS_SANDBOXED_INIT_H_
				7
				8	#include <memory>
				9	#include <string>
				10	#include <vector>
				11
				12	#include <sys/types.h>
				13
				14	#include <base/callback.h>
				15	#include <base/files/scoped_file.h>
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	16
				17	namespace cros_disks {
				18
François Degros	c2bfe0e	2019-10-14 13:08:49 +1100	[diff] [blame]	19	// Anonymous pipe to establish communication between a parent process and a
				20	// child process.
				21	struct SubprocessPipe {
				22	base::ScopedFD child_fd, parent_fd;
François Degros	4a76d70	2019-09-26 14:54:35 +1000	[diff] [blame]	23
François Degros	c2bfe0e	2019-10-14 13:08:49 +1100	[diff] [blame]	24	// Direction of communication.
				25	enum Direction { kChildToParent, kParentToChild };
				26
				27	// Creates an open pipe. Sets FD_CLOEXEC on parent_fd. Dies in case of error.
				28	explicit SubprocessPipe(Direction direction);
François Degros	1ef6994	2019-10-01 15:31:17 +1000	[diff] [blame]	29
				30	// Opens a pipe to communicate with a child process. Returns the end of the
				31	// pipe that is used by the child process. Stores the end of the pipe that is
				32	// kept by the parent process in *parent_fd and flags it with FD_CLOEXEC. Dies
				33	// in case of error.
				34	static base::ScopedFD Open(Direction direction, base::ScopedFD* parent_fd);
François Degros	4a76d70	2019-09-26 14:54:35 +1000	[diff] [blame]	35	};
				36
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	37	// To run daemons in a PID namespace under minijail we need to provide
				38	// an "init" process for the sandbox. As we rely on return code of the
				39	// launcher of the daemonized process we must send it through a side
				40	// channel back to the caller without waiting to the whole PID namespace
				41	// to terminate.
				42	class SandboxedInit {
				43	public:
François Degros	1ef6994	2019-10-01 15:31:17 +1000	[diff] [blame]	44	SandboxedInit(base::ScopedFD in_fd,
				45	base::ScopedFD out_fd,
				46	base::ScopedFD err_fd,
				47	base::ScopedFD ctrl_fd);
Qijiang Fan	6bc59e1	2020-11-11 02:51:06 +0900	[diff] [blame]	48	SandboxedInit(const SandboxedInit&) = delete;
				49	SandboxedInit& operator=(const SandboxedInit&) = delete;
				50
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	51	~SandboxedInit();
				52
				53	// To be run inside the jail. Never returns.
François Degros	7316856	2019-10-03 13:34:26 +1000	[diff] [blame]	54	[[noreturn]] void RunInsideSandboxNoReturn(
				55	base::OnceCallback<int()> launcher);
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	56
François Degros	02c5c71	2019-10-03 13:00:11 +1000	[diff] [blame]	57	static bool PollLauncherStatus(base::ScopedFD* ctrl_fd, int* exit_code);
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	58
Sergei Datsenko	1c8f215	2019-06-19 15:21:21 +1000	[diff] [blame]	59	static int WStatusToStatus(int wstatus);
				60
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	61	private:
				62	int RunInitLoop(pid_t root_pid, base::ScopedFD ctrl_fd);
Anand K Mistry	08a71ca	2019-09-13 10:38:20 +1000	[diff] [blame]	63	pid_t StartLauncher(base::OnceCallback<int()> launcher);
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	64
François Degros	1ef6994	2019-10-01 15:31:17 +1000	[diff] [blame]	65	base::ScopedFD in_fd_, out_fd_, err_fd_, ctrl_fd_;
Sergei Datsenko	495f5da	2019-06-06 17:44:23 +1000	[diff] [blame]	66	};
				67
				68	} // namespace cros_disks
				69
				70	#endif // CROS_DISKS_SANDBOXED_INIT_H_