Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / HEAD / . / pciguard / sysfs_utils.h
blob: 2b252ee692cbe1612d620f4983c349ab4111946d [file] [log] [blame]
Rajat Jain5bf732b2021-01-22 14:57:59 -0800[diff] [blame]1// Copyright 2021 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef PCIGUARD_SYSFS_UTILS_H_
6#define PCIGUARD_SYSFS_UTILS_H_
7
8#include <base/files/file_util.h>
9#include <gtest/gtest_prod.h>
10#include <memory>
11#include <string>
12
13using base::FilePath;
14
15namespace pciguard {
16
17class SysfsUtils {
18 public:
19 SysfsUtils();
20 virtual ~SysfsUtils() = default;
21 virtual int OnInit(void);
22 virtual int AuthorizeThunderboltDev(base::FilePath devpath);
23 virtual int AuthorizeAllDevices(void);
24 virtual int DeauthorizeAllDevices(void);
25 virtual int DenyNewDevices(void);
Rajat Jain5bf732b2021-01-22 14:57:59 -0800[diff] [blame]26
27 private:
28 explicit SysfsUtils(FilePath root);
29 const FilePath allowlist_path_;
30 const FilePath pci_lockdown_path_;
31 const FilePath pci_rescan_path_;
32 const FilePath tbt_devices_path_;
33 const FilePath pci_devices_path_;
34
35 int SetAuthorizedAttribute(base::FilePath devpath, bool enable);
36 int DeauthorizeThunderboltDev(base::FilePath devpath);
37
38 friend class SysfsUtilsTest;
39 FRIEND_TEST(SysfsUtilsTest, CheckDenyNewDevices);
40 FRIEND_TEST(SysfsUtilsTest, CheckDeauthorizeAllDevices);
41 FRIEND_TEST(SysfsUtilsTest, CheckAuthorizeAllDevices);
42 friend std::unique_ptr<SysfsUtils> std::make_unique<SysfsUtils>(FilePath&);
43};
44
45} // namespace pciguard
46
47#endif // PCIGUARD_SYSFS_UTILS_H_