host/commands/process_sandboxer/policies.cpp - device/google/cuttlefish - Git at Google

 /*
  * Copyright (C) 2024 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #include "host/commands/process_sandboxer/policies.h"

 #include <memory>

 #include "absl/container/flat_hash_map.h"
 #include "absl/log/log.h"
 #include "sandboxed_api/sandbox2/policybuilder.h"
 #include "sandboxed_api/util/path.h"

 using sapi::file::JoinPath;

 namespace cuttlefish {

 std::unique_ptr<sandbox2::Policy> PolicyForExecutable(
     const HostInfo& host, std::string_view executable) {
   using Builder = sandbox2::PolicyBuilder(const HostInfo&);
   absl::flat_hash_map<std::string, Builder*> builders;

   builders[JoinPath(host.artifacts_path, "bin", "kernel_log_monitor")] =
       KernelLogMonitorPolicy;
   builders[JoinPath(host.artifacts_path, "bin", "logcat_receiver")] =
       LogcatReceiverPolicy;

   if (auto it = builders.find(executable); it != builders.end()) {
     return (it->second)(host).BuildOrDie();
   } else {
     for (const auto& [target, unused] : builders) {
       LOG(ERROR) << "Available policy: '" << target << "'";
     }
     LOG(FATAL) << "No policy defined for '" << executable << "'";
     return sandbox2::PolicyBuilder().BuildOrDie();
   }
 }

 }  // namespace cuttlefish
	/*
	* Copyright (C) 2024 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#include "host/commands/process_sandboxer/policies.h"

	#include <memory>

	#include "absl/container/flat_hash_map.h"
	#include "absl/log/log.h"
	#include "sandboxed_api/sandbox2/policybuilder.h"
	#include "sandboxed_api/util/path.h"

	using sapi::file::JoinPath;

	namespace cuttlefish {

	std::unique_ptr<sandbox2::Policy> PolicyForExecutable(
	const HostInfo& host, std::string_view executable) {
	using Builder = sandbox2::PolicyBuilder(const HostInfo&);
	absl::flat_hash_map<std::string, Builder*> builders;

	builders[JoinPath(host.artifacts_path, "bin", "kernel_log_monitor")] =
	KernelLogMonitorPolicy;
	builders[JoinPath(host.artifacts_path, "bin", "logcat_receiver")] =
	LogcatReceiverPolicy;

	if (auto it = builders.find(executable); it != builders.end()) {
	return (it->second)(host).BuildOrDie();
	} else {
	for (const auto& [target, unused] : builders) {
	LOG(ERROR) << "Available policy: '" << target << "'";
	}
	LOG(FATAL) << "No policy defined for '" << executable << "'";
	return sandbox2::PolicyBuilder().BuildOrDie();
	}
	}

	} // namespace cuttlefish