Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 1 | /* libminijail-private.h |
Mike Frysinger | 4c33189 | 2022-09-13 05:17:08 -0400 | [diff] [blame] | 2 | * Copyright 2011 The ChromiumOS Authors |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 3 | * Use of this source code is governed by a BSD-style license that can be |
| 4 | * found in the LICENSE file. |
| 5 | * |
| 6 | * Values shared between libminijailpreload and libminijail, but not visible to |
| 7 | * the outside world. |
| 8 | */ |
| 9 | |
| 10 | #ifndef LIBMINIJAIL_PRIVATE_H |
| 11 | #define LIBMINIJAIL_PRIVATE_H |
| 12 | |
Jorge Lucangeli Obes | a67bd6a | 2016-08-19 15:33:48 -0400 | [diff] [blame] | 13 | #ifdef __cplusplus |
| 14 | extern "C" { |
| 15 | #endif |
| 16 | |
Will Drewry | 6ac9112 | 2011-10-21 16:38:58 -0500 | [diff] [blame] | 17 | /* Explicitly declare exported functions so that -fvisibility tricks |
| 18 | * can be used for testing and minimal symbol leakage occurs. |
| 19 | */ |
Mike Frysinger | d9ef07c | 2018-05-30 16:51:36 -0400 | [diff] [blame] | 20 | #define API __attribute__((__visibility__("default"))) |
Will Drewry | 6ac9112 | 2011-10-21 16:38:58 -0500 | [diff] [blame] | 21 | |
Zi Lin | 96db6fc | 2022-02-17 21:44:52 +0000 | [diff] [blame] | 22 | static const char kFdEnvVar[] = "__MINIJAIL_FD"; |
| 23 | static const char kLdPreloadEnvVar[] = "LD_PRELOAD"; |
| 24 | static const char kSeccompPolicyPathEnvVar[] = "SECCOMP_POLICY_PATH"; |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 25 | |
Will Drewry | f89aef5 | 2011-09-16 16:48:57 -0500 | [diff] [blame] | 26 | struct minijail; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 27 | |
| 28 | /* minijail_size: returns the size (in bytes) of @j if marshalled |
| 29 | * @j jail to compute size of |
| 30 | * |
| 31 | * Returns 0 on error. |
Will Drewry | 2ddaad0 | 2011-09-16 11:36:08 -0500 | [diff] [blame] | 32 | */ |
| 33 | extern size_t minijail_size(const struct minijail *j); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 34 | |
| 35 | /* minijail_marshal: serializes @j to @buf |
| 36 | * @j minijail to serialize |
| 37 | * @buf buffer to serialize to |
| 38 | * @size size of @buf |
| 39 | * |
| 40 | * Returns 0 on success. |
| 41 | * |
Will Drewry | 2ddaad0 | 2011-09-16 11:36:08 -0500 | [diff] [blame] | 42 | * Writes |j| to |buf| such that it can be reparsed by the same |
| 43 | * library on the same architecture. This is meant to be used |
| 44 | * by minijail0.c and libminijailpreload.c. minijail flags that |
| 45 | * require minijail_run() will be excluded. |
| 46 | * |
| 47 | * The marshalled data is not robust to differences between the child |
| 48 | * and parent process (personality, etc). |
Will Drewry | 2ddaad0 | 2011-09-16 11:36:08 -0500 | [diff] [blame] | 49 | */ |
Allen Webb | 7ae41c2 | 2021-09-16 10:23:37 -0500 | [diff] [blame] | 50 | extern int minijail_marshal(const struct minijail *j, char *buf, size_t size); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 51 | |
| 52 | /* minijail_unmarshal: initializes @j from @serialized |
| 53 | * @j minijail to initialize |
| 54 | * @serialized serialized jail buffer |
| 55 | * @length length of buffer |
| 56 | * |
| 57 | * Returns 0 on success. |
| 58 | */ |
Allen Webb | 7ae41c2 | 2021-09-16 10:23:37 -0500 | [diff] [blame] | 59 | extern int minijail_unmarshal(struct minijail *j, char *serialized, |
| 60 | size_t length); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 61 | |
| 62 | /* minijail_from_fd: builds @j from @fd |
| 63 | * @j minijail to initialize |
| 64 | * @fd fd to initialize from |
| 65 | * |
| 66 | * Returns 0 on success. |
| 67 | */ |
Will Drewry | fe4a372 | 2011-09-16 14:50:50 -0500 | [diff] [blame] | 68 | extern int minijail_from_fd(int fd, struct minijail *j); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 69 | |
| 70 | /* minijail_to_fd: sends @j over @fd |
| 71 | * @j minijail to send |
| 72 | * @fd fd to send over |
| 73 | * |
François Degros | 664eba7 | 2019-11-05 13:18:24 +1100 | [diff] [blame] | 74 | * Returns 0 on success, or a negative error code on error. |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 75 | */ |
Will Drewry | fe4a372 | 2011-09-16 14:50:50 -0500 | [diff] [blame] | 76 | extern int minijail_to_fd(struct minijail *j, int fd); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 77 | |
| 78 | /* minijail_preexec: strips @j of all options handled by minijail_enter() |
| 79 | * @j jail to strip |
| 80 | */ |
Will Drewry | fe4a372 | 2011-09-16 14:50:50 -0500 | [diff] [blame] | 81 | extern void minijail_preexec(struct minijail *j); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 82 | |
| 83 | /* minijail_preenter: strips @j of all options handled by minijail_run() |
| 84 | * @j jail to strip |
| 85 | */ |
Will Drewry | 2ddaad0 | 2011-09-16 11:36:08 -0500 | [diff] [blame] | 86 | extern void minijail_preenter(struct minijail *j); |
| 87 | |
Jorge Lucangeli Obes | a67bd6a | 2016-08-19 15:33:48 -0400 | [diff] [blame] | 88 | #ifdef __cplusplus |
| 89 | }; /* extern "C" */ |
| 90 | #endif |
| 91 | |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 92 | #endif /* !LIBMINIJAIL_PRIVATE_H */ |