1 /* libminijail-private.h 2 * Copyright 2011 The ChromiumOS Authors 3 * Use of this source code is governed by a BSD-style license that can be 4 * found in the LICENSE file. 5 * 6 * Values shared between libminijailpreload and libminijail, but not visible to 7 * the outside world. 8 */ 9 10 #ifndef LIBMINIJAIL_PRIVATE_H 11 #define LIBMINIJAIL_PRIVATE_H 12 13 #include <sys/types.h> 14 15 #ifdef __cplusplus 16 extern "C" { 17 #endif 18 19 /* Explicitly declare exported functions so that -fvisibility tricks 20 * can be used for testing and minimal symbol leakage occurs. 21 */ 22 #define API __attribute__((__visibility__("default"))) 23 24 static const char kFdEnvVar[] = "__MINIJAIL_FD"; 25 static const char kLdPreloadEnvVar[] = "LD_PRELOAD"; 26 static const char kSeccompPolicyPathEnvVar[] = "SECCOMP_POLICY_PATH"; 27 static const char kAltSyscallNamePlaceholder[] = 28 "<unknown: alt_syscall active>"; 29 30 struct minijail; 31 32 /* minijail_size: returns the size (in bytes) of @j if marshalled 33 * @j jail to compute size of 34 * 35 * Returns 0 on error. 36 */ 37 extern size_t minijail_size(const struct minijail *j); 38 39 /* minijail_marshal: serializes @j to @buf 40 * @j minijail to serialize 41 * @buf buffer to serialize to 42 * @size size of @buf 43 * 44 * Returns 0 on success. 45 * 46 * Writes |j| to |buf| such that it can be reparsed by the same 47 * library on the same architecture. This is meant to be used 48 * by minijail0.c and libminijailpreload.c. minijail flags that 49 * require minijail_run() will be excluded. 50 * 51 * The marshalled data is not robust to differences between the child 52 * and parent process (personality, etc). 53 */ 54 extern int minijail_marshal(const struct minijail *j, char *buf, size_t size); 55 56 /* minijail_unmarshal: initializes @j from @serialized 57 * @j minijail to initialize 58 * @serialized serialized jail buffer 59 * @length length of buffer 60 * 61 * Returns 0 on success. 62 */ 63 extern int minijail_unmarshal(struct minijail *j, char *serialized, 64 size_t length); 65 66 /* minijail_from_fd: builds @j from @fd 67 * @j minijail to initialize 68 * @fd fd to initialize from 69 * 70 * Returns 0 on success. 71 */ 72 extern int minijail_from_fd(int fd, struct minijail *j); 73 74 /* minijail_to_fd: sends @j over @fd 75 * @j minijail to send 76 * @fd fd to send over 77 * 78 * Returns 0 on success, or a negative error code on error. 79 */ 80 extern int minijail_to_fd(struct minijail *j, int fd); 81 82 /* minijail_preexec: strips @j of all options handled by minijail_enter() 83 * @j jail to strip 84 */ 85 extern void minijail_preexec(struct minijail *j); 86 87 /* minijail_preenter: strips @j of all options handled by minijail_run() 88 * @j jail to strip 89 */ 90 extern void minijail_preenter(struct minijail *j); 91 92 /* minijail_fd_is_open: returns true if the specified file descriptor is open. 93 */ 94 extern int minijail_fd_is_open(int fd); 95 96 #ifdef __cplusplus 97 }; /* extern "C" */ 98 #endif 99 100 #endif /* !LIBMINIJAIL_PRIVATE_H */ 101