1 // Copyright 2019 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 #ifndef SANDBOXED_API_SANDBOX2_MOUNTTREE_H_ 16 #define SANDBOXED_API_SANDBOX2_MOUNTTREE_H_ 17 18 #include <cstddef> 19 #include <cstdint> 20 #include <string> 21 #include <utility> 22 #include <vector> 23 24 #include "absl/status/status.h" 25 #include "absl/status/statusor.h" 26 #include "absl/strings/string_view.h" 27 #include "sandboxed_api/sandbox2/mount_tree.pb.h" 28 29 namespace sandbox2 { 30 31 namespace internal { 32 33 bool IsSameFile(const std::string& path1, const std::string& path2); 34 bool IsWritable(const MountTree::Node& node); 35 bool HasSameTarget(const MountTree::Node& n1, const MountTree::Node& n2); 36 bool IsEquivalentNode(const MountTree::Node& n1, const MountTree::Node& n2); 37 38 } // namespace internal 39 40 class Mounts { 41 public: Mounts()42 Mounts() { 43 MountTree::Node root; 44 root.mutable_root_node()->set_writable(false); 45 *mount_tree_.mutable_node() = root; 46 } 47 Mounts(MountTree mount_tree)48 explicit Mounts(MountTree mount_tree) : mount_tree_(std::move(mount_tree)) {} 49 50 Mounts(const Mounts&) = default; 51 Mounts(Mounts&&) = default; 52 Mounts& operator=(const Mounts&) = default; 53 Mounts& operator=(Mounts&&) = default; 54 55 absl::Status AddFile(absl::string_view path, bool is_ro = true) { 56 return AddFileAt(path, path, is_ro); 57 } 58 59 absl::Status AddFileAt(absl::string_view outside, absl::string_view inside, 60 bool is_ro = true); 61 62 absl::Status AddDirectory(absl::string_view path, bool is_ro = true) { 63 return AddDirectoryAt(path, path, is_ro); 64 } 65 66 absl::Status AddDirectoryAt(absl::string_view outside, 67 absl::string_view inside, bool is_ro = true); 68 69 absl::Status AddMappingsForBinary(const std::string& path, 70 absl::string_view ld_library_path = {}); 71 72 absl::Status AddTmpfs(absl::string_view inside, size_t sz); 73 74 absl::Status Remove(absl::string_view path); 75 76 void CreateMounts(const std::string& root_path) const; 77 GetMountTree()78 MountTree GetMountTree() const { return mount_tree_; } 79 SetRootWritable()80 void SetRootWritable() { 81 mount_tree_.mutable_node()->mutable_root_node()->set_writable(true); 82 } 83 IsRootReadOnly()84 bool IsRootReadOnly() const { 85 return mount_tree_.has_node() && mount_tree_.node().has_root_node() && 86 !mount_tree_.node().root_node().writable(); 87 } 88 89 // Lists the outside and inside entries of the input tree in the output 90 // parameters, in an ls-like manner. Each entry is traversed in the 91 // depth-first order. However, the entries on the same level of hierarchy are 92 // traversed in their natural order in the tree. The elements in the output 93 // containers match each other pairwise: outside_entries[i] is mounted as 94 // inside_entries[i]. The elements of inside_entries are prefixed with either 95 // 'R' (read-only) or 'W' (writable). 96 void RecursivelyListMounts(std::vector<std::string>* outside_entries, 97 std::vector<std::string>* inside_entries) const; 98 99 absl::StatusOr<std::string> ResolvePath(absl::string_view path) const; 100 101 private: 102 friend class MountTreeTest; 103 104 absl::Status Insert(absl::string_view path, const MountTree::Node& node); 105 106 MountTree mount_tree_; 107 int64_t mount_index_ = 0; // Used to keep track of the mount insertion order 108 }; 109 110 } // namespace sandbox2 111 112 #endif // SANDBOXED_API_SANDBOX2_MOUNTTREE_H_ 113