mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2025-01-12 16:45:31 +00:00
io_jail: Add InvalidPath error
parse_seccomp_filters in libminijail will unhelpfully abort() if the path doesn't exist. Check that the policy file exists so that there's a semi-useful error message. BUG=none TEST=crosvm run without seccomp policy in current directory; no abort Change-Id: Ie1123e8cae3f6a27bbd5a3128161364401e8d4b2 Signed-off-by: Stephen Barber <smbarber@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/585829 Reviewed-by: Dylan Reid <dgreid@chromium.org>
This commit is contained in:
parent
ce3a3e8f00
commit
5ad8bc5e08
1 changed files with 6 additions and 0 deletions
|
@ -22,6 +22,8 @@ pub enum Error {
|
||||||
BindMount(i32),
|
BindMount(i32),
|
||||||
/// minjail_new failed, this is an allocation failure.
|
/// minjail_new failed, this is an allocation failure.
|
||||||
CreatingMinijail,
|
CreatingMinijail,
|
||||||
|
/// The path doesn't exist.
|
||||||
|
InvalidPath,
|
||||||
/// The path or name string passed in didn't parse to a valid CString.
|
/// The path or name string passed in didn't parse to a valid CString.
|
||||||
InvalidCString,
|
InvalidCString,
|
||||||
/// Failed to call dup2 to set stdin, stdout, or stderr to /dev/null.
|
/// Failed to call dup2 to set stdin, stdout, or stderr to /dev/null.
|
||||||
|
@ -129,6 +131,10 @@ impl Minijail {
|
||||||
unsafe { libminijail::minijail_set_seccomp_filter_tsync(self.jail); }
|
unsafe { libminijail::minijail_set_seccomp_filter_tsync(self.jail); }
|
||||||
}
|
}
|
||||||
pub fn parse_seccomp_filters(&mut self, path: &Path) -> Result<()> {
|
pub fn parse_seccomp_filters(&mut self, path: &Path) -> Result<()> {
|
||||||
|
if !path.is_file() {
|
||||||
|
return Err(Error::InvalidPath);
|
||||||
|
}
|
||||||
|
|
||||||
let pathstring = path.as_os_str().to_str().ok_or(Error::InvalidCString)?;
|
let pathstring = path.as_os_str().to_str().ok_or(Error::InvalidCString)?;
|
||||||
let filename = CString::new(pathstring).map_err(|_| Error::InvalidCString)?;
|
let filename = CString::new(pathstring).map_err(|_| Error::InvalidCString)?;
|
||||||
unsafe {
|
unsafe {
|
||||||
|
|
Loading…
Reference in a new issue