mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-10-24 21:23:13 +00:00
io_jail: add bind mount
This will be used by some device jails to get access to unix sockets after being jailed. TEST=None BUG=None Change-Id: I870bfb155b275769ccb3248b1441e7c0b8f20ad7 Reviewed-on: https://chromium-review.googlesource.com/558447 Commit-Ready: Zach Reizner <zachr@chromium.org> Tested-by: Zach Reizner <zachr@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org>
This commit is contained in:
parent
1247525aac
commit
848b9ff625
1 changed files with 13 additions and 0 deletions
|
@ -18,6 +18,8 @@ use std::str::FromStr;
|
|||
|
||||
#[derive(Debug)]
|
||||
pub enum Error {
|
||||
// minijail failed to accept bind mount.
|
||||
BindMount(i32),
|
||||
/// minjail_new failed, this is an allocation failure.
|
||||
CreatingMinijail,
|
||||
/// The path or name string passed in didn't parse to a valid CString.
|
||||
|
@ -208,6 +210,17 @@ impl Minijail {
|
|||
pub fn mount_tmp_size(&mut self, size: usize) {
|
||||
unsafe { libminijail::minijail_mount_tmp_size(self.jail, size); }
|
||||
}
|
||||
pub fn mount_bind(&mut self, src: &Path, dest: &Path, writable: bool) -> Result<()> {
|
||||
let src = src.as_os_str().to_str().ok_or(Error::InvalidCString)?;
|
||||
let src = CString::new(src).map_err(|_| Error::InvalidCString)?;
|
||||
let dest = dest.as_os_str().to_str().ok_or(Error::InvalidCString)?;
|
||||
let dest = CString::new(dest).map_err(|_| Error::InvalidCString)?;
|
||||
let ret = unsafe { libminijail::minijail_bind(self.jail, src.as_ptr(), dest.as_ptr(), writable as _) };
|
||||
if ret < 0 {
|
||||
return Err(Error::BindMount(ret));
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Enters the previously configured minijail.
|
||||
/// `enter` is unsafe because it closes all open FD for this process. That
|
||||
|
|
Loading…
Reference in a new issue