mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2024-10-24 21:23:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

io_jail: add bind mount

Browse source 
This will be used by some device jails to get access to unix sockets
after being jailed.

TEST=None
BUG=None

Change-Id: I870bfb155b275769ccb3248b1441e7c0b8f20ad7
Reviewed-on: https://chromium-review.googlesource.com/558447
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This commit is contained in:
Zach Reizner 2017-06-30 15:46:25 -07:00 committed by chrome-bot
parent 1247525aac
commit 848b9ff625
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
io_jail/src/lib.rs
View file

@ -18,6 +18,8 @@ use std::str::FromStr;
#[derive(Debug)]
pub enum Error {
// minijail failed to accept bind mount.
BindMount(i32),
/// minjail_new failed, this is an allocation failure.
CreatingMinijail,
/// The path or name string passed in didn't parse to a valid CString.
@ -208,6 +210,17 @@ impl Minijail {
pub fn mount_tmp_size(&mut self, size: usize) {
unsafe { libminijail::minijail_mount_tmp_size(self.jail, size); }
}
pub fn mount_bind(&mut self, src: &Path, dest: &Path, writable: bool) -> Result<()> {
let src = src.as_os_str().to_str().ok_or(Error::InvalidCString)?;
let src = CString::new(src).map_err(|_| Error::InvalidCString)?;
let dest = dest.as_os_str().to_str().ok_or(Error::InvalidCString)?;
let dest = CString::new(dest).map_err(|_| Error::InvalidCString)?;
let ret = unsafe { libminijail::minijail_bind(self.jail, src.as_ptr(), dest.as_ptr(), writable as _) };
if ret < 0 {
return Err(Error::BindMount(ret));
}
Ok(())
}
/// Enters the previously configured minijail.
/// `enter` is unsafe because it closes all open FD for this process. That