devices: add on_sandboxed

On sandboxed will be invoked when the device is sandboxed. Device
implementation could do initialization here. It does not need to return
fd opened here to keep fds.

BUG=None
TEST=local build and run

Change-Id: I42c2b3cae3a87dd54f02e77b8cd10766309a0770
Reviewed-on: https://chromium-review.googlesource.com/1327513
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This commit is contained in:
Jingkui Wang 2018-11-08 10:47:42 -08:00 committed by chrome-bot
parent 7df5a0ef1a
commit f6752e7927
3 changed files with 13 additions and 0 deletions

View file

@ -30,6 +30,8 @@ pub trait BusDevice: Send {
fn config_register_read(&self, reg_idx: usize) -> u32 { fn config_register_read(&self, reg_idx: usize) -> u32 {
0 0
} }
/// Invoked when the device is sandboxed.
fn on_sandboxed(&mut self) {}
} }
#[derive(Debug)] #[derive(Debug)]

View file

@ -61,6 +61,8 @@ pub trait PciDevice: Send {
/// * `addr` - The guest address inside the BAR. /// * `addr` - The guest address inside the BAR.
/// * `data` - The data to write. /// * `data` - The data to write.
fn write_bar(&mut self, addr: u64, data: &[u8]); fn write_bar(&mut self, addr: u64, data: &[u8]);
/// Invoked when the device is sandboxed.
fn on_device_sandboxed(&mut self) {}
} }
impl<T: PciDevice> BusDevice for T { impl<T: PciDevice> BusDevice for T {
@ -93,6 +95,10 @@ impl<T: PciDevice> BusDevice for T {
fn config_register_read(&self, reg_idx: usize) -> u32 { fn config_register_read(&self, reg_idx: usize) -> u32 {
self.config_registers().read_reg(reg_idx) self.config_registers().read_reg(reg_idx)
} }
fn on_sandboxed(&mut self) {
self.on_device_sandboxed();
}
} }
impl<T: PciDevice + ?Sized> PciDevice for Box<T> { impl<T: PciDevice + ?Sized> PciDevice for Box<T> {
@ -126,4 +132,8 @@ impl<T: PciDevice + ?Sized> PciDevice for Box<T> {
fn write_bar(&mut self, addr: u64, data: &[u8]) { fn write_bar(&mut self, addr: u64, data: &[u8]) {
(**self).write_bar(addr, data) (**self).write_bar(addr, data)
} }
/// Invoked when the device is sandboxed.
fn on_device_sandboxed(&mut self) {
(**self).on_device_sandboxed()
}
} }

View file

@ -143,6 +143,7 @@ impl ProxyDevice {
let pid = unsafe { let pid = unsafe {
match jail.fork(Some(&keep_fds)).map_err(Error::ForkingJail)? { match jail.fork(Some(&keep_fds)).map_err(Error::ForkingJail)? {
0 => { 0 => {
device.on_sandboxed();
child_proc(child_sock, &mut device); child_proc(child_sock, &mut device);
// ! Never returns // ! Never returns
process::exit(0); process::exit(0);