security/sandbox/linux/SandboxBrokerClient.h

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
   5  * You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #ifndef mozilla_SandboxBrokerClient_h
   8 #define mozilla_SandboxBrokerClient_h
   9
  10 #include "broker/SandboxBrokerCommon.h"
  11 #include "broker/SandboxBrokerUtils.h"
  12
  13 #include "mozilla/Attributes.h"
  14
  15 // This is the client for the sandbox broker described in
  16 // broker/SandboxBroker.h; its constructor takes the file descriptor
  17 // returned by SandboxBroker::Create, passed to the child over IPC.
  18 //
  19 // The operations exposed here can be called from any thread and in
  20 // async signal handlers, like the corresponding system calls.  The
  21 // intended use is from a seccomp-bpf SIGSYS handler, to transparently
  22 // replace those syscalls, but they could also be used directly.
  23
  24 struct stat;
  25 struct sockaddr_un;
  26
  27 namespace mozilla {
  28
  29 class SandboxBrokerClient final : private SandboxBrokerCommon {
  30  public:
  31   explicit SandboxBrokerClient(int aFd);
  32   ~SandboxBrokerClient();
  33
  34   int Open(const char* aPath, int aFlags);
  35   int Access(const char* aPath, int aMode);
  36   int Stat(const char* aPath, statstruct* aStat);
  37   int LStat(const char* aPath, statstruct* aStat);
  38   int Chmod(const char* aPath, int aMode);
  39   int Link(const char* aPath, const char* aPath2);
  40   int Mkdir(const char* aPath, int aMode);
  41   int Symlink(const char* aOldPath, const char* aNewPath);
  42   int Rename(const char* aOldPath, const char* aNewPath);
  43   int Unlink(const char* aPath);
  44   int Rmdir(const char* aPath);
  45   int Readlink(const char* aPath, void* aBuf, size_t aBufSize);
  46   int Connect(const struct sockaddr_un* aAddr, size_t aLen, int aType);
  47
  48  private:
  49   int mFileDesc;
  50
  51   int DoCall(const Request* aReq, const char* aPath, const char* aPath2,
  52              void* aReponseBuff, bool expectFd);
  53 };
  54
  55 }  // namespace mozilla
  56
  57 #endif  // mozilla_SandboxBrokerClient_h