]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
c2f1db8f | 2 | #pragma once |
15ae422b LP |
3 | |
4 | /*** | |
96b2fb93 | 5 | Copyright © 2016 Djalal Harouni |
15ae422b LP |
6 | ***/ |
7 | ||
79d956db | 8 | typedef struct NamespaceParameters NamespaceParameters; |
d2d6c096 | 9 | typedef struct BindMount BindMount; |
2abd4e38 | 10 | typedef struct TemporaryFileSystem TemporaryFileSystem; |
b3d13314 | 11 | typedef struct MountImage MountImage; |
c575770b | 12 | |
15ae422b LP |
13 | #include <stdbool.h> |
14 | ||
915e6d16 | 15 | #include "dissect-image.h" |
56a13a49 | 16 | #include "fs-util.h" |
417116f2 | 17 | #include "macro.h" |
c3b9c418 | 18 | #include "namespace-util.h" |
cd7f3702 | 19 | #include "runtime-scope.h" |
56a13a49 | 20 | #include "string-util.h" |
417116f2 | 21 | |
1b8689f9 LP |
22 | typedef enum ProtectHome { |
23 | PROTECT_HOME_NO, | |
24 | PROTECT_HOME_YES, | |
25 | PROTECT_HOME_READ_ONLY, | |
e4da7d8c | 26 | PROTECT_HOME_TMPFS, |
1b8689f9 | 27 | _PROTECT_HOME_MAX, |
2d93c20e | 28 | _PROTECT_HOME_INVALID = -EINVAL, |
1b8689f9 LP |
29 | } ProtectHome; |
30 | ||
31 | typedef enum ProtectSystem { | |
32 | PROTECT_SYSTEM_NO, | |
33 | PROTECT_SYSTEM_YES, | |
34 | PROTECT_SYSTEM_FULL, | |
3f815163 | 35 | PROTECT_SYSTEM_STRICT, |
1b8689f9 | 36 | _PROTECT_SYSTEM_MAX, |
2d93c20e | 37 | _PROTECT_SYSTEM_INVALID = -EINVAL, |
1b8689f9 | 38 | } ProtectSystem; |
417116f2 | 39 | |
4e399953 LP |
40 | typedef enum ProtectProc { |
41 | PROTECT_PROC_DEFAULT, | |
42 | PROTECT_PROC_NOACCESS, /* hidepid=noaccess */ | |
43 | PROTECT_PROC_INVISIBLE, /* hidepid=invisible */ | |
44 | PROTECT_PROC_PTRACEABLE, /* hidepid=ptraceable */ | |
45 | _PROTECT_PROC_MAX, | |
2d93c20e | 46 | _PROTECT_PROC_INVALID = -EINVAL, |
4e399953 LP |
47 | } ProtectProc; |
48 | ||
49 | typedef enum ProcSubset { | |
50 | PROC_SUBSET_ALL, | |
51 | PROC_SUBSET_PID, /* subset=pid */ | |
52 | _PROC_SUBSET_MAX, | |
2d93c20e | 53 | _PROC_SUBSET_INVALID = -EINVAL, |
4e399953 LP |
54 | } ProcSubset; |
55 | ||
d2d6c096 LP |
56 | struct BindMount { |
57 | char *source; | |
58 | char *destination; | |
89de370e ZJS |
59 | bool read_only; |
60 | bool nosuid; | |
61 | bool recursive; | |
62 | bool ignore_enoent; | |
d2d6c096 LP |
63 | }; |
64 | ||
2abd4e38 YW |
65 | struct TemporaryFileSystem { |
66 | char *path; | |
67 | char *options; | |
68 | }; | |
69 | ||
93f59701 LB |
70 | typedef enum MountImageType { |
71 | MOUNT_IMAGE_DISCRETE, | |
72 | MOUNT_IMAGE_EXTENSION, | |
73 | _MOUNT_IMAGE_TYPE_MAX, | |
74 | _MOUNT_IMAGE_TYPE_INVALID = -EINVAL, | |
75 | } MountImageType; | |
76 | ||
b3d13314 LB |
77 | struct MountImage { |
78 | char *source; | |
93f59701 | 79 | char *destination; /* Unused if MountImageType == MOUNT_IMAGE_EXTENSION */ |
427353f6 | 80 | LIST_HEAD(MountOptions, mount_options); |
b3d13314 | 81 | bool ignore_enoent; |
93f59701 | 82 | MountImageType type; |
b3d13314 LB |
83 | }; |
84 | ||
79d956db LP |
85 | struct NamespaceParameters { |
86 | RuntimeScope runtime_scope; | |
87 | ||
88 | const char *root_directory; | |
89 | const char *root_image; | |
90 | const MountOptions *root_image_options; | |
91 | const ImagePolicy *root_image_policy; | |
92 | ||
93 | char **read_write_paths; | |
94 | char **read_only_paths; | |
95 | char **inaccessible_paths; | |
96 | ||
97 | char **exec_paths; | |
98 | char **no_exec_paths; | |
99 | ||
100 | char **empty_directories; | |
101 | char **symlinks; | |
102 | ||
103 | const BindMount *bind_mounts; | |
104 | size_t n_bind_mounts; | |
105 | ||
106 | const TemporaryFileSystem *temporary_filesystems; | |
107 | size_t n_temporary_filesystems; | |
108 | ||
109 | const MountImage *mount_images; | |
110 | size_t n_mount_images; | |
111 | const ImagePolicy *mount_image_policy; | |
112 | ||
113 | const char *tmp_dir; | |
114 | const char *var_tmp_dir; | |
115 | ||
116 | const char *creds_path; | |
117 | const char *log_namespace; | |
118 | ||
119 | unsigned long mount_propagation_flag; | |
120 | VeritySettings *verity; | |
121 | ||
122 | const MountImage *extension_images; | |
123 | size_t n_extension_images; | |
124 | const ImagePolicy *extension_image_policy; | |
125 | char **extension_directories; | |
126 | ||
127 | const char *propagate_dir; | |
128 | const char *incoming_dir; | |
129 | ||
130 | const char *extension_dir; | |
131 | const char *notify_socket; | |
132 | const char *host_os_release_stage; | |
133 | ||
134 | bool ignore_protect_paths; | |
135 | ||
136 | bool protect_control_groups; | |
137 | bool protect_kernel_tunables; | |
138 | bool protect_kernel_modules; | |
139 | bool protect_kernel_logs; | |
140 | bool protect_hostname; | |
141 | ||
142 | bool private_dev; | |
143 | bool private_network; | |
144 | bool private_ipc; | |
145 | ||
146 | bool mount_apivfs; | |
147 | bool mount_nosuid; | |
148 | ||
149 | ProtectHome protect_home; | |
150 | ProtectSystem protect_system; | |
151 | ProtectProc protect_proc; | |
152 | ProcSubset proc_subset; | |
153 | }; | |
154 | ||
155 | int setup_namespace(const NamespaceParameters *p, char **error_path); | |
d2d6c096 | 156 | |
56a13a49 ZJS |
157 | #define RUN_SYSTEMD_EMPTY "/run/systemd/empty" |
158 | ||
75db809a | 159 | static inline char* namespace_cleanup_tmpdir(char *p) { |
56a13a49 ZJS |
160 | PROTECT_ERRNO; |
161 | if (!streq_ptr(p, RUN_SYSTEMD_EMPTY)) | |
162 | (void) rmdir(p); | |
75db809a | 163 | return mfree(p); |
56a13a49 ZJS |
164 | } |
165 | DEFINE_TRIVIAL_CLEANUP_FUNC(char*, namespace_cleanup_tmpdir); | |
166 | ||
d2d6c096 LP |
167 | int setup_tmp_dirs( |
168 | const char *id, | |
169 | char **tmp_dir, | |
170 | char **var_tmp_dir); | |
613b411c | 171 | |
13339577 DDM |
172 | int setup_shareable_ns(int ns_storage_socket[static 2], unsigned long nsflag); |
173 | int open_shareable_ns_path(int netns_storage_socket[static 2], const char *path, unsigned long nsflag); | |
417116f2 | 174 | |
1b8689f9 LP |
175 | const char* protect_home_to_string(ProtectHome p) _const_; |
176 | ProtectHome protect_home_from_string(const char *s) _pure_; | |
177 | ||
178 | const char* protect_system_to_string(ProtectSystem p) _const_; | |
179 | ProtectSystem protect_system_from_string(const char *s) _pure_; | |
d2d6c096 | 180 | |
4e399953 LP |
181 | const char* protect_proc_to_string(ProtectProc i) _const_; |
182 | ProtectProc protect_proc_from_string(const char *s) _pure_; | |
183 | ||
184 | const char* proc_subset_to_string(ProcSubset i) _const_; | |
185 | ProcSubset proc_subset_from_string(const char *s) _pure_; | |
186 | ||
da6053d0 LP |
187 | void bind_mount_free_many(BindMount *b, size_t n); |
188 | int bind_mount_add(BindMount **b, size_t *n, const BindMount *item); | |
6e2d7c4f | 189 | |
da6053d0 LP |
190 | void temporary_filesystem_free_many(TemporaryFileSystem *t, size_t n); |
191 | int temporary_filesystem_add(TemporaryFileSystem **t, size_t *n, | |
2abd4e38 YW |
192 | const char *path, const char *options); |
193 | ||
b3d13314 LB |
194 | MountImage* mount_image_free_many(MountImage *m, size_t *n); |
195 | int mount_image_add(MountImage **m, size_t *n, const MountImage *item); | |
196 | ||
6e2d7c4f MS |
197 | const char* namespace_type_to_string(NamespaceType t) _const_; |
198 | NamespaceType namespace_type_from_string(const char *s) _pure_; | |
199 | ||
200 | bool ns_type_supported(NamespaceType type); |