Android-cuttlefish cvd tool
Classes | Public Member Functions | Static Public Member Functions | Private Types | Private Member Functions | Private Attributes | List of all members
cuttlefish::process_sandboxer::SandboxManager Class Reference

#include <sandbox_manager.h>

Collaboration diagram for cuttlefish::process_sandboxer::SandboxManager:
Collaboration graph
[legend]

Classes

class  ManagedProcess
 
class  ProcessNoSandbox
 
class  SandboxedProcess
 
class  SocketClient
 

Public Member Functions

 SandboxManager (SandboxManager &)=delete
 
 ~SandboxManager ()
 
absl::Status RunProcess (std::optional< int > client_fd, absl::Span< const std::string > argv, std::vector< std::pair< sapi::file_util::fileops::FDCloser, int > > fds, absl::Span< const std::string > env)
 
absl::Status Iterate ()
 
bool Running () const
 

Static Public Member Functions

static absl::StatusOr< std::unique_ptr< SandboxManager > > Create (HostInfo host_info)
 

Private Types

using ClientIter = std::list< std::unique_ptr< SocketClient > >::iterator
 
using SboxIter = std::list< std::unique_ptr< ManagedProcess > >::iterator
 

Private Member Functions

 SandboxManager (HostInfo, std::string runtime_dir, SignalFd, CredentialedUnixServer)
 
absl::Status RunSandboxedProcess (std::optional< int > client_fd, absl::Span< const std::string > argv, std::vector< std::pair< sapi::file_util::fileops::FDCloser, int > > fds, absl::Span< const std::string > env, std::unique_ptr< sandbox2::Policy > policy)
 
absl::Status RunProcessNoSandbox (std::optional< int > client_fd, absl::Span< const std::string > argv, std::vector< std::pair< sapi::file_util::fileops::FDCloser, int > > fds, absl::Span< const std::string > env)
 
absl::Status ClientMessage (ClientIter it, short revents)
 
absl::Status NewClient (short revents)
 
absl::Status ProcessExit (SboxIter it, short revents)
 
absl::Status Signalled (short revents)
 

Private Attributes

HostInfo host_info_
 
bool running_ = true
 
std::string runtime_dir_
 
std::list< std::unique_ptr< ManagedProcess > > subprocesses_
 
std::list< std::unique_ptr< SocketClient > > clients_
 
SignalFd signals_
 
CredentialedUnixServer server_
 
absl::BitGen bit_gen_
 

Member Typedef Documentation

◆ ClientIter

using cuttlefish::process_sandboxer::SandboxManager::ClientIter = std::list<std::unique_ptr<SocketClient> >::iterator
private

◆ SboxIter

using cuttlefish::process_sandboxer::SandboxManager::SboxIter = std::list<std::unique_ptr<ManagedProcess> >::iterator
private

Constructor & Destructor Documentation

◆ SandboxManager() [1/2]

cuttlefish::process_sandboxer::SandboxManager::SandboxManager ( SandboxManager )
delete

◆ ~SandboxManager()

cuttlefish::process_sandboxer::SandboxManager::~SandboxManager ( )

◆ SandboxManager() [2/2]

cuttlefish::process_sandboxer::SandboxManager::SandboxManager ( HostInfo  host_info,
std::string  runtime_dir,
SignalFd  signals,
CredentialedUnixServer  server 
)
private

Member Function Documentation

◆ ClientMessage()

absl::Status cuttlefish::process_sandboxer::SandboxManager::ClientMessage ( SandboxManager::ClientIter  it,
short  revents 
)
private

◆ Create()

absl::StatusOr< std::unique_ptr< SandboxManager > > cuttlefish::process_sandboxer::SandboxManager::Create ( HostInfo  host_info)
static

◆ Iterate()

absl::Status cuttlefish::process_sandboxer::SandboxManager::Iterate ( )

Block until an event happens, and process all open events.

◆ NewClient()

absl::Status cuttlefish::process_sandboxer::SandboxManager::NewClient ( short  revents)
private

◆ ProcessExit()

absl::Status cuttlefish::process_sandboxer::SandboxManager::ProcessExit ( SandboxManager::SboxIter  it,
short  revents 
)
private

◆ Running()

bool cuttlefish::process_sandboxer::SandboxManager::Running ( ) const

◆ RunProcess()

absl::Status cuttlefish::process_sandboxer::SandboxManager::RunProcess ( std::optional< int >  client_fd,
absl::Span< const std::string >  argv,
std::vector< std::pair< sapi::file_util::fileops::FDCloser, int > >  fds,
absl::Span< const std::string >  env 
)

Start a process with the given argv and file descriptors in fds.

For (key, value) pairs in fds, key on the outside is mapped to value in the sandbox, and key is closed on the outside.

◆ RunProcessNoSandbox()

absl::Status cuttlefish::process_sandboxer::SandboxManager::RunProcessNoSandbox ( std::optional< int >  client_fd,
absl::Span< const std::string >  argv,
std::vector< std::pair< sapi::file_util::fileops::FDCloser, int > >  fds,
absl::Span< const std::string >  env 
)
private

◆ RunSandboxedProcess()

absl::Status cuttlefish::process_sandboxer::SandboxManager::RunSandboxedProcess ( std::optional< int >  client_fd,
absl::Span< const std::string >  argv,
std::vector< std::pair< sapi::file_util::fileops::FDCloser, int > >  fds,
absl::Span< const std::string >  env,
std::unique_ptr< sandbox2::Policy >  policy 
)
private

◆ Signalled()

absl::Status cuttlefish::process_sandboxer::SandboxManager::Signalled ( short  revents)
private

Member Data Documentation

◆ bit_gen_

absl::BitGen cuttlefish::process_sandboxer::SandboxManager::bit_gen_
private

◆ clients_

std::list<std::unique_ptr<SocketClient> > cuttlefish::process_sandboxer::SandboxManager::clients_
private

◆ host_info_

HostInfo cuttlefish::process_sandboxer::SandboxManager::host_info_
private

◆ running_

bool cuttlefish::process_sandboxer::SandboxManager::running_ = true
private

◆ runtime_dir_

std::string cuttlefish::process_sandboxer::SandboxManager::runtime_dir_
private

◆ server_

CredentialedUnixServer cuttlefish::process_sandboxer::SandboxManager::server_
private

◆ signals_

SignalFd cuttlefish::process_sandboxer::SandboxManager::signals_
private

◆ subprocesses_

std::list<std::unique_ptr<ManagedProcess> > cuttlefish::process_sandboxer::SandboxManager::subprocesses_
private
The documentation for this class was generated from the following files:
Generated by doxygen 1.9.4