return vsm_get_status();
}
+VsmStatus Client::vsm_declare_file(const char* container,
+ VsmFileType type,
+ const char *path,
+ int32_t flags,
+ mode_t mode) noexcept
+{
+ assert(path);
+
+ GVariant* args_in = g_variant_new("(sisii)", container, type, path, flags, mode);
+ return callMethod(CONTAINER_INTERFACE,
+ api::host::METHOD_DECLARE_FILE,
+ args_in);
+}
+
+VsmStatus Client::vsm_declare_mount(const char *source,
+ const char* container,
+ const char *target,
+ const char *type,
+ uint64_t flags,
+ const char *data) noexcept
+{
+ assert(source);
+ assert(target);
+ assert(type);
+ if (!data) {
+ data = "";
+ }
+
+ GVariant* args_in = g_variant_new("(ssssts)", source, container, target, type, flags, data);
+ return callMethod(CONTAINER_INTERFACE,
+ api::host::METHOD_DECLARE_MOUNT,
+ args_in);
+}
+
+VsmStatus Client::vsm_declare_link(const char *source,
+ const char* container,
+ const char *target) noexcept
+{
+ assert(source);
+ assert(target);
+
+ GVariant* args_in = g_variant_new("(sss)", source, container, target);
+ return callMethod(CONTAINER_INTERFACE,
+ api::host::METHOD_DECLARE_LINK,
+ args_in);
+}
+
VsmStatus Client::vsm_notify_active_container(const char* application, const char* message) noexcept
{
assert(application);
{
return signalUnsubscribe(subscriptionId);
}
+
VsmNetdev* netdev) noexcept;
/**
+ * @see ::vsm_declare_file
+ */
+ VsmStatus vsm_declare_file(const char* container,
+ VsmFileType type,
+ const char* path,
+ int32_t flags,
+ mode_t mode) noexcept;
+
+ /**
+ * @see ::vsm_declare_mount
+ */
+ VsmStatus vsm_declare_mount(const char* source,
+ const char* container,
+ const char* target,
+ const char* type,
+ uint64_t flags,
+ const char* data) noexcept;
+ /**
+ * @see ::vsm_declare_link
+ */
+ VsmStatus vsm_declare_link(const char* source,
+ const char* container,
+ const char* target) noexcept;
+
+ /**
* @see ::vsm_notify_active_container
*/
VsmStatus vsm_notify_active_container(const char* application, const char* message) noexcept;
return getClient(client).vsm_lookup_netdev_by_name(domain, netdevId, netdev);
}
+API VsmStatus vsm_declare_file(VsmClient client,
+ const char* container,
+ VsmFileType type,
+ const char* path,
+ int32_t flags,
+ mode_t mode)
+{
+ return getClient(client).vsm_declare_file(container, type, path, flags, mode);
+}
+
+
+API VsmStatus vsm_declare_mount(VsmClient client,
+ const char* source,
+ const char* container,
+ const char* target,
+ const char* type,
+ uint64_t flags,
+ const char* data)
+{
+ return getClient(client).vsm_declare_mount(source, container, target, type, flags, data);
+}
+
+API VsmStatus vsm_declare_link(VsmClient client,
+ const char* source,
+ const char* container,
+ const char* target)
+{
+ return getClient(client).vsm_declare_link(source, container, target);
+}
+
+
API VsmStatus vsm_notify_active_container(VsmClient client,
const char* application,
const char* message)
{
return getClient(client).vsm_del_notification_callback(subscriptionId);
}
+
#define SECURITY_CONTAINERS_CLIENT_H
#include <stdint.h>
+#include <sys/stat.h>
#ifdef __cplusplus
extern "C"
typedef VsmNetdevStructure* VsmNetdev;
/**
+ * File type
+ */
+typedef enum {
+ VSMFILE_DIRECTORY,
+ VSMFILE_FIFO,
+ VSMFILE_REGULAR,
+} VsmFileType;
+
+/**
* Start glib loop.
*
* Do not call this function if an application creates a glib loop itself.
const char* netdevId,
VsmNetdev* netdev);
+/**
+ * Create file, directory or pipe in container
+ *
+ * Declare file, directory or pipe that will be created while container startup
+ *
+ * @param[in] client security-containers-server's client
+ * @param[in] type file type
+ * @param[in] container container id
+ * @param[in] path path to file
+ * @param[in] flags if O_CREAT bit is set then file will be created in container,
+ * otherwise file will by copied from host;
+ * it is meaningful only when O_CREAT is set
+ * @param[in] mode mode of file
+ * @return status of this function call
+ */
+VsmStatus vsm_declare_file(VsmClient client,
+ const char* container,
+ VsmFileType type,
+ const char* path,
+ int32_t flags,
+ mode_t mode);
+
+/**
+ * Create mount point in container
+ *
+ * Declare mount that will be created while container startup
+ * Parameters are passed to mount system function
+ *
+ * @param[in] client security-containers-server's client
+ * @param[in] source device path (path in host)
+ * @param[in] container container id
+ * @param[in] target mount point (path in container)
+ * @param[in] type filesystem type
+ * @param[in] flags mount flags as in mount function
+ * @patam[in] data additional data as in mount function
+ * @return status of this function call
+ */
+VsmStatus vsm_declare_mount(VsmClient client,
+ const char* source,
+ const char* container,
+ const char* target,
+ const char* type,
+ uint64_t flags,
+ const char* data);
+
+/**
+ * Create link in container
+ *
+ * Declare link that will be created while container startup
+ * Parameters are passed to link system function
+ *
+ * @param[in] client security-containers-server's client
+ * @param[in] source path to link source (in host)
+ * @param[in] container container id
+ * @param[in] target path to link name (in container)
+ * @return status of this function call
+ */
+VsmStatus vsm_declare_link(VsmClient client,
+ const char *source,
+ const char* container,
+ const char *target);
+
/** @} */ // Host API
mHostConnection.setGetContainerInfoCallback(bind(&ContainersManager::handleGetContainerInfoCall,
this, _1, _2));
+ mHostConnection.setDeclareFileCallback(bind(&ContainersManager::handleDeclareFileCall,
+ this, _1, _2, _3, _4, _5, _6));
+
+ mHostConnection.setDeclareMountCallback(bind(&ContainersManager::handleDeclareMountCall,
+ this, _1, _2, _3, _4, _5, _6, _7));
+
+ mHostConnection.setDeclareLinkCallback(bind(&ContainersManager::handleDeclareLinkCall,
+ this, _1, _2, _3, _4));
+
mHostConnection.setSetActiveContainerCallback(bind(&ContainersManager::handleSetActiveContainerCall,
this, _1, _2));
rootfsPath.string().c_str()));
}
+void ContainersManager::handleDeclareFileCall(const std::string& /* container */,
+ const int32_t& /* type */,
+ const std::string& /* path */,
+ const int32_t& /* flags */,
+ const int32_t& /* mode */,
+ dbus::MethodResultBuilder::Pointer result)
+{
+ LOGI("DeclareFile call");
+ LOGE("Not implemeted method");
+ result->setError(api::ERROR_INTERNAL, "Not implemented");
+}
+
+void ContainersManager::handleDeclareMountCall(const std::string& /* source */,
+ const std::string& /* container */,
+ const std::string& /* target */,
+ const std::string& /* type */,
+ const uint64_t& /* flags */,
+ const std::string& /* data */,
+ dbus::MethodResultBuilder::Pointer result)
+{
+ LOGI("DeclareMount call");
+ LOGE("Not implemeted method");
+ result->setError(api::ERROR_INTERNAL, "Not implemented");
+}
+
+void ContainersManager::handleDeclareLinkCall(const std::string& /* source */,
+ const std::string& /* container */,
+ const std::string& /* target */,
+ dbus::MethodResultBuilder::Pointer result)
+{
+ LOGI("DeclareLink call");
+ LOGE("Not implemeted method");
+ result->setError(api::ERROR_INTERNAL, "Not implemented");
+}
+
void ContainersManager::handleSetActiveContainerCall(const std::string& id,
dbus::MethodResultBuilder::Pointer result)
{
void handleGetContainerIdsCall(dbus::MethodResultBuilder::Pointer result);
void handleGetActiveContainerIdCall(dbus::MethodResultBuilder::Pointer result);
void handleGetContainerInfoCall(const std::string& id, dbus::MethodResultBuilder::Pointer result);
+ void handleDeclareFileCall(const std::string& container,
+ const int32_t& type,
+ const std::string& path,
+ const int32_t& flags,
+ const int32_t& mode,
+ dbus::MethodResultBuilder::Pointer result);
+ void handleDeclareMountCall(const std::string& source,
+ const std::string& container,
+ const std::string& target,
+ const std::string& type,
+ const uint64_t& flags,
+ const std::string& data,
+ dbus::MethodResultBuilder::Pointer result);
+ void handleDeclareLinkCall(const std::string& source,
+ const std::string& container,
+ const std::string& target,
+ dbus::MethodResultBuilder::Pointer result);
void handleSetActiveContainerCall(const std::string& id,
dbus::MethodResultBuilder::Pointer result);
void handleCreateContainerCall(const std::string& id,
mGetContainerInfoCallback = callback;
}
+void HostConnection::setDeclareFileCallback(const DeclareFileCallback& callback)
+{
+ mDeclareFileCallback = callback;
+}
+
+void HostConnection::setDeclareMountCallback(const DeclareMountCallback& callback)
+{
+ mDeclareMountCallback = callback;
+}
+
+void HostConnection::setDeclareLinkCallback(const DeclareLinkCallback& callback)
+{
+ mDeclareLinkCallback = callback;
+}
+
void HostConnection::setSetActiveContainerCallback(const SetActiveContainerCallback& callback)
{
mSetActiveContainerCallback = callback;
return;
}
+ if (methodName == api::host::METHOD_DECLARE_FILE) {
+ const gchar* container;
+ int32_t type;
+ const gchar* path;
+ int32_t flags;
+ int32_t mode;
+ g_variant_get(parameters, "(&si&sii)", &container, &type, &path, &flags, &mode);
+
+ if (mDeclareFileCallback) {
+ mDeclareFileCallback(container, type, path, flags, mode, result);
+ }
+ return;
+ }
+
+ if (methodName == api::host::METHOD_DECLARE_MOUNT) {
+ const gchar* source;
+ const gchar* container;
+ const gchar* target;
+ const gchar* type;
+ uint64_t flags;
+ const gchar* data;
+ g_variant_get(parameters,
+ "(&s&s&s&st&s)",
+ &source,
+ &container,
+ &target,
+ &type,
+ &flags,
+ &data);
+
+ if (mDeclareMountCallback) {
+ mDeclareMountCallback(source, container, target, type, flags, data, result);
+ }
+ return;
+ }
+
+ if (methodName == api::host::METHOD_DECLARE_LINK) {
+ const gchar* source;
+ const gchar* container;
+ const gchar* target;
+ g_variant_get(parameters, "(&s&s&s)", &source, &container, &target);
+
+ if (mDeclareLinkCallback) {
+ mDeclareLinkCallback(source, container, target, result);
+ }
+ return;
+ }
+
if (methodName == api::host::METHOD_CREATE_CONTAINER) {
const gchar* id = NULL;
g_variant_get(parameters, "(&s)", &id);
typedef std::function<void(const std::string& id,
dbus::MethodResultBuilder::Pointer result
)> GetContainerInfoCallback;
+ typedef std::function<void(const std::string& container,
+ const int32_t& type,
+ const std::string& path,
+ const int32_t& flags,
+ const int32_t& mode,
+ dbus::MethodResultBuilder::Pointer result
+ )> DeclareFileCallback;
+ typedef std::function<void(const std::string& source,
+ const std::string& container,
+ const std::string& target,
+ const std::string& type,
+ const uint64_t& flags,
+ const std::string& data,
+ dbus::MethodResultBuilder::Pointer result
+ )> DeclareMountCallback;
+ typedef std::function<void(const std::string& source,
+ const std::string& container,
+ const std::string& target,
+ dbus::MethodResultBuilder::Pointer result
+ )> DeclareLinkCallback;
typedef std::function<void(const std::string& id,
dbus::MethodResultBuilder::Pointer result
)> SetActiveContainerCallback;
void setGetContainerInfoCallback(const GetContainerInfoCallback& callback);
/**
+ * Register a callback called to declare file
+ */
+ void setDeclareFileCallback(const DeclareFileCallback& callback);
+
+ /**
+ * Register a callback called to declare mount point
+ */
+ void setDeclareMountCallback(const DeclareMountCallback& callback);
+
+ /**
+ * Register a callback called to declare link
+ */
+ void setDeclareLinkCallback(const DeclareLinkCallback& callback);
+
+ /**
* Register a callback called to set the active container
*/
void setSetActiveContainerCallback(const SetActiveContainerCallback& callback);
GetContainerIdsCallback mGetContainerIdsCallback;
GetActiveContainerIdCallback mGetActiveContainerIdCallback;
GetContainerInfoCallback mGetContainerInfoCallback;
+ DeclareFileCallback mDeclareFileCallback;
+ DeclareMountCallback mDeclareMountCallback;
+ DeclareLinkCallback mDeclareLinkCallback;
SetActiveContainerCallback mSetActiveContainerCallback;
CreateContainerCallback mCreateContainerCallback;
DestroyContainerCallback mDestroyContainerCallback;
const std::string METHOD_GET_CONTAINER_ID_LIST = "GetContainerIds";
const std::string METHOD_GET_ACTIVE_CONTAINER_ID = "GetActiveContainerId";
const std::string METHOD_GET_CONTAINER_INFO = "GetContainerInfo";
+const std::string METHOD_DECLARE_FILE = "DeclareFile";
+const std::string METHOD_DECLARE_MOUNT = "DeclareMount";
+const std::string METHOD_DECLARE_LINK = "DeclareLink";
const std::string METHOD_SET_ACTIVE_CONTAINER = "SetActiveContainer";
const std::string METHOD_CREATE_CONTAINER = "CreateContainer";
const std::string METHOD_DESTROY_CONTAINER = "DestroyContainer";
" <arg type='s' name='id' direction='in'/>"
" <arg type='(siss)' name='result' direction='out'/>"
" </method>"
+ " <method name='" + METHOD_DECLARE_FILE + "'>"
+ " <arg type='s' name='container' direction='in'/>"
+ " <arg type='i' name='type' direction='in'/>"
+ " <arg type='s' name='path' direction='in'/>"
+ " <arg type='i' name='flags' direction='in'/>"
+ " <arg type='i' name='mode' direction='in'/>"
+ " </method>"
+ " <method name='" + METHOD_DECLARE_MOUNT + "'>"
+ " <arg type='s' name='source' direction='in'/>"
+ " <arg type='s' name='container' direction='in'/>"
+ " <arg type='s' name='target' direction='in'/>"
+ " <arg type='s' name='type' direction='in'/>"
+ " <arg type='t' name='flags' direction='in'/>"
+ " <arg type='s' name='data' direction='in'/>"
+ " </method>"
+ " <method name='" + METHOD_DECLARE_LINK + "'>"
+ " <arg type='s' name='source' direction='in'/>"
+ " <arg type='s' name='container' direction='in'/>"
+ " <arg type='s' name='target' direction='in'/>"
+ " </method>"
" <method name='" + METHOD_SET_ACTIVE_CONTAINER + "'>"
" <arg type='s' name='id' direction='in'/>"
" </method>"
}
+ void callMethodDeclareFile(const std::string& container,
+ const int32_t& type,
+ const std::string& path,
+ const int32_t& flags,
+ const int32_t& mode)
+ {
+ assert(isHost());
+ GVariant* parameters = g_variant_new("(sisii)",
+ container.c_str(),
+ type,
+ path.c_str(),
+ flags,
+ mode);
+ GVariantPtr result = mClient->callMethod(api::host::BUS_NAME,
+ api::host::OBJECT_PATH,
+ api::host::INTERFACE,
+ api::host::METHOD_DECLARE_FILE,
+ parameters,
+ "()");
+ }
+
+ void callMethodDeclareMount(const std::string& source,
+ const std::string& container,
+ const std::string& target,
+ const std::string& type,
+ const uint64_t& flags,
+ const std::string& data)
+ {
+ assert(isHost());
+ GVariant* parameters = g_variant_new("(ssssts)",
+ source.c_str(),
+ container.c_str(),
+ target.c_str(),
+ type.c_str(),
+ flags,
+ data.c_str());
+ GVariantPtr result = mClient->callMethod(api::host::BUS_NAME,
+ api::host::OBJECT_PATH,
+ api::host::INTERFACE,
+ api::host::METHOD_DECLARE_MOUNT,
+ parameters,
+ "()");
+ }
+
+ void callMethodDeclareLink(const std::string& source,
+ const std::string& container,
+ const std::string& target)
+ {
+ assert(isHost());
+ GVariant* parameters = g_variant_new("(sss)",
+ source.c_str(),
+ container.c_str(),
+ target.c_str());
+ GVariantPtr result = mClient->callMethod(api::host::BUS_NAME,
+ api::host::OBJECT_PATH,
+ api::host::INTERFACE,
+ api::host::METHOD_DECLARE_LINK,
+ parameters,
+ "()");
+ }
+
void callAsyncMethodCreateContainer(const std::string& id,
const VoidResultCallback& result)
{
BOOST_CHECK(cm.getRunningForegroundContainerId() == "");
}
+BOOST_AUTO_TEST_CASE(DeclareFile)
+{
+ //TODO Fill after implementing
+ const std::string container = EXPECTED_DBUSES_NO_DBUS.begin()->first;
+
+ ContainersManager cm(TEST_CONFIG_PATH);
+ DbusAccessory dbus(DbusAccessory::HOST_ID);
+ BOOST_CHECK_EXCEPTION(dbus.callMethodDeclareFile(container, 1, "path", 747, 777),
+ DbusException,
+ expectedMessage("Not implemented"));
+}
+
+BOOST_AUTO_TEST_CASE(DeclareMount)
+{
+ //TODO Fill after implementing
+ const std::string container = EXPECTED_DBUSES_NO_DBUS.begin()->first;
+
+ ContainersManager cm(TEST_CONFIG_PATH);
+ DbusAccessory dbus(DbusAccessory::HOST_ID);
+ BOOST_CHECK_EXCEPTION(dbus.callMethodDeclareMount("/fake/path1",
+ container,
+ "/fake/path2",
+ "tmpfs",
+ 77,
+ "fake"),
+ DbusException,
+ expectedMessage("Not implemented"));
+
+}
+
+BOOST_AUTO_TEST_CASE(DeclareLink)
+{
+ //TODO Fill after implementing
+ const std::string container = EXPECTED_DBUSES_NO_DBUS.begin()->first;
+
+ ContainersManager cm(TEST_CONFIG_PATH);
+ DbusAccessory dbus(DbusAccessory::HOST_ID);
+ BOOST_CHECK_EXCEPTION(dbus.callMethodDeclareLink("/fake/path1", container, "/fake/path2"),
+ DbusException,
+ expectedMessage("Not implemented"));
+}
+
BOOST_AUTO_TEST_SUITE_END()
projects / platform / core / security / vasum.git / commitdiff