xref: /aosp_15_r20/external/sandboxed-api/sandboxed_api/sandbox2/fork_client.h (revision ec63e07ab9515d95e79c211197c445ef84cefa6a) 
1 // Copyright 2020 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #ifndef SANDBOXED_API_SANDBOX2_FORK_CLIENT_H_
16 #define SANDBOXED_API_SANDBOX2_FORK_CLIENT_H_
17 
18 #include <sys/types.h>
19 
20 #include "absl/base/thread_annotations.h"
21 #include "absl/synchronization/mutex.h"
22 #include "sandboxed_api/util/fileops.h"
23 
24 namespace sandbox2 {
25 
26 // Envvar indicating that this process should not start the fork-server.
27 constexpr inline char kForkServerDisableEnv[] = "SANDBOX2_NOFORKSERVER";
28 
29 class Comms;
30 class ForkRequest;
31 
32 struct SandboxeeProcess {
33   pid_t init_pid = -1;
34   pid_t main_pid = -1;
35   sapi::file_util::fileops::FDCloser status_fd;
36 };
37 
38 class ForkClient {
39  public:
ForkClient(pid_t pid,Comms * comms)40   ForkClient(pid_t pid, Comms* comms) : ForkClient(pid, comms, false) {}
41   ForkClient(const ForkClient&) = delete;
42   ForkClient& operator=(const ForkClient&) = delete;
43   ~ForkClient();
44 
45   // Sends the fork request over the supplied Comms channel.
46   SandboxeeProcess SendRequest(const ForkRequest& request, int exec_fd,
47                                int comms_fd);
48 
pid()49   pid_t pid() { return pid_; }
50 
51  private:
52   friend class GlobalForkClient;
53 
54   ForkClient(pid_t pid, Comms* comms, bool is_global);
55 
56   // Pid of the ForkServer.
57   pid_t pid_;
58   // Comms channel connecting with the ForkServer. Not owned by the object.
59   Comms* comms_ ABSL_GUARDED_BY(comms_mutex_);
60   // Is it the global forkserver
61   bool is_global_;
62   // Mutex locking transactions (requests) over the Comms channel.
63   absl::Mutex comms_mutex_;
64 };
65 
66 }  // namespace sandbox2
67 
68 #endif  // SANDBOXED_API_SANDBOX2_FORK_CLIENT_H_
69