github.com/bugraaydogar/snapd@v0.0.0-20210315170335-8c70bb858939/cmd/libsnap-confine-private/snap.h

github.com/bugraaydogar/snapd@v0.0.0-20210315170335-8c70bb858939/cmd/libsnap-confine-private/snap.h (about)

     1  /*
     2   * Copyright (C) 2015 Canonical Ltd
     3   *
     4   * This program is free software: you can redistribute it and/or modify
     5   * it under the terms of the GNU General Public License version 3 as
     6   * published by the Free Software Foundation.
     7   *
     8   * This program is distributed in the hope that it will be useful,
     9   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    10   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    11   * GNU General Public License for more details.
    12   *
    13   * You should have received a copy of the GNU General Public License
    14   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    15   *
    16   */
    17  
    18  #ifndef SNAP_CONFINE_SNAP_H
    19  #define SNAP_CONFINE_SNAP_H
    20  
    21  #include <stdbool.h>
    22  #include <stddef.h>
    23  
    24  #include "error.h"
    25  
    26  /**
    27   * Error domain for errors related to the snap module.
    28   **/
    29  #define SC_SNAP_DOMAIN "snap"
    30  
    31  enum {
    32  	/** The name of the snap is not valid. */
    33  	SC_SNAP_INVALID_NAME = 1,
    34  	/** The instance key of the snap is not valid. */
    35  	SC_SNAP_INVALID_INSTANCE_KEY = 2,
    36  	/** The instance of the snap is not valid. */
    37  	SC_SNAP_INVALID_INSTANCE_NAME = 3,
    38  };
    39  
    40  /* SNAP_NAME_LEN is the maximum length of a snap name, enforced by snapd and the
    41   * store. */
    42  #define SNAP_NAME_LEN 40
    43  /* SNAP_INSTANCE_KEY_LEN is the maximum length of instance key, enforced locally
    44   * by snapd. */
    45  #define SNAP_INSTANCE_KEY_LEN 10
    46  /* SNAP_INSTANCE_LEN is the maximum length of snap instance name, composed of
    47   * the snap name, separator '_' and the instance key, enforced locally by
    48   * snapd. */
    49  #define SNAP_INSTANCE_LEN (SNAP_NAME_LEN + 1 + SNAP_INSTANCE_KEY_LEN)
    50  /* SNAP_SECURITY_TAG_MAX_LEN is the maximum length of a security tag string
    51   * (not buffer). This is an upper limit. In practice the security tag name is
    52   * bound by SNAP_NAME_LEN, SNAP_INSTANCE_KEY_LEN, maximum length of an
    53   * application name as well as a constant overhead of "snap", the optional
    54   * "hook" and the "." characters connecting the components. */
    55  #define SNAP_SECURITY_TAG_MAX_LEN 256
    56  
    57  /**
    58   * Validate the given snap name.
    59   *
    60   * Valid name cannot be NULL and must match a regular expression describing the
    61   * strict naming requirements. Please refer to snapd source code for details.
    62   *
    63   * The error protocol is observed so if the caller doesn't provide an outgoing
    64   * error pointer the function will die on any error.
    65   **/
    66  void sc_snap_name_validate(const char *snap_name, struct sc_error **errorp);
    67  
    68  /**
    69   * Validate the given instance key.
    70   *
    71   * Valid instance key cannot be NULL and must match a regular expression
    72   * describing the strict naming requirements. Please refer to snapd source code
    73   * for details.
    74   *
    75   * The error protocol is observed so if the caller doesn't provide an outgoing
    76   * error pointer the function will die on any error.
    77   **/
    78  void sc_instance_key_validate(const char *instance_key,
    79  			      struct sc_error **errorp);
    80  
    81  /**
    82   * Validate the given snap instance name.
    83   *
    84   * Valid instance name must be composed of a valid snap name and a valid
    85   * instance key.
    86   *
    87   * The error protocol is observed so if the caller doesn't provide an outgoing
    88   * error pointer the function will die on any error.
    89   **/
    90  void sc_instance_name_validate(const char *instance_name,
    91  			       struct sc_error **errorp);
    92  
    93  /**
    94   * Validate security tag against strict naming requirements and snap name.
    95   *
    96   *  The executable name is of form:
    97   *   snap.<name>.(<appname>|hook.<hookname>)
    98   *  - <name> must start with lowercase letter, then may contain
    99   *   lowercase alphanumerics and '-'; it must match snap_name
   100   *  - <appname> may contain alphanumerics and '-'
   101   *  - <hookname must start with a lowercase letter, then may
   102   *   contain lowercase letters and '-'
   103   **/
   104  bool sc_security_tag_validate(const char *security_tag, const char *snap_name);
   105  
   106  bool sc_is_hook_security_tag(const char *security_tag);
   107  
   108  /**
   109   * Extract snap name out of an instance name.
   110   *
   111   * A snap may be installed multiple times in parallel under distinct instance names.
   112   * This function extracts the snap name out of a name that possibly contains a snap
   113   * instance key.
   114   *
   115   * For example: snap_instance => snap, just-snap => just-snap
   116   **/
   117  void sc_snap_drop_instance_key(const char *instance_name, char *snap_name,
   118  			       size_t snap_name_size);
   119  
   120  /**
   121   * Extract snap name and instance key out of an instance name.
   122   *
   123   * A snap may be installed multiple times in parallel under distinct instance
   124   * names. This function extracts the snap name and instance key out of the
   125   * instance name. One of snap_name, instance_key must be non-NULL.
   126   *
   127   * For example:
   128   *   name_instance => "name" & "instance"
   129   *   just-name     => "just-name" & ""
   130   *
   131   **/
   132  void sc_snap_split_instance_name(const char *instance_name, char *snap_name,
   133  				 size_t snap_name_size, char *instance_key,
   134  				 size_t instance_key_size);
   135  
   136  #endif