github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/libsnap-confine-private/snap.h

github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/libsnap-confine-private/snap.h (about)

     1  /*
     2   * Copyright (C) 2015 Canonical Ltd
     3   *
     4   * This program is free software: you can redistribute it and/or modify
     5   * it under the terms of the GNU General Public License version 3 as
     6   * published by the Free Software Foundation.
     7   *
     8   * This program is distributed in the hope that it will be useful,
     9   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    10   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    11   * GNU General Public License for more details.
    12   *
    13   * You should have received a copy of the GNU General Public License
    14   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    15   *
    16   */
    17  
    18  #ifndef SNAP_CONFINE_SNAP_H
    19  #define SNAP_CONFINE_SNAP_H
    20  
    21  #include <stdbool.h>
    22  #include <stddef.h>
    23  
    24  #include "error.h"
    25  
    26  /**
    27   * Error domain for errors related to the snap module.
    28   **/
    29  #define SC_SNAP_DOMAIN "snap"
    30  
    31  enum {
    32  	/** The name of the snap is not valid. */
    33  	SC_SNAP_INVALID_NAME = 1,
    34  	/** The instance key of the snap is not valid. */
    35  	SC_SNAP_INVALID_INSTANCE_KEY = 2,
    36  	/** The instance of the snap is not valid. */
    37  	SC_SNAP_INVALID_INSTANCE_NAME = 3,
    38  };
    39  
    40  /* SNAP_NAME_LEN is the maximum length of a snap name, enforced by snapd and the
    41   * store. */
    42  #define SNAP_NAME_LEN 40
    43  /* SNAP_INSTANCE_KEY_LEN is the maximum length of instance key, enforced locally
    44   * by snapd. */
    45  #define SNAP_INSTANCE_KEY_LEN 10
    46  /* SNAP_INSTANCE_LEN is the maximum length of snap instance name, composed of
    47   * the snap name, separator '_' and the instance key, enforced locally by
    48   * snapd. */
    49  #define SNAP_INSTANCE_LEN (SNAP_NAME_LEN + 1 + SNAP_INSTANCE_KEY_LEN)
    50  
    51  /**
    52   * Validate the given snap name.
    53   *
    54   * Valid name cannot be NULL and must match a regular expression describing the
    55   * strict naming requirements. Please refer to snapd source code for details.
    56   *
    57   * The error protocol is observed so if the caller doesn't provide an outgoing
    58   * error pointer the function will die on any error.
    59   **/
    60  void sc_snap_name_validate(const char *snap_name, struct sc_error **errorp);
    61  
    62  /**
    63   * Validate the given instance key.
    64   *
    65   * Valid instance key cannot be NULL and must match a regular expression
    66   * describing the strict naming requirements. Please refer to snapd source code
    67   * for details.
    68   *
    69   * The error protocol is observed so if the caller doesn't provide an outgoing
    70   * error pointer the function will die on any error.
    71   **/
    72  void sc_instance_key_validate(const char *instance_key,
    73  			      struct sc_error **errorp);
    74  
    75  /**
    76   * Validate the given snap instance name.
    77   *
    78   * Valid instance name must be composed of a valid snap name and a valid
    79   * instance key.
    80   *
    81   * The error protocol is observed so if the caller doesn't provide an outgoing
    82   * error pointer the function will die on any error.
    83   **/
    84  void sc_instance_name_validate(const char *instance_name,
    85  			       struct sc_error **errorp);
    86  
    87  /**
    88   * Validate security tag against strict naming requirements and snap name.
    89   *
    90   *  The executable name is of form:
    91   *   snap.<name>.(<appname>|hook.<hookname>)
    92   *  - <name> must start with lowercase letter, then may contain
    93   *   lowercase alphanumerics and '-'; it must match snap_name
    94   *  - <appname> may contain alphanumerics and '-'
    95   *  - <hookname must start with a lowercase letter, then may
    96   *   contain lowercase letters and '-'
    97   **/
    98  bool verify_security_tag(const char *security_tag, const char *snap_name);
    99  
   100  bool sc_is_hook_security_tag(const char *security_tag);
   101  
   102  /**
   103   * Extract snap name out of an instance name.
   104   *
   105   * A snap may be installed multiple times in parallel under distinct instance names.
   106   * This function extracts the snap name out of a name that possibly contains a snap
   107   * instance key.
   108   *
   109   * For example: snap_instance => snap, just-snap => just-snap
   110   **/
   111  void sc_snap_drop_instance_key(const char *instance_name, char *snap_name,
   112  			       size_t snap_name_size);
   113  
   114  /**
   115   * Extract snap name and instance key out of an instance name.
   116   *
   117   * A snap may be installed multiple times in parallel under distinct instance
   118   * names. This function extracts the snap name and instance key out of the
   119   * instance name. One of snap_name, instance_key must be non-NULL.
   120   *
   121   * For example:
   122   *   name_instance => "name" & "instance"
   123   *   just-name     => "just-name" & ""
   124   *
   125   **/
   126  void sc_snap_split_instance_name(const char *instance_name, char *snap_name,
   127  				 size_t snap_name_size, char *instance_key,
   128  				 size_t instance_key_size);
   129  
   130  #endif