github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap-confine/snap-confine-invocation.h

github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap-confine/snap-confine-invocation.h (about)

     1  /*
     2   * Copyright (C) 2019 Canonical Ltd
     3   *
     4   * This program is free software: you can redistribute it and/or modify
     5   * it under the terms of the GNU General Public License version 3 as
     6   * published by the Free Software Foundation.
     7   *
     8   * This program is distributed in the hope that it will be useful,
     9   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    10   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    11   * GNU General Public License for more details.
    12   *
    13   * You should have received a copy of the GNU General Public License
    14   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    15   *
    16   */
    17  
    18  #ifndef SC_SNAP_CONFINE_INVOCATION_H
    19  #define SC_SNAP_CONFINE_INVOCATION_H
    20  
    21  #include <stdbool.h>
    22  
    23  #include "snap-confine-args.h"
    24  
    25  /**
    26   * sc_invocation contains information about how snap-confine was invoked.
    27   *
    28   * All of the pointer fields have the life-cycle bound to the main process.
    29   **/
    30  typedef struct sc_invocation {
    31      /* Things declared by the system. */
    32      char *snap_instance; /* snap instance name (<snap>_<key>) */
    33      char *snap_name;     /* snap name (without instance key) */
    34      char *orig_base_snap_name;
    35      char *security_tag;
    36      char *executable;
    37      bool classic_confinement;
    38      /* Things derived at runtime. */
    39      char *base_snap_name;
    40      char *rootfs_dir;
    41      bool is_normal_mode;
    42  } sc_invocation;
    43  
    44  /**
    45   * sc_init_invocation initializes the invocation object.
    46   *
    47   * Invocation is constructed based on command line arguments as well as
    48   * environment value (SNAP_INSTANCE_NAME). All input is untrusted and is
    49   * validated internally.
    50   **/
    51  void sc_init_invocation(sc_invocation *inv, const struct sc_args *args, const char *snap_instance);
    52  
    53  /**
    54   * sc_cleanup_invocation is a cleanup function for sc_invocation.
    55   *
    56   * Cleanup functions are automatically called by the compiler whenever a
    57   * variable gets out of scope, like C++ destructors would.
    58   *
    59   * This function is designed to be used with SC_CLEANUP(sc_cleanup_invocation).
    60   **/
    61  void sc_cleanup_invocation(sc_invocation *inv);
    62  
    63  /**
    64   * sc_check_rootfs_dir checks the rootfs_dir and applies potential fall-backs.
    65   *
    66   * Checks that the rootfs_dir for the given base_snap exists and may apply
    67   * the fallback logic below. Will die() if no base_snap can be found.
    68   *
    69   * When performing ubuntu-core to core migration, the  snap "core" may not be
    70   * mounted yet. In that mode when snapd instructs us to use "core" as the base
    71   * snap name snap-confine may choose to transparently fallback to "ubuntu-core"
    72   * it that is available instead.
    73   *
    74   * This check must be performed in the regular mount namespace (that is, that
    75   * of the init process) because it relies on the value of compile-time-choice
    76   * of SNAP_MOUNT_DIR.
    77   **/
    78  void sc_check_rootfs_dir(sc_invocation *inv);
    79  
    80  #endif