Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / connectivity / shill / ad43cc647162e06a957e70dcbdbc33ac5dd3b509^! / . / minijail.cc
commitad43cc647162e06a957e70dcbdbc33ac5dd3b509[log] [tgz]
authorJorge Lucangeli Obes <jorgelo@chromium.org>Wed Apr 11 16:25:43 2012 -0700
committerGerrit <chrome-bot@google.com>Thu May 17 13:03:21 2012 -0700
tree999e053884111091b7e618a2ae6d14aea11d9a41
parentf80ef06356f02be2bb0995168255dc8de9ff0d04 [diff] [blame]
Launch dhcpcd using Minijail.

dhcpcd runs as root and listens on the network. Launch it using Minijail
so that we can run it as a regular user, mitigating the risk of an eventual
compromise.

Add a mock Minijail wrapper for unittesting.

BUG=chromium-os:28336
TEST=dhcp_config_unittest
TEST=network_netperf2
TEST=Manual connection to ethernet, GoogleGuest, Google-A.
CQ-DEPEND=I243e02c82f70c6a3469ca712e539ec9fb6e3e4d4

Change-Id: I14c4e843eba478ed39b10fa4fcb0e25eb3186c1a
Reviewed-on: https://gerrit.chromium.org/gerrit/20414
Commit-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>

diff --git a/minijail.cc b/minijail.cc
new file mode 100644
index 0000000..3cb7a4d
--- /dev/null
+++ b/minijail.cc

@@ -0,0 +1,53 @@
+// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "shill/minijail.h"
+
+using std::vector;
+
+namespace shill {
+
+static base::LazyInstance<Minijail> g_minijail = LAZY_INSTANCE_INITIALIZER;
+
+Minijail::Minijail() {}
+
+Minijail::~Minijail() {}
+
+// static
+Minijail *Minijail::GetInstance() {
+  return g_minijail.Pointer();
+}
+
+struct minijail *Minijail::New() {
+  return minijail_new();
+}
+
+void Minijail::Destroy(struct minijail *jail) {
+  minijail_destroy(jail);
+}
+
+bool Minijail::DropRoot(struct minijail *jail, const char *user) {
+  // |user| is copied so the only reason either of these calls can fail
+  // is ENOMEM.
+  return !minijail_change_user(jail, user) &&
+         !minijail_change_group(jail, user);
+}
+
+void Minijail::UseCapabilities(struct minijail *jail, uint64_t capmask) {
+  minijail_use_caps(jail, capmask);
+}
+
+bool Minijail::Run(struct minijail *jail,
+                   vector<char *> args, pid_t *pid) {
+  return minijail_run_pid(jail, args[0], args.data(), pid) == 0;
+}
+
+bool Minijail::RunAndDestroy(struct minijail *jail,
+                             vector<char *> args, pid_t *pid) {
+  bool res = Run(jail, args, pid);
+  Destroy(jail);
+  return res;
+}
+
+}  // namespace shill