diff options
Diffstat (limited to 'libminijail.h')
-rw-r--r-- | libminijail.h | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/libminijail.h b/libminijail.h index 9eefe0a..cfd42d2 100644 --- a/libminijail.h +++ b/libminijail.h @@ -42,6 +42,9 @@ enum { /* (MINIJAIL_ERR_SIG_BASE + n) if process killed by signal n != SIGSYS */ MINIJAIL_ERR_SIG_BASE = 128, + /* Cannot mount a file or folder in mount namespace */ + MINIJAIL_ERR_MOUNT = 251, + MINIJAIL_ERR_PRELOAD = 252, /* Process killed by SIGSYS */ @@ -103,6 +106,15 @@ void minijail_use_seccomp(struct minijail *j); void minijail_no_new_privs(struct minijail *j); void minijail_use_seccomp_filter(struct minijail *j); void minijail_set_seccomp_filter_tsync(struct minijail *j); +/* + * Allow speculative execution features that may cause data leaks across + * processes, by setting the SECCOMP_FILTER_FLAG_SPEC_ALLOW seccomp flag. + * + * WARNING: Enabling this may make the process vulnerable to speculative + * execution attacks (Branch Target Injection, and Speculative Store Bypass). + * This is only safe to use for processes that do not execute untrusted code. + */ +void minijail_set_seccomp_filter_allow_speculation(struct minijail *j); /* Does not take ownership of |filter|. */ void minijail_set_seccomp_filters(struct minijail *j, const struct sock_fprog *filter); @@ -278,6 +290,18 @@ int minijail_bind(struct minijail *j, const char *src, const char *dest, int writeable); /* + * minijail_add_remount: when entering minijail @j, remounts @mount_name and all + * subdirectories as @remount_mode rather than the default MS_PRIVATE + * @j minijail to bind inside + * @mount_name mount to remount + * @remount_mode remount mode to use + * + * This may be called multiple times; this overrides |j->remount_mode| for the + * given mount. + */ +int minijail_add_remount(struct minijail *j, const char *mount_name, + unsigned long remount_mode); +/* * minijail_add_hook: adds @hook to the list of hooks that will be * invoked when @event is reached during minijail setup. The caller is * responsible for the lifetime of @payload. @@ -460,6 +484,16 @@ int minijail_wait(struct minijail *j); void minijail_destroy(struct minijail *j); /* + * Deep copies the minijail in |from| to |out| providing two identical jails + * that can be used to contain separate children created with minijail_fork(). + * + * Duplicating a jail is invalid after a jail has been passed to + * minijail_fork(). Many minijail_*() calls will yield undefined + * results when called on a jail duplicated post-fork. + */ +int minijail_copy_jail(const struct minijail *from, struct minijail *out); + +/* * minijail_log_to_fd: redirects the module-wide logging to an FD instead of * syslog. * @fd FD to log to. Caller must ensure this is available after @@ -470,7 +504,7 @@ void minijail_destroy(struct minijail *j); void minijail_log_to_fd(int fd, int min_priority); #ifdef __cplusplus -}; /* extern "C" */ +} /* extern "C" */ #endif #endif /* !_LIBMINIJAIL_H_ */ |