serenity/Kernel/Jail.h
Liav A 8289759f1d Kernel: Allow configuring a Jail to not impose PID isolation restriction
This is quite useful for userspace applications that can't cope with the
restriction, but it's still useful to impose other non-configurable
restrictions by using jails.
2023-04-24 12:15:29 +02:00

60 lines
1.5 KiB
C++

/*
* Copyright (c) 2022-2023, Liav A. <liavalb@hotmail.co.il>
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#pragma once
#include <AK/AtomicRefCounted.h>
#include <AK/DistinctNumeric.h>
#include <AK/Error.h>
#include <AK/IntrusiveList.h>
#include <AK/IntrusiveListRelaxedConst.h>
#include <AK/OwnPtr.h>
#include <AK/RefPtr.h>
#include <AK/Try.h>
#include <AK/Types.h>
#include <Kernel/KString.h>
#include <Kernel/Locking/SpinlockProtected.h>
#include <Kernel/Process.h>
namespace Kernel {
class ProcessList;
AK_TYPEDEF_DISTINCT_ORDERED_ID(u64, JailIndex);
class Jail : public AtomicRefCounted<Jail> {
public:
RefPtr<ProcessList> process_list();
static RefPtr<Jail> find_by_index(JailIndex);
static ErrorOr<NonnullRefPtr<Jail>> create(NonnullOwnPtr<KString> name, unsigned flags);
static ErrorOr<void> for_each_when_process_is_not_jailed(Function<ErrorOr<void>(Jail const&)> callback);
StringView name() const { return m_name->view(); }
JailIndex index() const { return m_index; }
void detach(Badge<Process>);
SpinlockProtected<size_t, LockRank::None>& attach_count() { return m_attach_count; }
private:
Jail(NonnullOwnPtr<KString>, JailIndex, RefPtr<ProcessList>);
NonnullOwnPtr<KString> m_name;
JailIndex const m_index;
IntrusiveListNode<Jail, NonnullRefPtr<Jail>> m_list_node;
public:
using List = IntrusiveListRelaxedConst<&Jail::m_list_node>;
private:
RefPtr<ProcessList> const m_process_list;
SpinlockProtected<size_t, LockRank::None> m_attach_count { 0 };
};
}