cros-disks/fuse_mounter.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CROS_DISKS_FUSE_MOUNTER_H_
 #define CROS_DISKS_FUSE_MOUNTER_H_

 #include <sys/types.h>

 #include <memory>
 #include <string>
 #include <vector>

 #include <base/files/file.h>
 #include <base/files/file_path.h>
 #include <base/strings/string_piece.h>

 #include "cros-disks/metrics.h"
 #include "cros-disks/mounter.h"

 namespace brillo {
 class ProcessReaper;
 }  // namespace brillo

 namespace cros_disks {

 class Platform;
 class Process;
 class SandboxedProcess;

 // A class for mounting a device file using a FUSE mount program.
 class FUSEMounter : public MounterCompat {
  public:
   struct BindPath {
     std::string path;
     bool writable = false;
     bool recursive = false;
   };

   using BindPaths = std::vector<BindPath>;

   // Parameters passed to FUSEMounter's constructor.
   // Members are kept in alphabetical order.
   struct Params {
     // Paths the FUSE mount program needs to access (beyond basic /proc, /dev,
     // etc).
     BindPaths bind_paths;

     // Filesystem type.
     std::string filesystem_type;

     // Optional object that collects UMA metrics.
     Metrics* metrics = nullptr;

     // Name of the UMA histogram recording the FUSE mount program return code.
     // Not recorded if empty or if metrics is null.
     std::string metrics_name;

     // Optional group to run the FUSE mount program as.
     std::string mount_group;

     // Optional mount namespace where the source path exists.
     std::string mount_namespace;

     // FUSE mount options.
     MountOptions mount_options;

     // Path of the FUSE mount program.
     std::string mount_program;

     // User to run the FUSE mount program as.
     std::string mount_user;

     // Whether the FUSE mount program needs to access the network.
     bool network_access = false;

     // Code returned by the FUSE mount program to ask for a password.
     int password_needed_code = -1;

     // Object that provides platform service.
     const Platform* platform = nullptr;

     // Process reaper to monitor FUSE daemons.
     brillo::ProcessReaper* process_reaper = nullptr;

     // Optional path to BPF seccomp filter policy.
     std::string seccomp_policy;

     // Supplementary groups to run the mount program with.
     std::vector<gid_t> supplementary_groups;
   };

   explicit FUSEMounter(Params params);

   // MounterCompat overrides.
   std::unique_ptr<MountPoint> Mount(const std::string& source,
                                     const base::FilePath& target_path,
                                     std::vector<std::string> options,
                                     MountErrorType* error) const override;

   // If necessary, extracts the password from the given options and sets the
   // PASSWORD environment variable in the given process. Does nothing if
   // password_needed_code is <= 0. Does nothing if no string starting with
   // "password=" is found in options. If several options start with "password=",
   // only the first one is taken in account and the other ones are ignored.
   void CopyPassword(const std::vector<std::string>& options,
                     Process* process) const;

  protected:
   // Protected for mocking out in testing.
   virtual std::unique_ptr<SandboxedProcess> CreateSandboxedProcess() const;

   // An object that provides platform service.
   const Platform* const platform_;

   // An object to monitor FUSE daemons.
   brillo::ProcessReaper* const process_reaper_;

   // An object that collects UMA metrics.
   Metrics* const metrics_;

   // Name of the UMA histogram recording the FUSE mount program return code.
   // Not recorded if empty or if metrics is null.
   const std::string metrics_name_;

   // Path of the FUSE mount program.
   const std::string mount_program_;

   // User to run the FUSE mount program as.
   const std::string mount_user_;

   // Group to run the FUSE mount program as.
   const std::string mount_group_;

   // If not empty the path to BPF seccomp filter policy.
   const std::string seccomp_policy_;

   // Paths the FUSE mount program needs to access (beyond basic /proc, /dev,
   // etc).
   const BindPaths bind_paths_;

   // Whether to FUSE mount program needs to access the network.
   const bool network_access_;

   // If not empty, mount namespace where the source path exists.
   const std::string mount_namespace_;

   // Supplementary groups to run the FUSE mount program with.
   const std::vector<gid_t> supplementary_groups_;

   // Code returned by the FUSE mount program to ask for a password.
   const int password_needed_code_;

  private:
   DISALLOW_COPY_AND_ASSIGN(FUSEMounter);
 };

 }  // namespace cros_disks

 #endif  // CROS_DISKS_FUSE_MOUNTER_H_
	// Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CROS_DISKS_FUSE_MOUNTER_H_
	#define CROS_DISKS_FUSE_MOUNTER_H_

	#include <sys/types.h>

	#include <memory>
	#include <string>
	#include <vector>

	#include <base/files/file.h>
	#include <base/files/file_path.h>
	#include <base/strings/string_piece.h>

	#include "cros-disks/metrics.h"
	#include "cros-disks/mounter.h"

	namespace brillo {
	class ProcessReaper;
	} // namespace brillo

	namespace cros_disks {

	class Platform;
	class Process;
	class SandboxedProcess;

	// A class for mounting a device file using a FUSE mount program.
	class FUSEMounter : public MounterCompat {
	public:
	struct BindPath {
	std::string path;
	bool writable = false;
	bool recursive = false;
	};

	using BindPaths = std::vector<BindPath>;

	// Parameters passed to FUSEMounter's constructor.
	// Members are kept in alphabetical order.
	struct Params {
	// Paths the FUSE mount program needs to access (beyond basic /proc, /dev,
	// etc).
	BindPaths bind_paths;

	// Filesystem type.
	std::string filesystem_type;

	// Optional object that collects UMA metrics.
	Metrics* metrics = nullptr;

	// Name of the UMA histogram recording the FUSE mount program return code.
	// Not recorded if empty or if metrics is null.
	std::string metrics_name;

	// Optional group to run the FUSE mount program as.
	std::string mount_group;

	// Optional mount namespace where the source path exists.
	std::string mount_namespace;

	// FUSE mount options.
	MountOptions mount_options;

	// Path of the FUSE mount program.
	std::string mount_program;

	// User to run the FUSE mount program as.
	std::string mount_user;

	// Whether the FUSE mount program needs to access the network.
	bool network_access = false;

	// Code returned by the FUSE mount program to ask for a password.
	int password_needed_code = -1;

	// Object that provides platform service.
	const Platform* platform = nullptr;

	// Process reaper to monitor FUSE daemons.
	brillo::ProcessReaper* process_reaper = nullptr;

	// Optional path to BPF seccomp filter policy.
	std::string seccomp_policy;

	// Supplementary groups to run the mount program with.
	std::vector<gid_t> supplementary_groups;
	};

	explicit FUSEMounter(Params params);

	// MounterCompat overrides.
	std::unique_ptr<MountPoint> Mount(const std::string& source,
	const base::FilePath& target_path,
	std::vector<std::string> options,
	MountErrorType* error) const override;

	// If necessary, extracts the password from the given options and sets the
	// PASSWORD environment variable in the given process. Does nothing if
	// password_needed_code is <= 0. Does nothing if no string starting with
	// "password=" is found in options. If several options start with "password=",
	// only the first one is taken in account and the other ones are ignored.
	void CopyPassword(const std::vector<std::string>& options,
	Process* process) const;

	protected:
	// Protected for mocking out in testing.
	virtual std::unique_ptr<SandboxedProcess> CreateSandboxedProcess() const;

	// An object that provides platform service.
	const Platform* const platform_;

	// An object to monitor FUSE daemons.
	brillo::ProcessReaper* const process_reaper_;

	// An object that collects UMA metrics.
	Metrics* const metrics_;

	// Name of the UMA histogram recording the FUSE mount program return code.
	// Not recorded if empty or if metrics is null.
	const std::string metrics_name_;

	// Path of the FUSE mount program.
	const std::string mount_program_;

	// User to run the FUSE mount program as.
	const std::string mount_user_;

	// Group to run the FUSE mount program as.
	const std::string mount_group_;

	// If not empty the path to BPF seccomp filter policy.
	const std::string seccomp_policy_;

	// Paths the FUSE mount program needs to access (beyond basic /proc, /dev,
	// etc).
	const BindPaths bind_paths_;

	// Whether to FUSE mount program needs to access the network.
	const bool network_access_;

	// If not empty, mount namespace where the source path exists.
	const std::string mount_namespace_;

	// Supplementary groups to run the FUSE mount program with.
	const std::vector<gid_t> supplementary_groups_;

	// Code returned by the FUSE mount program to ask for a password.
	const int password_needed_code_;

	private:
	DISALLOW_COPY_AND_ASSIGN(FUSEMounter);
	};

	} // namespace cros_disks

	#endif // CROS_DISKS_FUSE_MOUNTER_H_