pciguard/sysfs_utils.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2021 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef PCIGUARD_SYSFS_UTILS_H_
 #define PCIGUARD_SYSFS_UTILS_H_

 #include <base/files/file_util.h>
 #include <gtest/gtest_prod.h>
 #include <memory>
 #include <string>

 using base::FilePath;

 namespace pciguard {

 class SysfsUtils {
  public:
   SysfsUtils();
   virtual ~SysfsUtils() = default;
   virtual int OnInit(void);
   virtual int AuthorizeThunderboltDev(base::FilePath devpath);
   virtual int AuthorizeAllDevices(void);
   virtual int DeauthorizeAllDevices(void);
   virtual int DenyNewDevices(void);

  private:
   explicit SysfsUtils(FilePath root);
   const FilePath allowlist_path_;
   const FilePath pci_lockdown_path_;
   const FilePath pci_rescan_path_;
   const FilePath tbt_devices_path_;
   const FilePath pci_devices_path_;

   int SetAuthorizedAttribute(base::FilePath devpath, bool enable);
   int DeauthorizeThunderboltDev(base::FilePath devpath);

   friend class SysfsUtilsTest;
   FRIEND_TEST(SysfsUtilsTest, CheckDenyNewDevices);
   FRIEND_TEST(SysfsUtilsTest, CheckDeauthorizeAllDevices);
   FRIEND_TEST(SysfsUtilsTest, CheckAuthorizeAllDevices);
   friend std::unique_ptr<SysfsUtils> std::make_unique<SysfsUtils>(FilePath&);
 };

 }  // namespace pciguard

 #endif  // PCIGUARD_SYSFS_UTILS_H_
	// Copyright 2021 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef PCIGUARD_SYSFS_UTILS_H_
	#define PCIGUARD_SYSFS_UTILS_H_

	#include <base/files/file_util.h>
	#include <gtest/gtest_prod.h>
	#include <memory>
	#include <string>

	using base::FilePath;

	namespace pciguard {

	class SysfsUtils {
	public:
	SysfsUtils();
	virtual ~SysfsUtils() = default;
	virtual int OnInit(void);
	virtual int AuthorizeThunderboltDev(base::FilePath devpath);
	virtual int AuthorizeAllDevices(void);
	virtual int DeauthorizeAllDevices(void);
	virtual int DenyNewDevices(void);

	private:
	explicit SysfsUtils(FilePath root);
	const FilePath allowlist_path_;
	const FilePath pci_lockdown_path_;
	const FilePath pci_rescan_path_;
	const FilePath tbt_devices_path_;
	const FilePath pci_devices_path_;

	int SetAuthorizedAttribute(base::FilePath devpath, bool enable);
	int DeauthorizeThunderboltDev(base::FilePath devpath);

	friend class SysfsUtilsTest;
	FRIEND_TEST(SysfsUtilsTest, CheckDenyNewDevices);
	FRIEND_TEST(SysfsUtilsTest, CheckDeauthorizeAllDevices);
	FRIEND_TEST(SysfsUtilsTest, CheckAuthorizeAllDevices);
	friend std::unique_ptr<SysfsUtils> std::make_unique<SysfsUtils>(FilePath&);
	};

	} // namespace pciguard

	#endif // PCIGUARD_SYSFS_UTILS_H_