| // Copyright 2021 The Chromium OS Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef PCIGUARD_SYSFS_UTILS_H_ |
| #define PCIGUARD_SYSFS_UTILS_H_ |
| |
| #include <base/files/file_util.h> |
| #include <gtest/gtest_prod.h> |
| #include <memory> |
| #include <string> |
| |
| using base::FilePath; |
| |
| namespace pciguard { |
| |
| class SysfsUtils { |
| public: |
| SysfsUtils(); |
| virtual ~SysfsUtils() = default; |
| virtual int OnInit(void); |
| virtual int AuthorizeThunderboltDev(base::FilePath devpath); |
| virtual int AuthorizeAllDevices(void); |
| virtual int DeauthorizeAllDevices(void); |
| virtual int DenyNewDevices(void); |
| |
| private: |
| explicit SysfsUtils(FilePath root); |
| const FilePath allowlist_path_; |
| const FilePath pci_lockdown_path_; |
| const FilePath pci_rescan_path_; |
| const FilePath tbt_devices_path_; |
| const FilePath pci_devices_path_; |
| |
| int SetAuthorizedAttribute(base::FilePath devpath, bool enable); |
| int DeauthorizeThunderboltDev(base::FilePath devpath); |
| |
| friend class SysfsUtilsTest; |
| FRIEND_TEST(SysfsUtilsTest, CheckDenyNewDevices); |
| FRIEND_TEST(SysfsUtilsTest, CheckDeauthorizeAllDevices); |
| FRIEND_TEST(SysfsUtilsTest, CheckAuthorizeAllDevices); |
| friend std::unique_ptr<SysfsUtils> std::make_unique<SysfsUtils>(FilePath&); |
| }; |
| |
| } // namespace pciguard |
| |
| #endif // PCIGUARD_SYSFS_UTILS_H_ |