login_manager/landlock_policy.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2023 The ChromiumOS Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef LOGIN_MANAGER_LANDLOCK_POLICY_H_
 #define LOGIN_MANAGER_LANDLOCK_POLICY_H_

 #include <base/containers/span.h>
 #include <base/strings/string_piece.h>

 #include <libminijail.h>

 namespace login_manager {

 // A class that provides a Landlock policy for use with Minijail.
 class LandlockPolicy {
  public:
   LandlockPolicy();
   LandlockPolicy(const LandlockPolicy&) = delete;
   LandlockPolicy& operator=(const LandlockPolicy&) = delete;

   ~LandlockPolicy();

   // Gets a snapshot of the current policy.
   // Only exposed for testing.
   base::span<const base::StringPiece> GetPolicySnapshotForTesting();

   // Adds a policy to the supplied Minijail.
   void SetupPolicy(minijail* j);
 };

 }  // namespace login_manager

 #endif  // LOGIN_MANAGER_LANDLOCK_POLICY_H_
	// Copyright 2023 The ChromiumOS Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef LOGIN_MANAGER_LANDLOCK_POLICY_H_
	#define LOGIN_MANAGER_LANDLOCK_POLICY_H_

	#include <base/containers/span.h>
	#include <base/strings/string_piece.h>

	#include <libminijail.h>

	namespace login_manager {

	// A class that provides a Landlock policy for use with Minijail.
	class LandlockPolicy {
	public:
	LandlockPolicy();
	LandlockPolicy(const LandlockPolicy&) = delete;
	LandlockPolicy& operator=(const LandlockPolicy&) = delete;

	~LandlockPolicy();

	// Gets a snapshot of the current policy.
	// Only exposed for testing.
	base::span<const base::StringPiece> GetPolicySnapshotForTesting();

	// Adds a policy to the supplied Minijail.
	void SetupPolicy(minijail* j);
	};

	} // namespace login_manager

	#endif // LOGIN_MANAGER_LANDLOCK_POLICY_H_