2021-09-12 12:40:34 -07:00
|
|
|
#pragma once
|
|
|
|
|
|
|
|
#include <pthread.h>
|
|
|
|
#include <string_view>
|
|
|
|
#include <functional>
|
|
|
|
#include <map>
|
2021-09-16 05:27:34 -07:00
|
|
|
#include <atomic>
|
2021-09-12 12:40:34 -07:00
|
|
|
|
|
|
|
#include <daemon.hpp>
|
|
|
|
|
|
|
|
#define ISOLATED_MAGIC "isolated"
|
|
|
|
|
|
|
|
// CLI entries
|
2021-09-16 05:27:34 -07:00
|
|
|
int enable_deny();
|
2021-09-12 12:40:34 -07:00
|
|
|
int disable_deny();
|
|
|
|
int add_list(int client);
|
|
|
|
int rm_list(int client);
|
|
|
|
void ls_list(int client);
|
|
|
|
|
|
|
|
// Utility functions
|
|
|
|
bool is_deny_target(int uid, std::string_view process);
|
|
|
|
|
2021-10-27 03:54:48 -07:00
|
|
|
void revert_unmount();
|
2021-09-12 12:40:34 -07:00
|
|
|
|
2022-01-17 19:54:33 -08:00
|
|
|
extern std::atomic<bool> denylist_enforced;
|
2022-01-15 23:46:08 -08:00
|
|
|
extern std::atomic<int> cached_manager_app_id;
|
2021-09-16 05:27:34 -07:00
|
|
|
|
2021-09-12 12:40:34 -07:00
|
|
|
enum : int {
|
|
|
|
ENFORCE_DENY,
|
|
|
|
DISABLE_DENY,
|
|
|
|
ADD_LIST,
|
|
|
|
RM_LIST,
|
|
|
|
LS_LIST,
|
|
|
|
DENY_STATUS,
|
|
|
|
};
|
|
|
|
|
|
|
|
enum : int {
|
|
|
|
DENY_IS_ENFORCED = DAEMON_LAST + 1,
|
|
|
|
DENY_NOT_ENFORCED,
|
|
|
|
DENYLIST_ITEM_EXIST,
|
|
|
|
DENYLIST_ITEM_NOT_EXIST,
|
|
|
|
DENYLIST_INVALID_PKG,
|
|
|
|
DENY_NO_NS,
|
|
|
|
};
|