2021-09-12 19:40:34 +00:00
|
|
|
#pragma once
|
|
|
|
|
|
|
|
#include <pthread.h>
|
|
|
|
#include <string_view>
|
|
|
|
#include <functional>
|
|
|
|
#include <map>
|
2021-09-16 12:27:34 +00:00
|
|
|
#include <atomic>
|
2021-09-12 19:40:34 +00:00
|
|
|
|
|
|
|
#include <daemon.hpp>
|
|
|
|
|
|
|
|
#define ISOLATED_MAGIC "isolated"
|
|
|
|
|
|
|
|
// CLI entries
|
2021-09-16 12:27:34 +00:00
|
|
|
int enable_deny();
|
2021-09-12 19:40:34 +00:00
|
|
|
int disable_deny();
|
|
|
|
int add_list(int client);
|
|
|
|
int rm_list(int client);
|
|
|
|
void ls_list(int client);
|
|
|
|
|
|
|
|
// Utility functions
|
|
|
|
bool is_deny_target(int uid, std::string_view process);
|
|
|
|
|
2021-10-27 10:54:48 +00:00
|
|
|
void revert_unmount();
|
2021-09-12 19:40:34 +00:00
|
|
|
|
2021-09-16 12:27:34 +00:00
|
|
|
extern std::atomic<bool> denylist_enabled;
|
2021-09-20 12:47:15 +00:00
|
|
|
extern int cached_manager_app_id;
|
2021-09-16 12:27:34 +00:00
|
|
|
|
2021-09-12 19:40:34 +00:00
|
|
|
enum : int {
|
|
|
|
ENFORCE_DENY,
|
|
|
|
DISABLE_DENY,
|
|
|
|
ADD_LIST,
|
|
|
|
RM_LIST,
|
|
|
|
LS_LIST,
|
|
|
|
DENY_STATUS,
|
|
|
|
};
|
|
|
|
|
|
|
|
enum : int {
|
|
|
|
DENY_IS_ENFORCED = DAEMON_LAST + 1,
|
|
|
|
DENY_NOT_ENFORCED,
|
|
|
|
DENYLIST_ITEM_EXIST,
|
|
|
|
DENYLIST_ITEM_NOT_EXIST,
|
|
|
|
DENYLIST_INVALID_PKG,
|
|
|
|
DENY_NO_NS,
|
|
|
|
};
|