StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

Minor ForkClient improvements

Browse Source 
- Use a `constexpr inline` string constant for the forkserver env var
- Add annotation for the comms channel mutex

PiperOrigin-RevId: 335395005
Change-Id: Ic058c19c3704f182aa7ed7b8e8964b2fc5082800
This commit is contained in:
Christian Blichmann 2020-10-05 05:09:47 -07:00 committed by Copybara-Service
parent 569c7d84b0
commit b74cf8839b
2 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sandboxed_api/sandbox2/fork_client.cc
View File

@ -20,8 +20,6 @@
namespace sandbox2 { namespace sandbox2 {
const char kForkServerDisableEnv[] = "SANDBOX2_NOFORKSERVER";
pid_t ForkClient::SendRequest(const ForkRequest& request, int exec_fd, pid_t ForkClient::SendRequest(const ForkRequest& request, int exec_fd,
int comms_fd, int user_ns_fd, pid_t* init_pid) { int comms_fd, int user_ns_fd, pid_t* init_pid) {
// Acquire the channel ownership for this request (transaction). // Acquire the channel ownership for this request (transaction).

11
sandboxed_api/sandbox2/fork_client.h
View File

@ -17,34 +17,35 @@
#include <sys/types.h> #include <sys/types.h>
#include "absl/base/attributes.h" #include "absl/base/thread_annotations.h"
#include "absl/synchronization/mutex.h" #include "absl/synchronization/mutex.h"
namespace sandbox2 { namespace sandbox2 {
// Envvar indicating that this process should not start the fork-server. // Envvar indicating that this process should not start the fork-server.
ABSL_CONST_INIT extern const char kForkServerDisableEnv[]; constexpr inline char kForkServerDisableEnv[] = "SANDBOX2_NOFORKSERVER";
class Comms; class Comms;
class ForkRequest; class ForkRequest;
class ForkClient { class ForkClient {
public: public:
explicit ForkClient(Comms* comms) : comms_(comms) {}
ForkClient(const ForkClient&) = delete; ForkClient(const ForkClient&) = delete;
ForkClient& operator=(const ForkClient&) = delete; ForkClient& operator=(const ForkClient&) = delete;
explicit ForkClient(Comms* comms) : comms_(comms) {}
// Sends the fork request over the supplied Comms channel. // Sends the fork request over the supplied Comms channel.
pid_t SendRequest(const ForkRequest& request, int exec_fd, int comms_fd, pid_t SendRequest(const ForkRequest& request, int exec_fd, int comms_fd,
int user_ns_fd = -1, pid_t* init_pid = nullptr); int user_ns_fd = -1, pid_t* init_pid = nullptr);
private: private:
// Comms channel connecting with the ForkServer. Not owned by the object. // Comms channel connecting with the ForkServer. Not owned by the object.
Comms* comms_; Comms* comms_ ABSL_GUARDED_BY(comms_mutex_);
// Mutex locking transactions (requests) over the Comms channel. // Mutex locking transactions (requests) over the Comms channel.
absl::Mutex comms_mutex_; absl::Mutex comms_mutex_;
}; };
} // namespace sandbox2 } // namespace sandbox2
#endif // SANDBOXED_API_SANDBOX2_FORK_CLIENT_H_ #endif // SANDBOXED_API_SANDBOX2_FORK_CLIENT_H_