205 static PathMountNode *DecodeMountPathConfig(const SandboxSection *section, const cJSON *config, uin…  in DecodeMountPathConfig()  argument
212     PathMountNode *tmp = GetPathMountNode(section, type, srcPath, dstPath);  in DecodeMountPathConfig()
245     const cJSON *mountConfigs, SandboxSection *section, uint32_t type)  in ParseMountPathsConfig()  argument
255         PathMountNode *sandboxNode = DecodeMountPathConfig(section, mntJson, type);  in ParseMountPathsConfig()
257         AddSandboxMountNode(&sandboxNode->sandboxNode, section);  in ParseMountPathsConfig()
262 static SymbolLinkNode *DecodeSymbolLinksConfig(const SandboxSection *section, const cJSON *config)  in DecodeSymbolLinksConfig()  argument
270     SymbolLinkNode *tmp = GetSymbolLinkNode(section, target, linkName);  in DecodeSymbolLinksConfig()
290 …olLinksConfig(AppSpawnSandboxCfg *sandbox, const cJSON *symbolLinkConfigs, SandboxSection *section)  in ParseSymbolLinksConfig()  argument
299         SymbolLinkNode *node = DecodeSymbolLinksConfig(section, symConfig);  in ParseSymbolLinksConfig()
301         AddSandboxMountNode(&node->sandboxNode, section);  in ParseSymbolLinksConfig()
306 …int ParseGidTableConfig(AppSpawnSandboxCfg *sandbox, const cJSON *configs, SandboxSection *section)  in ParseGidTableConfig()  argument
314     if (section->gidTable) {  in ParseGidTableConfig()
315         free(section->gidTable);  in ParseGidTableConfig()
316         section->gidTable = NULL;  in ParseGidTableConfig()
317         section->gidCount = 0;  in ParseGidTableConfig()
319     section->gidTable = (gid_t *)calloc(1, sizeof(gid_t) * arrayLen);  in ParseGidTableConfig()
320 …APPSPAWN_CHECK(section->gidTable != NULL, return APPSPAWN_SYSTEM_ERROR, "Failed to alloc memory.");  in ParseGidTableConfig()
334         section->gidTable[section->gidCount++] = gid;  in ParseGidTableConfig()
339 …seMountGroupsConfig(AppSpawnSandboxCfg *sandbox, const cJSON *groupConfig, SandboxSection *section)  in ParseMountGroupsConfig()  argument
342         return APPSPAWN_SANDBOX_INVALID, "Invalid mount-groups config %{public}s", section->name);  in ParseMountGroupsConfig()
346     APPSPAWN_LOGV("mount-group in section %{public}s  %{public}u", section->name, count);  in ParseMountGroupsConfig()
348     count += section->number;  in ParseMountGroupsConfig()
354     for (j = 0; j < section->number; j++) { // copy old  in ParseMountGroupsConfig()
355         if (section->nameGroups[j] == NULL) {  in ParseMountGroupsConfig()
358         nameGroups[number++] = section->nameGroups[j];  in ParseMountGroupsConfig()
372 …if (strcmp(section->name, "system-const") == 0 && mountNode->destType != SANDBOX_TAG_SYSTEM_CONST)…  in ParseMountGroupsConfig()
377         for (j = 0; j < section->number; j++) {  in ParseMountGroupsConfig()
378 …   if (section->nameGroups[j] != NULL && section->nameGroups[j] == (SandboxMountNode *)mountNode) {  in ParseMountGroupsConfig()
383         if (j < section->number) {  in ParseMountGroupsConfig()
387         APPSPAWN_LOGV("Name-group %{public}d %{public}s set", section->number, name);  in ParseMountGroupsConfig()
389     if (section->nameGroups != NULL) {  in ParseMountGroupsConfig()
390         free(section->nameGroups);  in ParseMountGroupsConfig()
392     section->nameGroups = nameGroups;  in ParseMountGroupsConfig()
393     section->number = number;  in ParseMountGroupsConfig()
394     APPSPAWN_LOGV("mount-group in section %{public}s  %{public}u", section->name, section->number);  in ParseMountGroupsConfig()
398 static int ParseBaseConfig(AppSpawnSandboxCfg *sandbox, SandboxSection *section, const cJSON *confi…  in ParseBaseConfig()  argument
402         return APPSPAWN_SANDBOX_INVALID, "Invalid config %{public}s", section->name);  in ParseBaseConfig()
403     APPSPAWN_LOGV("Parse sandbox %{public}s", section->name);  in ParseBaseConfig()
405     section->sandboxSwitch = GetBoolValueFromJsonObj(configs, "sandbox-switch", true);  in ParseBaseConfig()
407     section->sandboxShared = GetBoolValueFromJsonObj(configs, "sandbox-shared", false);  in ParseBaseConfig()
412         ret = ParseGidTableConfig(sandbox, gidTabJson, section);  in ParseBaseConfig()
413         APPSPAWN_CHECK(ret == 0, return ret, "Parse gids for %{public}s", section->name);  in ParseBaseConfig()
417         ret = ParseMountPathsConfig(sandbox, pathConfigs, section, SANDBOX_TAG_MOUNT_PATH);  in ParseBaseConfig()
418         APPSPAWN_CHECK(ret == 0, return ret, "Parse mount-paths for %{public}s", section->name);  in ParseBaseConfig()
422         ret = ParseMountPathsConfig(sandbox, pathConfigs, section, SANDBOX_TAG_MOUNT_FILE);  in ParseBaseConfig()
423         APPSPAWN_CHECK(ret == 0, return ret, "Parse mount-paths for %{public}s", section->name);  in ParseBaseConfig()
427         ret = ParseSymbolLinksConfig(sandbox, pathConfigs, section);  in ParseBaseConfig()
428         APPSPAWN_CHECK(ret == 0, return ret, "Parse symbol-links for %{public}s", section->name);  in ParseBaseConfig()
432         ret = ParseMountGroupsConfig(sandbox, groupConfig, section);  in ParseBaseConfig()
433         APPSPAWN_CHECK(ret == 0, return ret, "Parse mount-groups for %{public}s", section->name);  in ParseBaseConfig()
447     int ret = ParseBaseConfig(sandbox, &node->section, packageNameConfigs);  in ParsePackageNameConfig()
453     AddSandboxSection(&node->section, &sandbox->packageNameQueue);  in ParsePackageNameConfig()
468     int ret = ParseBaseConfig(sandbox, &node->section, flagsConfig);  in ParseSpawnFlagsConfig()
474     AddSandboxSection(&node->section, &sandbox->spawnFlagsQueue);  in ParseSpawnFlagsConfig()
487     int ret = ParseBaseConfig(sandbox, &node->section, permissionConfig);  in ParsePermissionConfig()
493     AddSandboxSection(&node->section, &sandbox->permissionQueue);  in ParsePermissionConfig()
522     int ret = ParseBaseConfig(sandbox, &node->section, groupConfig);  in ParseNameGroup()
531     AddSandboxSection(&node->section, &sandbox->nameGroupsQueue);  in ParseNameGroup()
622             SandboxSection *section = GetSandboxSection(&sandbox->requiredQueue, config->string);  in ParseAppSandboxConfig()  local
623             if (section == NULL) {  in ParseAppSandboxConfig()
624 …      section = CreateSandboxSection(config->string, sizeof(SandboxSection), SANDBOX_TAG_REQUIRED);  in ParseAppSandboxConfig()
626             APPSPAWN_CHECK_ONLY_EXPER(section != NULL, return -1);  in ParseAppSandboxConfig()
628             ret = ParseBaseConfig(sandbox, section, config);  in ParseAppSandboxConfig()
630                 DeleteSandboxSection(section);  in ParseAppSandboxConfig()
634             AddSandboxSection(section, &sandbox->requiredQueue);  in ParseAppSandboxConfig()