You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
// Callback function and its arguments, defined by the caller, to be executed inside ROCKERvoid*your_args=NULL;
intstart_your_APP(void*args){};
// Initialize a blank RockerRequest structRockerRequestreq=ROCKER_request_new();
// Assign values to the RockerRequest structreq.app_id=1000;
req.uid=1000;
req.gid=1000;
req.app_pkg_path="/tmp/your_APP.squashfs";
req.app_exec_dir="/var/your_APP/execdir";
req.app_data_dir="/var/your_APP/datadir";
req.app_overlay_dirs= { "/usr", "/var", "/etc", "/home", "/root" };
// Attempt to run APP inside ROCKERRockerResultres=ROCKER_enter_rocker(&req, start_my_APP, my_args);
if (ROCKER_ERR_success!=res.err_no) {
// Handle error
}
// APP finished running, clean up the environmentkill(res.guard_pid, SIGKILL);
// More robust cleanupRockerResultres2=ROCKER_get_guardname(res.guard_pid);
if (ROCKER_ERR_success==res2.err_no&& \
0==strcmp(res.guard_name, res2.guard.name)) {
kill(res.guard_pid, SIGKILL);
}
//! All interfaces return this struct.//! NOTE: returned as a value, not a pointer.//-//@ err_no: self-descriptive error number//@ guard_pid: PID of rocker's PID-1 process as seen from outside the rocker//@ guard_pname: name of rocker's PID-1 process; randomly generated, guaranteed unique by the server//@ app_pid: PID of the process executing the requested action (app)typedefstruct {
ROCKER_ERRerr_no;
intapp_pid;
intguard_pid;
charguard_pname[16];
} RockerResult;
//! Data structure exchanged between rocker_client and rocker_server.//-//@ app_id: APP uuid//@ uid: euid of the App process//@ gid: egid of the App process//@ app_pkg_path: path to the App source file, e.g. /apps/xx.squashfs//@ app_exec_dir: execution path of the App, i.e. mount path of app_pkg_path//@ app_data_dir: top-level storage path for all data written by the App//@ app_overlay_dirs[16]: top-level directories for which an overlay layer is needed, e.g. /var; max 16typedefstruct {
intapp_id;
intuid;
intgid;
char*app_pkg_path;
char*app_exec_dir;
char*app_data_dir;
char*app_overlay_dirs[16];
} RockerRequest;
//! API to request creation of a new rocker and run the specified function inside it.//! Returns a RockerResult struct (NOTE: value, not pointer).//-//@ req[in]: configuration data needed to create the new rocker//@ app[in]: function to execute inside the rocker once it is created//@ app_args[in]: arguments to pass to the app functionRockerResultROCKER_enter_rocker(RockerRequest*req, int (*app) (void*), void*app_args)
__attribute__ ((visibility("default")));
//! Get the name of the specified process from '/proc/<PID>/stat'.//! Before the client sends a signal to the guard process, compare the name//! against the original returned at rocker creation to confirm the PID has not been reused.//-//@ pid[in]: PID of the target processRockerResultROCKER_get_guardname(intpid)
__attribute__ ((visibility("default")));
//! Return a new RockerRequest instance.RockerRequestROCKER_request_new()
__attribute__ ((visibility("default")));