averello/swift-mirror
1
0
Fork 0
mirror of https://github.com/apple/swift.git synced 2025-12-14 20:36:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
009ce4b82a3f048384d93a4a1ac05a0dfdf4f521
swift-mirror/include/swift/Basic/Sandbox.h
Rintaro Ishizaki 0e31393024 [Macros] Add executable plugin support 
Executable compiler plugins are programs invoked by the host compiler
and communicate with the host with IPC via standard IO (stdin/stdout.)
Each message is serialized in JSON, prefixed with a header which is a
64bit little-endian integer indicating the size of the message.

* Basic/ExecuteWithPipe: External program invocation. Lik
  llvm::sys::ExecuteNoWait() but establishing pipes to the child's
  stdin/stdout
* Basic/Sandbox: Sandboxed execution helper. Create command line
  arguments to be executed in sandbox environment (similar to SwiftPM's
  pluging sandbox)
* AST/PluginRepository: ASTContext independent plugin manager
* ASTGen/PluginHost: Communication with the plugin. Messages are
  serialized by ASTGen/LLVMJSON

rdar://101508815
2023-02-22 10:22:14 -08:00

45 lines
1.7 KiB
C++
Raw Blame History

//===--- Sandbox.h ----------------------------------------------*- C++ -*-===//
//
// This source file is part of the Swift.org open source project
//
// Copyright (c) 2014 - 2023 Apple Inc. and the Swift project authors
// Licensed under Apache License v2.0 with Runtime Library Exception
//
// See https://swift.org/LICENSE.txt for license information
// See https://swift.org/CONTRIBUTORS.txt for the list of Swift project authors
//
//===----------------------------------------------------------------------===//
#ifndef SWIFT_BASIC_SANDBOX_H
#define SWIFT_BASIC_SANDBOX_H
#include "llvm/ADT/ArrayRef.h"
#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/StringRef.h"
#include "llvm/Support/Allocator.h"
namespace swift {
namespace Sandbox {
/// Applies a sandbox invocation to the given command line (if the platform
/// supports it), and returns the modified command line. On platforms that don't
/// support sandboxing, the command line is returned unmodified.
///
/// - Parameters:
/// - command: The command line to sandbox (including executable as first
/// argument)
/// - strictness: The basic strictness level of the standbox.
/// - writableDirectories: Paths under which writing should be allowed, even
/// if they would otherwise be read-only based on the strictness or paths in
/// `readOnlyDirectories`.
/// - readOnlyDirectories: Paths under which writing should be denied, even if
/// they would have otherwise been allowed by the rules implied by the
/// strictness level.
bool apply(llvm::SmallVectorImpl<llvm::StringRef> &command,
llvm::BumpPtrAllocator &Alloc);
} // namespace Sandbox
} // namespace swift
#endif // SWIFT_BASIC_SANDBOX_H
Reference in New Issue View Git Blame Copy Permalink