!1340 添加支持沙盒扩展 json 配置文件，支持厂家扩展

Merge pull request !1340 from cheng_jinsong/init0930_1

!1340 添加支持沙盒扩展 json 配置文件，支持厂家扩展
Merge pull request !1340 from cheng_jinsong/init0930_1
36e06b87 · openharmony_ci · Gitee · 81d477c9 · 55a187b3 · 36e06b87
3 changed file
--- a/interfaces/innerkits/sandbox/BUILD.gn
+++ b/interfaces/innerkits/sandbox/BUILD.gn
@@ -16,7 +16,10 @@ import("//build/ohos.gni")
 config("exported_header_files") {
  visibility = [ ":*" ]
-  include_dirs = [ "//base/startup/init/interfaces/innerkits/sandbox/include" ]
+  include_dirs = [
+    "//base/startup/init/interfaces/innerkits/sandbox/include",
+    "//base/customization/config_policy/interfaces/inner_api/include",
+  ]
 }
 ohos_static_library("sandbox") {

--- a/interfaces/innerkits/sandbox/include/sandbox.h
+++ b/interfaces/innerkits/sandbox/include/sandbox.h
@@ -21,33 +21,33 @@ extern "C" {
 #endif
 #include <stdbool.h>
 #include "init_utils.h"
+#include "list.h"
-typedef struct {
+typedef enum SandboxTag {
+    SANDBOX_TAG_MOUNT_PATH = 0,
+    SANDBOX_TAG_MOUNT_FILE,
+    SANDBOX_TAG_SYMLINK
+} SandboxTag;
+typedef struct MountList {
    char *source;  // source 目录，一般是全局的fs 目录
    char *target;  // 沙盒化后的目录
    unsigned long flags;
    bool ignoreErrors;
-} mount_t;
+    SandboxTag tag;
+    struct ListNode node;
-typedef struct MountList {
-    mount_t *info;
-    struct MountList *next;
 } mountlist_t;
-typedef struct {
+typedef struct LinkList {
    char *target;
    char *linkName;
-} linker_t;
+    struct ListNode node;
-typedef struct LinkList {
-    linker_t *info;
-    struct LinkList *next;
 } linklist_t;
 typedef struct {
-    mountlist_t *pathMounts;
+    ListNode pathMountsHead;
-    mountlist_t *fileMounts;
+    ListNode fileMountsHead;
-    linklist_t *links;
+    ListNode linksHead;
    char *rootPath; // /mnt/sandbox/system|vendor|xxx
    char name[MAX_BUFFER_LEN]; // name of sandbox. i.e system, chipset etc.
    bool isCreated; // sandbox already created or not

--- a/interfaces/innerkits/sandbox/sandbox.c
+++ b/interfaces/innerkits/sandbox/sandbox.c
@@ -24,8 +24,10 @@
 #include <sys/syscall.h>
 #include <errno.h>
 #include "beget_ext.h"
+#include "config_policy_utils.h"
 #include "init_utils.h"
 #include "cJSON.h"
+#include "list.h"
 #include "sandbox_namespace.h"
 #include "securec.h"
@@ -41,11 +43,11 @@
 #define SANDBOX_SYMLINK_NAME "link-name"
 #ifndef SUPPORT_64BIT
-#define SANDBOX_SYSTEM_CONFIG_FILE "/system/etc/sandbox/system-sandbox.json"
+#define SANDBOX_SYSTEM_CONFIG_FILE "etc/sandbox/system-sandbox.json"
-#define SANDBOX_CHIPSET_CONFIG_FILE "/system/etc/sandbox/chipset-sandbox.json"
+#define SANDBOX_CHIPSET_CONFIG_FILE "etc/sandbox/chipset-sandbox.json"
 #else
-#define SANDBOX_SYSTEM_CONFIG_FILE "/system/etc/sandbox/system-sandbox64.json"
+#define SANDBOX_SYSTEM_CONFIG_FILE "etc/sandbox/system-sandbox64.json"
-#define SANDBOX_CHIPSET_CONFIG_FILE "/system/etc/sandbox/chipset-sandbox64.json"
+#define SANDBOX_CHIPSET_CONFIG_FILE "etc/sandbox/chipset-sandbox64.json"
 #endif
 #ifdef STARTUP_INIT_TEST
@@ -57,12 +59,6 @@
 #define SANDBOX_MOUNT_FLAGS_MS_REC "rec"
 #define SANDBOX_MOUNT_FLAGS_MS_MOVE "move"
-typedef enum SandboxTag {
-    SANDBOX_TAG_MOUNT_PATH = 0,
-    SANDBOX_TAG_MOUNT_FILE,
-    SANDBOX_TAG_SYMLINK
-} SandboxTag;
 struct SandboxMountFlags {
    const char *flag;
    unsigned long value;
@@ -132,11 +128,107 @@ static unsigned long GetSandboxMountFlags(cJSON *item)
    return 0;
 }
+static void FreeSandboxMountInfo(ListNode *list)
+{
+    if (list == NULL) {
+        return;
+    }
+    mountlist_t *info = ListEntry(list, mountlist_t, node);
+    if (info == NULL) {
+        return;
+    }
+    if (info->source != NULL) {
+        free(info->source);
+        info->source = NULL;
+    }
+    if (info->target != NULL) {
+        free(info->target);
+        info->target = NULL;
+    }
+    free(info);
+    info = NULL;
+    return;
+}
+static void FreeSandboxLinkInfo(ListNode *list)
+{
+    if (list == NULL) {
+        return;
+    }
+    linklist_t *info = ListEntry(list, linklist_t, node);
+    if (info == NULL) {
+        return;
+    }
+    if (info->target != NULL) {
+        free(info->target);
+        info->target = NULL;
+    }
+    if (info->linkName != NULL) {
+        free(info->linkName);
+        info->linkName = NULL;
+    }
+    free(info);
+    info = NULL;
+    return;
+}
+static int CompareSandboxListForMountTarget(ListNode *list, void *data)
+{
+    if ((list == NULL) || (data == NULL)) {
+        return -1;
+    }
+    mountlist_t *info = ListEntry(list, mountlist_t, node);
+    if (info == NULL) {
+        return -1;
+    }
+    const char *mountTarget = (const char *)data;
+    return strcmp(info->target, mountTarget);
+}
+static void RemoveOldSandboxMountListNode(ListNode *head, const char *targetMount)
+{
+    if ((head == NULL) || (targetMount == NULL)) {
+        return;
+    }
+    ListNode *node = OH_ListFind(head, (void *)targetMount, CompareSandboxListForMountTarget);
+    if (node == NULL) {
+        return;
+    }
+    OH_ListRemove(node);
+    FreeSandboxMountInfo(node);
+}
+static int CompareSandboxListForLinkName(ListNode *list, void *data)
+{
+    if ((list == NULL) || (data == NULL)) {
+        return -1;
+    }
+    linklist_t *info = ListEntry(list, linklist_t, node);
+    if (info == NULL) {
+        return -1;
+    }
+    const char *linkName = (const char *)data;
+    return strcmp(info->linkName, linkName);
+}
+static void RemoveOldSandboxLinkListNode(ListNode *head, const char *linkName)
+{
+    if ((head == NULL) || (linkName == NULL)) {
+        return;
+    }
+    ListNode *node = OH_ListFind(head, (void *)linkName, CompareSandboxListForLinkName);
+    if (node == NULL) {
+        return;
+    }
+    OH_ListRemove(node);
+    FreeSandboxLinkInfo(node);
+}
 typedef int (*AddInfoToSandboxCallback)(sandbox_t *sandbox, cJSON *item, const char *type);
 static int AddMountInfoToSandbox(sandbox_t *sandbox, cJSON *item, const char *type)
 {
-    BEGET_CHECK(!(sandbox == NULL || item == NULL || type == NULL), return -1);
+    BEGET_CHECK(sandbox != NULL && item != NULL && type != NULL, return -1);
    char *srcPath = cJSON_GetStringValue(cJSON_GetObjectItem(item, SANDBOX_SOURCE));
    BEGET_INFO_CHECK(srcPath != NULL, return 0, "Get src-path is null");
    char *dstPath = cJSON_GetStringValue(cJSON_GetObjectItem(item, SANDBOX_TARGET));
@@ -149,34 +241,28 @@ static int AddMountInfoToSandbox(sandbox_t *sandbox, cJSON *item, const char *ty
    BEGET_INFO_CHECK(count > 0, return 0, "Get sandbox-flags array size is zero");
    mountlist_t *tmpMount = (mountlist_t *)calloc(1, sizeof(mountlist_t));
    BEGET_ERROR_CHECK(tmpMount != NULL, return -1, "Failed calloc err=%d", errno);
-    tmpMount->info = (mount_t *)calloc(1, sizeof(mount_t));
+    tmpMount->source = strdup(srcPath);
-    BEGET_ERROR_CHECK(tmpMount->info != NULL, free(tmpMount); return -1, "Failed calloc err=%d", errno);
+    tmpMount->target = strdup(dstPath);
-    tmpMount->info->source = strdup(srcPath);
-    tmpMount->info->target = strdup(dstPath);
-    tmpMount->info->ignoreErrors = false;
-    if (cJSON_GetNumberValue(cJSON_GetObjectItem(item, SANDBOX_IGNORE_ERRORS))) {
-        tmpMount->info->ignoreErrors = true;
-    }
    for (int i = 0; i < count; i++) {
        cJSON *item = cJSON_GetArrayItem(obj, i);
-        tmpMount->info->flags |= GetSandboxMountFlags(item);
+        tmpMount->flags |= GetSandboxMountFlags(item);
    }
-    if (strcmp(type, SANDBOX_MOUNT_PATH_TAG) == 0) {
+    tmpMount->ignoreErrors = false;
-        if (sandbox->pathMounts == NULL) {
+    obj = cJSON_GetObjectItem(item, SANDBOX_IGNORE_ERRORS);
-            sandbox->pathMounts = tmpMount;
+    if (obj != NULL) {
-            tmpMount->next = NULL;
+        if (cJSON_GetNumberValue(obj) == 1) {
-        } else {
+            tmpMount->ignoreErrors = true;
-            tmpMount->next = sandbox->pathMounts->next;
-            sandbox->pathMounts->next = tmpMount;
        }
+    }
+    OH_ListInit(&tmpMount->node);
+    if (strcmp(type, SANDBOX_MOUNT_PATH_TAG) == 0) {
+        tmpMount->tag = SANDBOX_TAG_MOUNT_PATH;
+        RemoveOldSandboxMountListNode(&sandbox->pathMountsHead, dstPath);
+        OH_ListAddTail(&sandbox->pathMountsHead, &tmpMount->node);
    } else if (strcmp(type, SANDBOX_MOUNT_FILE_TAG) == 0) {
-        if (sandbox->fileMounts == NULL) {
+        tmpMount->tag = SANDBOX_TAG_MOUNT_FILE;
-            sandbox->fileMounts = tmpMount;
+        RemoveOldSandboxMountListNode(&sandbox->fileMountsHead, dstPath);
-            tmpMount->next = NULL;
+        OH_ListAddTail(&sandbox->fileMountsHead, &tmpMount->node);
-        } else {
-            tmpMount->next = sandbox->fileMounts->next;
-            sandbox->fileMounts->next = tmpMount;
-        }
    }
    return 0;
 }
@@ -191,17 +277,11 @@ static int AddSymbolLinksToSandbox(sandbox_t *sandbox, cJSON *item, const char *
    BEGET_ERROR_CHECK(name != NULL, return 0, "Get link-name is null");
    linklist_t *tmpLink = (linklist_t *)calloc(1, sizeof(linklist_t));
    BEGET_ERROR_CHECK(tmpLink != NULL, return -1, "Failed calloc err=%d", errno);
-    tmpLink->info = (linker_t *)calloc(1, sizeof(linker_t));
+    tmpLink->target = strdup(target);
-    BEGET_ERROR_CHECK(tmpLink->info != NULL, free(tmpLink); return -1, "Failed calloc err=%d", errno);
+    tmpLink->linkName = strdup(name);
-    tmpLink->info->target = strdup(target);
+    OH_ListInit(&tmpLink->node);
-    tmpLink->info->linkName = strdup(name);
+    RemoveOldSandboxLinkListNode(&sandbox->linksHead, tmpLink->linkName);
-    if (sandbox->links == NULL) {
+    OH_ListAddTail(&sandbox->linksHead, &tmpLink->node);
-        sandbox->links = tmpLink;
-        tmpLink->next = NULL;
-    } else {
-        tmpLink->next = sandbox->links->next;
-        sandbox->links->next = tmpLink;
-    }
    return 0;
 }
@@ -211,7 +291,7 @@ static int GetSandboxInfo(sandbox_t *sandbox, cJSON *root, const char *itemName)
        "Get sandbox mount info with invalid argument");
    cJSON *obj = cJSON_GetObjectItem(root, itemName);
    BEGET_ERROR_CHECK(obj != NULL, return 0, "Cannot find item \' %s \' in sandbox config", itemName);
-    BEGET_ERROR_CHECK(cJSON_IsArray(obj), return 0, "%s with invalid type, should be array", itemName);
+    BEGET_ERROR_CHECK(cJSON_IsArray(obj), return 0, "ItemName %s with invalid type, should be array", itemName);
    int counts = cJSON_GetArraySize(obj);
    BEGET_ERROR_CHECK(counts > 0, return 0, "Item %s array size is zero.", itemName);
@@ -223,13 +303,13 @@ static int GetSandboxInfo(sandbox_t *sandbox, cJSON *root, const char *itemName)
    } else if (strcmp(itemName, SANDBOX_SYMLINK_TAG) == 0) {
        func = AddSymbolLinksToSandbox;
    } else {
-        BEGET_LOGE("%s item name is not support.", itemName);
+        BEGET_LOGE("Item %s is not support.", itemName);
        return -1;
    }
    for (int i = 0; i < counts; i++) {
        cJSON *item = cJSON_GetArrayItem(obj, i);
        BEGET_ERROR_CHECK(item != NULL, return -1, "Failed get json array item %d", i);
-        BEGET_ERROR_CHECK(!(func(sandbox, item, itemName) < 0), return -1, "Failed add info to sandbox.");
+        BEGET_ERROR_CHECK(func(sandbox, item, itemName) == 0, return -1, "Failed add info to sandbox.");
    }
    return 0;
 }
@@ -237,22 +317,24 @@ static int GetSandboxInfo(sandbox_t *sandbox, cJSON *root, const char *itemName)
 static int ParseSandboxConfig(cJSON *root, sandbox_t *sandbox)
 {
    BEGET_ERROR_CHECK(!(root == NULL || sandbox == NULL), return -1, "Invalid parameter.");
+    // sandbox rootpath must initialize according to the system configuration, and it can only be initialized once.
-    cJSON *sandboxRoot = cJSON_GetObjectItem(root, SANDBOX_ROOT_TAG);
+    if (sandbox->rootPath == NULL) {
-    BEGET_ERROR_CHECK(sandboxRoot != NULL, return -1,
+        cJSON *sandboxRoot = cJSON_GetObjectItem(root, SANDBOX_ROOT_TAG);
-        "Cannot find item \' %s \' in sandbox config", SANDBOX_ROOT_TAG);
+        BEGET_ERROR_CHECK(sandboxRoot != NULL, return -1,
+            "Cannot find item \' %s \' in sandbox config", SANDBOX_ROOT_TAG);
-    char *rootdir = cJSON_GetStringValue(sandboxRoot);
-    if (rootdir != NULL) {
+        char *rootdir = cJSON_GetStringValue(sandboxRoot);
-        sandbox->rootPath = strdup(rootdir);
+        if (rootdir != NULL) {
-        BEGET_ERROR_CHECK(sandbox->rootPath != NULL, return -1,
+            sandbox->rootPath = strdup(rootdir);
-            "Get sandbox root path out of memory");
+            BEGET_ERROR_CHECK(sandbox->rootPath != NULL, return -1,
+                "Get sandbox root path out of memory");
+        }
    }
-    BEGET_ERROR_CHECK(!(GetSandboxInfo(sandbox, root, SANDBOX_MOUNT_PATH_TAG) < 0), return -1,
+    BEGET_ERROR_CHECK(GetSandboxInfo(sandbox, root, SANDBOX_MOUNT_PATH_TAG) == 0, return -1,
        "config info %s error", SANDBOX_MOUNT_PATH_TAG);
-    BEGET_ERROR_CHECK(!(GetSandboxInfo(sandbox, root, SANDBOX_MOUNT_FILE_TAG) < 0), return -1,
+    BEGET_ERROR_CHECK(GetSandboxInfo(sandbox, root, SANDBOX_MOUNT_FILE_TAG) == 0, return -1,
        "config info %s error", SANDBOX_MOUNT_FILE_TAG);
-    BEGET_ERROR_CHECK(!(GetSandboxInfo(sandbox, root, SANDBOX_SYMLINK_TAG) < 0), return -1,
+    BEGET_ERROR_CHECK(GetSandboxInfo(sandbox, root, SANDBOX_SYMLINK_TAG) == 0, return -1,
        "config info %s error", SANDBOX_SYMLINK_TAG);
    return 0;
 }
@@ -269,6 +351,38 @@ static const struct SandboxMap *GetSandboxMapByName(const char *name)
    return NULL;
 }
+static int ParseInitSandboxConfigFile(sandbox_t *sandbox, const char *sandboxConfigFile, const char *name)
+{
+    char *contents = ReadFileToBuf(sandboxConfigFile);
+    if (contents == NULL) {
+        return 0;
+    }
+    cJSON *root = cJSON_Parse(contents);
+    free(contents);
+    BEGET_ERROR_CHECK(root != NULL, return -1, "Parse sandbox config \' %s \' failed", sandboxConfigFile);
+    int ret = ParseSandboxConfig(root, sandbox);
+    cJSON_Delete(root);
+    if (ret < 0) {
+        DestroySandbox(name);
+        return -1;
+    }
+    return 0;
+}
+static void ParseInitSandboxConfigPath(sandbox_t *sandbox, const char *sandboxConfig, const char *name)
+{
+    CfgFiles *files = GetCfgFiles(sandboxConfig);
+    for (int i = 0; files && i < MAX_CFG_POLICY_DIRS_CNT; i++) {
+        if (files->paths[i]) {
+            BEGET_LOGI("Parse sandbox cfg file is %s", files->paths[i]);
+            if (ParseInitSandboxConfigFile(sandbox, files->paths[i], name) < 0) {
+                break;
+            }
+        }
+    }
+    FreeCfgFiles(files);
+}
 static void InitSandbox(sandbox_t *sandbox, const char *sandboxConfig, const char *name)
 {
    BEGET_ERROR_CHECK(!(sandbox == NULL || sandboxConfig == NULL || name == NULL), return,
@@ -284,21 +398,16 @@ static void InitSandbox(sandbox_t *sandbox, const char *sandboxConfig, const cha
    BEGET_ERROR_CHECK(!(sandbox->ns < 0), return, "Get sandbox namespace fd is failed");
    BEGET_ERROR_CHECK(strcpy_s(sandbox->name, MAX_BUFFER_LEN - 1, name) == 0, return, "Failed to copy sandbox name");
+    OH_ListInit(&sandbox->pathMountsHead);
+    OH_ListInit(&sandbox->fileMountsHead);
+    OH_ListInit(&sandbox->linksHead);
    // parse json config
-    char *contents = ReadFileToBuf(sandboxConfig);
+#ifdef STARTUP_INIT_TEST
-    if (contents == NULL) {
+    (void)ParseInitSandboxConfigFile(sandbox, sandboxConfig, name);
-        return;
+#else
-    }
+    ParseInitSandboxConfigPath(sandbox, sandboxConfig, name);
-    cJSON *root = cJSON_Parse(contents);
+#endif
-    free(contents);
+    return;
-    BEGET_ERROR_CHECK(root != NULL, return, "Parse sandbox config \' %s \' failed", sandboxConfig);
-    int ret = ParseSandboxConfig(root, sandbox);
-    cJSON_Delete(root);
-    if (ret < 0) {
-        DestroySandbox(name);
-        return;
-    }
 }
 static int CheckAndMakeDir(const char *dir, mode_t mode)
@@ -306,7 +415,7 @@ static int CheckAndMakeDir(const char *dir, mode_t mode)
    struct stat sb;
    if ((stat(dir, &sb) == 0) && S_ISDIR(sb.st_mode)) {
-        BEGET_LOGW("Mount point \' %s \' already exist", dir);
+        BEGET_LOGI("Mount point \' %s \' already exist, no need to mkdir", dir);
        return 0;
    } else {
        if (errno == ENOENT) {
@@ -365,54 +474,66 @@ static bool IsValidSandbox(sandbox_t *sandbox)
    return true;
 }
-static int MountSandboxInfo(const mountlist_t *mounts, const char *rootPath, SandboxTag tag)
+static int MountSandboxNode(ListNode *list, void *data)
 {
-    if (mounts == NULL) {
+    if ((list == NULL) || (data == NULL)) {
        return 0;
    }
-    BEGET_CHECK(mounts->info != NULL, return 0);
+    const char *rootPath = (const char *)data;
-    while (mounts != NULL) {
+    mountlist_t *info = ListEntry(list, mountlist_t, node);
-        mount_t *mount = mounts->info;
+    char target[PATH_MAX] = {};
-        char *source = mount->source;
+    BEGET_ERROR_CHECK(snprintf_s(target, PATH_MAX, PATH_MAX - 1, "%s%s", rootPath, info->target) > 0,
-        char target[PATH_MAX] = {};
+        return -1, "Failed snprintf_s err=%d", errno);
-        BEGET_ERROR_CHECK(!(snprintf_s(target, PATH_MAX, PATH_MAX - 1, "%s%s", rootPath, mount->target) < 0),
+    int rc = BindMount(info->source, target, info->flags, info->tag);
-            return -1, "Failed snprintf_s err=%d", errno);
+    if (rc != 0) {
-        int rc = BindMount(source, target, mount->flags, tag);
+        BEGET_LOGW("Failed bind mount %s to %s.", info->source, target);
-        if (rc != 0) {
+        if (info->ignoreErrors == false) {
-            BEGET_LOGW("Failed bind mount %s to %s.", source, target);
+            return -1;
-        }
-        if (mount->ignoreErrors) {
-            mounts = mounts->next;
-            continue;
        }
-        return -1;
    }
    return 0;
 }
-static int LinkSandboxInfo(const linklist_t *links, const char *rootPath)
+static int MountSandboxInfo(struct ListNode *head, const char *rootPath, SandboxTag tag)
 {
-    BEGET_CHECK(links != NULL, return 0);
+    if ((head == NULL) || (rootPath == NULL)) {
-    BEGET_CHECK(links->info != NULL, return 0);
+        return 0;
-    while (links != NULL) {
+    }
-        linker_t *link = links->info;
+    int ret = OH_ListTraversal(head, (void *)rootPath, MountSandboxNode, 1);
-        char linkName[PATH_MAX] = {0};
+    return ret;
-        BEGET_ERROR_CHECK(!(snprintf_s(linkName, PATH_MAX, PATH_MAX - 1, "%s%s", rootPath, link->linkName) < 0),
+}
-            return -1, "Failed snprintf_s err=%d", errno);
-        int rc = symlink(link->target, linkName);
+static int LinkSandboxNode(ListNode *list, void *data)
-        if (rc != 0) {
+{
-            if (errno == EEXIST) {
+    if ((list == NULL) || (data == NULL)) {
-                BEGET_LOGE("symbol link name \' %s \' already exist", linkName);
+        return 0;
-            } else {
+    }
-                BEGET_LOGE("Failed to link \' %s \' to \' %s \', err = %d", link->target, linkName, errno);
+    const char *rootPath = (const char *)data;
-                return -1;
+    linklist_t *info = ListEntry(list, linklist_t, node);
-            }
+    char linkName[PATH_MAX] = {0};
+    BEGET_ERROR_CHECK(!(snprintf_s(linkName, PATH_MAX, PATH_MAX - 1, "%s%s", rootPath, info->linkName) < 0),
+        return -1, "snprintf_s failed, err=%d", errno);
+    int rc = symlink(info->target, linkName);
+    if (rc != 0) {
+        if (errno == EEXIST) {
+            BEGET_LOGW("symbol link name \' %s \' already exist", linkName);
+        } else {
+            BEGET_LOGE("Failed to link \' %s \' to \' %s \', err = %d", info->target, linkName, errno);
+            return -1;
        }
-        links = links->next;
    }
    return 0;
 }
+static int LinkSandboxInfo(struct ListNode *head, const char *rootPath)
+{
+    if ((head == NULL) || (rootPath == NULL)) {
+        return 0;
+    }
+    int ret = OH_ListTraversal(head, (void *)rootPath, LinkSandboxNode, 1);
+    return ret;
+}
 int PrepareSandbox(const char *name)
 {
    BEGET_ERROR_CHECK(name != NULL, return -1, "Prepare sandbox name is NULL.");
@@ -431,15 +552,15 @@ int PrepareSandbox(const char *name)
    BEGET_ERROR_CHECK(rc == 0, return -1, "Failed to mount rootpath bind err = %d", errno);
    // 1) walk through all mounts and do bind mount
-    rc = MountSandboxInfo(sandbox->pathMounts, sandbox->rootPath, SANDBOX_TAG_MOUNT_PATH);
+    rc = MountSandboxInfo(&sandbox->pathMountsHead, sandbox->rootPath, SANDBOX_TAG_MOUNT_PATH);
-    BEGET_CHECK(!(rc < 0), return -1);
+    BEGET_CHECK(rc == 0, return -1);
-    rc = MountSandboxInfo(sandbox->fileMounts, sandbox->rootPath, SANDBOX_TAG_MOUNT_FILE);
+    rc = MountSandboxInfo(&sandbox->fileMountsHead, sandbox->rootPath, SANDBOX_TAG_MOUNT_FILE);
-    BEGET_CHECK(!(rc < 0), return -1);
+    BEGET_CHECK(rc == 0, return -1);
    // 2) walk through all links and do symbol link
-    rc = LinkSandboxInfo(sandbox->links, sandbox->rootPath);
+    rc = LinkSandboxInfo(&sandbox->linksHead, sandbox->rootPath);
-    BEGET_CHECK(!(rc < 0), return -1);
+    BEGET_CHECK(rc == 0, return -1);
    BEGET_ERROR_CHECK(chdir(sandbox->rootPath) == 0, return -1, "Change to %s, err = %d", sandbox->rootPath, errno);
    BEGET_ERROR_CHECK(syscall(SYS_pivot_root, sandbox->rootPath, sandbox->rootPath) == 0, return -1,
@@ -449,70 +570,6 @@ int PrepareSandbox(const char *name)
    return 0;
 }
-static void FreeLink(linker_t *link)
-{
-    if (link == NULL) {
-        return;
-    }
-    if (link->linkName != NULL) {
-        free(link->linkName);
-        link->linkName = NULL;
-    }
-    if (link->target != NULL) {
-        free(link->target);
-        link->target = NULL;
-    }
-}
-static void FreeLinks(linklist_t *links)
-{
-    if (links == NULL) {
-        return;
-    }
-    linklist_t *tmp = links;
-    while (tmp != NULL) {
-        linklist_t *next = tmp ->next;
-        FreeLink(tmp->info);
-        free(tmp);
-        tmp = next;
-    }
-}
-static void FreeMount(mount_t *mount)
-{
-    if (mount == NULL) {
-        return;
-    }
-    if (mount->source != NULL) {
-        free(mount->source);
-        mount->source = NULL;
-    }
-    if (mount->target != NULL) {
-        free(mount->target);
-        mount->target = NULL;
-    }
-}
-static void FreeMounts(mountlist_t *mounts)
-{
-    if (mounts == NULL) {
-        return;
-    }
-    mountlist_t *tmp = mounts;
-    while (tmp != NULL) {
-        mountlist_t *next = tmp ->next;
-        FreeMount(tmp->info);
-        free(tmp);
-        tmp = next;
-    }
-}
 bool InitSandboxWithName(const char *name)
 {
    bool isFound = false;
@@ -551,12 +608,10 @@ void DestroySandbox(const char *name)
        free(sandbox->rootPath);
        sandbox->rootPath = NULL;
    }
-    FreeLinks(sandbox->links);
+    OH_ListRemoveAll(&sandbox->linksHead, FreeSandboxLinkInfo);
-    sandbox->links = NULL;
+    OH_ListRemoveAll(&sandbox->fileMountsHead, FreeSandboxMountInfo);
-    FreeMounts(sandbox->fileMounts);
+    OH_ListRemoveAll(&sandbox->pathMountsHead, FreeSandboxMountInfo);
-    sandbox->fileMounts = NULL;
-    FreeMounts(sandbox->pathMounts);
-    sandbox->pathMounts = NULL;
    if (sandbox->ns > 0) {
        (void)close(sandbox->ns);
    }
@@ -592,6 +647,40 @@ int EnterSandbox(const char *name)
    return 0;
 }
+static int DumpSandboxMountInfo(ListNode *list, void *data)
+{
+    if (list == NULL) {
+        return -1;
+    }
+    mountlist_t *info = ListEntry(list, mountlist_t, node);
+    if (info != NULL) {
+        if (info->source != NULL) {
+            printf("Sandbox mounts list source: %s \n", info->source);
+        }
+        if (info->target != NULL) {
+            printf("Sandbox mounts list target: %s \n", info->target);
+        }
+    }
+    return 0;
+}
+static int DumpSandboxLinkInfo(ListNode *list, void *data)
+{
+    if (list == NULL) {
+        return -1;
+    }
+    linklist_t *info = ListEntry(list, linklist_t, node);
+    if (info != NULL) {
+        if (info->linkName != NULL) {
+            printf("Sandbox link list name: %s \n", info->linkName);
+        }
+        if (info->target != NULL) {
+            printf("Sandbox link list target: %s \n", info->target);
+        }
+    }
+    return 0;
+}
 void DumpSandboxByName(const char *name)
 {
    if (name == NULL) {
@@ -602,32 +691,14 @@ void DumpSandboxByName(const char *name)
    if (map == NULL) {
        return;
    }
-    BEGET_LOGI("Sandbox Map name: %s.", map->name);
+    printf("Sandbox Map name: %s \n", map->name);
-    BEGET_LOGI("Sandbox Map config file: %s.", map->configfile);
+    printf("Sandbox Map config file: %s. \n", map->configfile);
-    BEGET_LOGI("Sandbox name: %s.", map->sandbox->name);
+    printf("Sandbox name: %s. \n", map->sandbox->name);
-    BEGET_LOGI("Sandbox rootPath: %s.", map->sandbox->rootPath);
+    printf("Sandbox root path is %s. \n", map->sandbox->rootPath);
-    BEGET_LOGI("Sandbox mounts info:");
+    printf("Sandbox mounts info: \n");
-    mountlist_t *mounts = map->sandbox->pathMounts;
+    OH_ListTraversal(&map->sandbox->pathMountsHead, NULL, DumpSandboxMountInfo, 0);
-    while (mounts != NULL) {
+    OH_ListTraversal(&map->sandbox->fileMountsHead, NULL, DumpSandboxMountInfo, 0);
-        mount_t *mount = mounts->info;
+    printf("Sandbox links info: \n");
-        BEGET_LOGI("Sandbox path mounts list source: %s", mount->source);
+    OH_ListTraversal(&map->sandbox->linksHead, NULL, DumpSandboxLinkInfo, 0);
-        BEGET_LOGI("Sandbox path mounts list target: %s", mount->target);
-        mounts = mounts->next;
-    }
-    mounts = map->sandbox->fileMounts;
-    while (mounts != NULL) {
-        mount_t *mount = mounts->info;
-        BEGET_LOGI("Sandbox file mounts list source: %s", mount->source);
-        BEGET_LOGI("Sandbox file mounts list target: %s", mount->target);
-        mounts = mounts->next;
-    }
-    BEGET_LOGI("Sandbox links info:");
-    linklist_t *links = map->sandbox->links;
-    while (links != NULL) {
-        linker_t *link = links->info;
-        BEGET_LOGI("Sandbox links list source: %s", link->target);
-        BEGET_LOGI("Sandbox links list target: %s", link->linkName);
-        links = links->next;
-    }
    return;
 }