Google is committed to advancing racial equity for Black communities. See how.

fuchsia.component.internal

The FIDL representation of the component ID Index.

See (component ID index)[//docs/development/components/component_id_index.md] for documentation on the schema.

ENUMS

BuiltinPkgResolver

Type: uint8

Defined in fuchsia.component.internal/config.fidl

The builtin resolver to use, if any.

NameValueDescription
NONE 1

No builtin package resolver is used. Products supply a package resolver as a component, or can opt to not include one at all.

APPMGR_BRIDGE 3

Try to use the fuchsia.sys.Loader protocol from the namespace, typically this is provided by appmgr. Test scenarios commonly use this option.

OutDirContents

Type: uint8

Defined in fuchsia.component.internal/config.fidl

Determine what content to expose through component manager's outgoing directory.

NameValueDescription
NONE 1

Don't expose anything through the outgoing directory.

HUB 2

Expose component manager's hub directory.

SVC 3

Expose root component's expose/svc.

TABLES

AllowlistedDirectory

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription

AllowlistedEvent

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription

AllowlistedProtocol

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription

AllowlistedResolver

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription

AllowlistedRunner

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription

AllowlistedService

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription

AllowlistedStorage

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription

AppmgrMoniker

Defined in fuchsia.component.internal/component_id_index.fidl

OrdinalNameTypeDescription
1 url fuchsia.sys/component_url

The component's URL.

2 realm_path AppmgrRealmPath

The path to the appmgr realm where the component runs.

3 transitional_realm_paths vector<vector<string>>[64]

The component instance's previous realm paths. appmgr will consider these realms in addition to realm_path. This feature is useful when moving a component to a new realm_path, but still needing to retain the previous realm paths. For example, this feature can be used when a component ID index change and the realm path code change cannot be submitted atomically.

Optional.

CapabilityAllowlistEntry

Defined in fuchsia.component.internal/config.fidl

Defines a single capability policy entry in the set of capability policy allowlists.

OrdinalNameTypeDescription
1 source_moniker string[4096]

The source_moniker represents the origin of a capability. The source_moniker is either an absolute moniker or '<component_manager>'.

2 source_name string[100]

The source name of this particular capability.

3 capability AllowlistedCapability

Represents the type of capability that is being restricted along with any other properties required by a particular capability type.

4 target_monikers vector<string>[128]

The set of absolute monikers that are allowed to use this specific capability.

5 source fuchsia.sys2/Ref

The original source type of this capability, self or framework.

CapabilityPolicyAllowlists

Defined in fuchsia.component.internal/config.fidl

Defines the total set of capability allowlists. Each source_moniker + capability pair must be unique in the vector.

OrdinalNameTypeDescription
1 allowlist vector<CapabilityAllowlistEntry>[128]

ComponentIdIndex

Defined in fuchsia.component.internal/component_id_index.fidl

Top-level type describing the component ID index.

OrdinalNameTypeDescription
1 appmgr_restrict_isolated_persistent_storage bool

If true, appmgr requires components which use isolated-persistent-storage to list their instance in the index. Otherwise, they fail to run. Note that this flag is only used by appmgr, and is ignored by component_manager.

2 instances vector<InstanceIdEntry>[1024]

A list of component ID instance entries.

Required, but may be empty.

Config

Defined in fuchsia.component.internal/config.fidl

OrdinalNameTypeDescription
1 debug bool

If true, component manager will be in debug mode. In this mode, component manager provides the EventSource protocol and exposes this protocol. Component manager will not start until it is resumed by a call to EventSource.StartComponentTree.

This is done so that an external component (say an integration test) can subscribe to events before the root component has started.

2 list_children_batch_size uint32

How many children, maximum, are returned by a call to Realm.ChildIterator.next().

3 security_policy SecurityPolicy

Security policy configuration.

4 namespace_capabilities vector<fuchsia.sys2/CapabilityDecl>

Capabilities offered from component manager's namespace.

5 use_builtin_process_launcher bool

If true, component_manager will serve an instance of fuchsia.process.Launcher and use this launcher for the built-in ELF component runner. The root component can additionally use and/or offer this service using /builtin/fuchsia.process.Launcher from realm. This flag exists because the built-in process launcher only works when component_manager runs under a job that has ZX_POL_NEW_PROCESS set to allow, like the root job. Otherwise, the component_manager process cannot directly create process through zx_process_create. When we run component_manager elsewhere, like in test environments, it has to use the fuchsia.process.Launcher service provided through its namespace instead.

6 maintain_utc_clock bool

If true, component_manager will maintain a UTC kernel clock and vend write handles through an instance of fuchsia.time.Maintenance. This flag should only be used with the top-level component_manager.

7 num_threads uint32

The number of threads to use for running component_manager's executor. Value defaults to 1.

8 builtin_pkg_resolver BuiltinPkgResolver

Which builtin resolver to use. If not supplied this defaults to the NONE option.

9 out_dir_contents OutDirContents

Determine what content to expose through the component manager's outgoing directory. If no value is set, this defaults to NONE.

10 root_component_url string[100]

URL of the root component to launch. This field is used if the no URL is passed to component manager. If value is passed in both places, then an error is raised.

11 component_id_index_path string[1024]

Path to the component ID index. An empty value defaults to an empty index. An invalid index causes component_manager to abort.

12 log_all_events bool

If true, component manager will log all events dispatched in the topology.

DebugRegistrationAllowlistEntry

Defined in fuchsia.component.internal/config.fidl

Defines a capability policy entry in the set of debug capability policy allowlists.

OrdinalNameTypeDescription
1 source_moniker string[4096]

The source_moniker represents the origin of a capability. The source_moniker is absolute moniker.

2 source_name string[100]

The source name of this particular capability.

3 debug AllowlistedDebugRegistration

Represents the type of capability that is being restricted along with any other properties required by a particular capability type.

4 target_moniker string[4096]

The target_moniker represents the component which is allowed to register this capability in its environment's debug sction.

5 environment_name fuchsia.component/name

Name of the environment where this capability can be registered.

DebugRegistrationPolicyAllowlists

Defined in fuchsia.component.internal/config.fidl

Defines the total set of debug capability allowlists.

OrdinalNameTypeDescription
1 allowlist vector<DebugRegistrationAllowlistEntry>[128]

InstanceIdEntry

Defined in fuchsia.component.internal/component_id_index.fidl

OrdinalNameTypeDescription
1 instance_id InstanceId

A 256-bit identifier encoded in base64 which is unique across all other instance IDs in the index.

2 appmgr_moniker AppmgrMoniker

An appmgr-based moniker identifying an appmgr component instance associated with instance_id. Note that component manager ignores this field; it is only consumed by appmgr.

3 moniker string[4096]

The absolute moniker identifying the component instance. Note that appmgr ignores thie field; it is only consumed by component manager.

JobPolicyAllowlists

Defined in fuchsia.component.internal/config.fidl

Allowlists for Zircon job policy.

OrdinalNameTypeDescription
1 ambient_mark_vmo_exec vector<string>[128]

Absolute monikers for components allowed to be given the ZX_POL_AMBIENT_MARK_VMO_EXEC job policy.

Components must request this policy by including "job_policy_ambient_mark_vmo_exec: true" in their CML's program section and must be using the ELF runner. This is equivalent to the v1 'deprecated-ambient-replace-as-executable' feature.

2 main_process_critical vector<string>[128]

Absolute monikers for components allowed to have their original process marked as critical to component_manager's job.

Components must request this critical marking by including "main_process_critical: true" in their CML's program section and must be using the ELF runner.

3 create_raw_processes vector<string>[128]

Absolute monikers for components allowed to call zx_process_create directly (e.g., do not have ZX_POL_NEW_PROCESS set to ZX_POL_ACTION_DENY).

Components must request this policy by including "job_policy_create_raw_processes: true" in their manifest's program object and must be using the ELF runner.

SecurityPolicy

Defined in fuchsia.component.internal/config.fidl

Runtime security policy.

OrdinalNameTypeDescription
1 job_policy JobPolicyAllowlists

Allowlists for Zircon job policy.

2 capability_policy CapabilityPolicyAllowlists

Capability access policy.

3 debug_registration_policy DebugRegistrationPolicyAllowlists

Debug capability registration policy.

UNIONS

AllowlistedCapability

Defined in fuchsia.component.internal/config.fidl

Represents the class of capabilities supported to be allowlisted.

NameTypeDescription
directory AllowlistedDirectory
event AllowlistedEvent
protocol AllowlistedProtocol
service AllowlistedService
storage AllowlistedStorage
runner AllowlistedRunner
resolver AllowlistedResolver

AllowlistedDebugRegistration

Defined in fuchsia.component.internal/config.fidl

Represents the class of capabilities supported to be allowlisted.

NameTypeDescription
protocol AllowlistedProtocol

CONSTANTS

NameValueTypeDescription
MAX_ALLOWLIST_SIZE 128 uint64

The maximum size of the JobPolicyAllowlists entries. This value is currently set arbitrarily.

TYPE ALIASES

NameValueDescription
AppmgrRealmPath vector[256]

The path to the appmgr realm where the component runs.

InstanceId string[64]

256 bits encoded in lower-cased base64 (64 chars).