Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(303)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/bpf_dsl/trap_registry.h

Issue 1001833005: Update from https://crrev.com/320343 (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Supress Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/bpf_dsl/seccomp_macros.h ('k') | sandbox/linux/bpf_dsl/verifier.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_LINUX_BPF_DSL_TRAP_REGISTRY_H_ 5 #ifndef SANDBOX_LINUX_BPF_DSL_TRAP_REGISTRY_H_
6 #define SANDBOX_LINUX_BPF_DSL_TRAP_REGISTRY_H_ 6 #define SANDBOX_LINUX_BPF_DSL_TRAP_REGISTRY_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include "base/macros.h" 10 #include "base/macros.h"
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after
42 typedef intptr_t (*TrapFnc)(const struct arch_seccomp_data& args, void* aux); 42 typedef intptr_t (*TrapFnc)(const struct arch_seccomp_data& args, void* aux);
43 43
44 // Add registers the specified trap handler tuple and returns a 44 // Add registers the specified trap handler tuple and returns a
45 // non-zero trap ID that uniquely identifies the tuple for the life 45 // non-zero trap ID that uniquely identifies the tuple for the life
46 // time of the trap registry. If the same tuple is registered 46 // time of the trap registry. If the same tuple is registered
47 // multiple times, the same value will be returned each time. 47 // multiple times, the same value will be returned each time.
48 virtual uint16_t Add(TrapFnc fnc, const void* aux, bool safe) = 0; 48 virtual uint16_t Add(TrapFnc fnc, const void* aux, bool safe) = 0;
49 49
50 // EnableUnsafeTraps tries to enable unsafe traps and returns 50 // EnableUnsafeTraps tries to enable unsafe traps and returns
51 // whether it was successful. This is a one-way operation. 51 // whether it was successful. This is a one-way operation.
52 //
53 // CAUTION: Enabling unsafe traps effectively defeats the security
54 // guarantees provided by the sandbox policy. TrapRegistry
55 // implementations should ensure unsafe traps are only enabled
56 // during testing.
52 virtual bool EnableUnsafeTraps() = 0; 57 virtual bool EnableUnsafeTraps() = 0;
53 58
54 protected: 59 protected:
55 TrapRegistry() {} 60 TrapRegistry() {}
61
62 // TrapRegistry's destructor is intentionally non-virtual so that
63 // implementations can omit their destructor. Instead we protect against
64 // misuse by marking it protected.
56 ~TrapRegistry() {} 65 ~TrapRegistry() {}
57 66
58 DISALLOW_COPY_AND_ASSIGN(TrapRegistry); 67 DISALLOW_COPY_AND_ASSIGN(TrapRegistry);
59 }; 68 };
60 69
61 } // namespace bpf_dsl 70 } // namespace bpf_dsl
62 } // namespace sandbox 71 } // namespace sandbox
63 72
64 #endif // SANDBOX_LINUX_BPF_DSL_TRAP_REGISTRY_H_ 73 #endif // SANDBOX_LINUX_BPF_DSL_TRAP_REGISTRY_H_
OLDNEW
« no previous file with comments | « sandbox/linux/bpf_dsl/seccomp_macros.h ('k') | sandbox/linux/bpf_dsl/verifier.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698