Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(118)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/bpf_dsl/bpf_dsl.h

Issue 1302043002: sandbox/linux: refactor bpf_dsl dependency on die.h (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Change default panic behavior to simply Kill Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | sandbox/linux/bpf_dsl/bpf_dsl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ 5 #ifndef SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_
6 #define SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ 6 #define SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <utility> 10 #include <utility>
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
48 // return Allow(); 48 // return Allow();
49 // } 49 // }
50 // } 50 // }
51 // 51 //
52 // private: 52 // private:
53 // DISALLOW_COPY_AND_ASSIGN(SillyPolicy); 53 // DISALLOW_COPY_AND_ASSIGN(SillyPolicy);
54 // }; 54 // };
55 // 55 //
56 // More generally, the DSL currently supports the following grammar: 56 // More generally, the DSL currently supports the following grammar:
57 // 57 //
58 // result = Allow() | Error(errno) | Kill(msg) | Trace(aux) 58 // result = Allow() | Error(errno) | Kill() | Trace(aux)
59 // | Trap(trap_func, aux) | UnsafeTrap(trap_func, aux) 59 // | Trap(trap_func, aux) | UnsafeTrap(trap_func, aux)
60 // | If(bool, result)[.ElseIf(bool, result)].Else(result) 60 // | If(bool, result)[.ElseIf(bool, result)].Else(result)
61 // | Switch(arg)[.Case(val, result)].Default(result) 61 // | Switch(arg)[.Case(val, result)].Default(result)
62 // bool = BoolConst(boolean) | !bool | bool && bool | bool || bool 62 // bool = BoolConst(boolean) | !bool | bool && bool | bool || bool
63 // | arg == val | arg != val 63 // | arg == val | arg != val
64 // arg = Arg<T>(num) | arg & mask 64 // arg = Arg<T>(num) | arg & mask
65 // 65 //
66 // The semantics of each function and operator are intended to be 66 // The semantics of each function and operator are intended to be
67 // intuitive, but are described in more detail below. 67 // intuitive, but are described in more detail below.
68 // 68 //
(...skipping 13 matching lines...) Expand all
82 // Allow specifies a result that the system call should be allowed to 82 // Allow specifies a result that the system call should be allowed to
83 // execute normally. 83 // execute normally.
84 SANDBOX_EXPORT ResultExpr Allow(); 84 SANDBOX_EXPORT ResultExpr Allow();
85 85
86 // Error specifies a result that the system call should fail with 86 // Error specifies a result that the system call should fail with
87 // error number |err|. As a special case, Error(0) will result in the 87 // error number |err|. As a special case, Error(0) will result in the
88 // system call appearing to have succeeded, but without having any 88 // system call appearing to have succeeded, but without having any
89 // side effects. 89 // side effects.
90 SANDBOX_EXPORT ResultExpr Error(int err); 90 SANDBOX_EXPORT ResultExpr Error(int err);
91 91
92 // Kill specifies a result to kill the program and print an error message. 92 // Kill specifies a result to kill the process (task) immediately.
93 SANDBOX_EXPORT ResultExpr Kill(const char* msg); 93 SANDBOX_EXPORT ResultExpr Kill();
94 94
95 // Trace specifies a result to notify a tracing process via the 95 // Trace specifies a result to notify a tracing process via the
96 // PTRACE_EVENT_SECCOMP event and allow it to change or skip the system call. 96 // PTRACE_EVENT_SECCOMP event and allow it to change or skip the system call.
97 // The value of |aux| will be available to the tracer via PTRACE_GETEVENTMSG. 97 // The value of |aux| will be available to the tracer via PTRACE_GETEVENTMSG.
98 SANDBOX_EXPORT ResultExpr Trace(uint16_t aux); 98 SANDBOX_EXPORT ResultExpr Trace(uint16_t aux);
99 99
100 // Trap specifies a result that the system call should be handled by 100 // Trap specifies a result that the system call should be handled by
101 // trapping back into userspace and invoking |trap_func|, passing 101 // trapping back into userspace and invoking |trap_func|, passing
102 // |aux| as the second parameter. 102 // |aux| as the second parameter.
103 SANDBOX_EXPORT ResultExpr 103 SANDBOX_EXPORT ResultExpr
(...skipping 208 matching lines...) Expand 10 before | Expand all | Expand 10 after
312 312
313 template <typename T> 313 template <typename T>
314 ResultExpr Caser<T>::Default(ResultExpr result) const { 314 ResultExpr Caser<T>::Default(ResultExpr result) const {
315 return elser_.Else(result); 315 return elser_.Else(result);
316 } 316 }
317 317
318 } // namespace bpf_dsl 318 } // namespace bpf_dsl
319 } // namespace sandbox 319 } // namespace sandbox
320 320
321 #endif // SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ 321 #endif // SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_
OLDNEW
« no previous file with comments | « no previous file | sandbox/linux/bpf_dsl/bpf_dsl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698