| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__ | 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__ |
| 6 #define SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__ | 6 #define SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__ |
| 7 | 7 |
| 8 #include "sandbox/linux/seccomp-bpf/trap.h" | 8 #include "sandbox/linux/seccomp-bpf/trap.h" |
| 9 #include "sandbox/sandbox_export.h" | 9 #include "sandbox/sandbox_export.h" |
| 10 | 10 |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 // Allow this system call. The value of ERR_ALLOWED is pretty much | 31 // Allow this system call. The value of ERR_ALLOWED is pretty much |
| 32 // completely arbitrary. But we want to pick it so that is is unlikely | 32 // completely arbitrary. But we want to pick it so that is is unlikely |
| 33 // to be passed in accidentally, when the user intended to return an | 33 // to be passed in accidentally, when the user intended to return an |
| 34 // "errno" (see below) value instead. | 34 // "errno" (see below) value instead. |
| 35 ERR_ALLOWED = 0x04000000, | 35 ERR_ALLOWED = 0x04000000, |
| 36 | 36 |
| 37 // If the progress is being ptraced with PTRACE_O_TRACESECCOMP, then the | 37 // If the progress is being ptraced with PTRACE_O_TRACESECCOMP, then the |
| 38 // tracer will be notified of a PTRACE_EVENT_SECCOMP and allowed to change | 38 // tracer will be notified of a PTRACE_EVENT_SECCOMP and allowed to change |
| 39 // or skip the system call. The lower 16 bits of err will be available to | 39 // or skip the system call. The lower 16 bits of err will be available to |
| 40 // the tracer via PTRACE_GETEVENTMSG. | 40 // the tracer via PTRACE_GETEVENTMSG. |
| 41 ERR_TRACE = 0x08000000, | 41 ERR_TRACE = 0x08000000, |
| 42 |
| 43 // Kill the process immediately. |
| 44 ERR_KILL = 0x10000000, |
| 42 | 45 |
| 43 // Deny the system call with a particular "errno" value. | 46 // Deny the system call with a particular "errno" value. |
| 44 // N.B.: It is also possible to return "0" here. That would normally | 47 // N.B.: It is also possible to return "0" here. That would normally |
| 45 // indicate success, but it won't actually run the system call. | 48 // indicate success, but it won't actually run the system call. |
| 46 // This is very different from return ERR_ALLOWED. | 49 // This is very different from return ERR_ALLOWED. |
| 47 ERR_MIN_ERRNO = 0, | 50 ERR_MIN_ERRNO = 0, |
| 48 #if defined(__mips__) | 51 #if defined(__mips__) |
| 49 // MIPS only supports errno up to 1133 | 52 // MIPS only supports errno up to 1133 |
| 50 ERR_MAX_ERRNO = 1133, | 53 ERR_MAX_ERRNO = 1133, |
| 51 #else | 54 #else |
| (...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 194 | 197 |
| 195 // 32bit field used for all possible types of ErrorCode values. This is | 198 // 32bit field used for all possible types of ErrorCode values. This is |
| 196 // the value that uniquely identifies any ErrorCode and it (typically) can | 199 // the value that uniquely identifies any ErrorCode and it (typically) can |
| 197 // be emitted directly into a BPF filter program. | 200 // be emitted directly into a BPF filter program. |
| 198 uint32_t err_; | 201 uint32_t err_; |
| 199 }; | 202 }; |
| 200 | 203 |
| 201 } // namespace sandbox | 204 } // namespace sandbox |
| 202 | 205 |
| 203 #endif // SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__ | 206 #endif // SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1302043002:
sandbox/linux: refactor bpf_dsl dependency on die.h (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master