sandbox/linux: refactor bpf_dsl dependency on die.h

sandbox/linux/bpf_dsl/policy_compiler.h

Index: sandbox/linux/bpf_dsl/policy_compiler.h
diff --git a/sandbox/linux/bpf_dsl/policy_compiler.h b/sandbox/linux/bpf_dsl/policy_compiler.h
index df38d4ccbc4e4cd087d6e9d510adcf50b00b2a2b..445cb9c32f58df7193a58435c3e387253a6d8b9e 100644
--- a/sandbox/linux/bpf_dsl/policy_compiler.h
+++ b/sandbox/linux/bpf_dsl/policy_compiler.h
@@ -15,6 +15,7 @@
 #include "base/memory/scoped_ptr.h"
 #include "sandbox/linux/bpf_dsl/bpf_dsl_forward.h"
 #include "sandbox/linux/bpf_dsl/codegen.h"
+#include "sandbox/linux/bpf_dsl/trap_registry.h"
 #include "sandbox/linux/seccomp-bpf/errorcode.h"
 #include "sandbox/sandbox_export.h"
 
@@ -38,6 +39,12 @@ class SANDBOX_EXPORT PolicyCompiler {
   // system calls, regardless of policy.
   void DangerousSetEscapePC(uint64_t escapepc);
 
+  // SetPanicFunc sets the trap function used for handling faulty
+  // system call conditions.  The function will be called with its aux
+  // argument set to a pointer to a null-terminated character sequence
+  // describing the fault.
+  void SetPanicFunc(TrapRegistry::TrapFnc panic_func);
+
   // Error returns an ErrorCode to indicate the system call should fail with
   // the specified error number.
   ErrorCode Error(int err);
@@ -142,9 +149,12 @@ class SANDBOX_EXPORT PolicyCompiler {
                                    CodeGen::Node passed,
                                    CodeGen::Node failed);
 
+  bpf_dsl::ResultExpr Panic(const char* msg);
+
   const Policy* policy_;
   TrapRegistry* registry_;
   uint64_t escapepc_;
+  TrapRegistry::TrapFnc panic_func_;
 
   Conds conds_;
   CodeGen gen_;