| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ | 5 #ifndef SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ |
| 6 #define SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ | 6 #define SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <limits> |
| 10 #include <utility> | 11 #include <utility> |
| 11 | 12 |
| 12 #include "base/macros.h" | 13 #include "base/macros.h" |
| 13 #include "base/memory/ref_counted.h" | 14 #include "base/memory/ref_counted.h" |
| 14 #include "sandbox/linux/bpf_dsl/cons.h" | 15 #include "sandbox/linux/bpf_dsl/cons.h" |
| 15 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" | 16 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" |
| 16 #include "sandbox/linux/seccomp-bpf/trap.h" | 17 #include "sandbox/linux/seccomp-bpf/trap.h" |
| 17 #include "sandbox/sandbox_export.h" | 18 #include "sandbox/sandbox_export.h" |
| 18 | 19 |
| 19 namespace sandbox { | 20 namespace sandbox { |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 101 virtual ResultExpr InvalidSyscall() const; | 102 virtual ResultExpr InvalidSyscall() const; |
| 102 | 103 |
| 103 // Override implementations from SandboxBPFPolicy. Marked as FINAL | 104 // Override implementations from SandboxBPFPolicy. Marked as FINAL |
| 104 // to prevent mixups with child classes accidentally overloading | 105 // to prevent mixups with child classes accidentally overloading |
| 105 // these instead of the above methods. | 106 // these instead of the above methods. |
| 106 virtual ErrorCode EvaluateSyscall(SandboxBPF* sb, | 107 virtual ErrorCode EvaluateSyscall(SandboxBPF* sb, |
| 107 int sysno) const OVERRIDE FINAL; | 108 int sysno) const OVERRIDE FINAL; |
| 108 virtual ErrorCode InvalidSyscall(SandboxBPF* sb) const OVERRIDE FINAL; | 109 virtual ErrorCode InvalidSyscall(SandboxBPF* sb) const OVERRIDE FINAL; |
| 109 | 110 |
| 110 // Helper method so policies can just write Trap(func, aux). | 111 // Helper method so policies can just write Trap(func, aux). |
| 111 static ResultExpr Trap(::sandbox::Trap::TrapFnc trap_func, void* aux); | 112 static ResultExpr Trap(Trap::TrapFnc trap_func, void* aux); |
| 112 | 113 |
| 113 private: | 114 private: |
| 114 DISALLOW_COPY_AND_ASSIGN(SandboxBPFDSLPolicy); | 115 DISALLOW_COPY_AND_ASSIGN(SandboxBPFDSLPolicy); |
| 115 }; | 116 }; |
| 116 | 117 |
| 117 // Allow specifies a result that the system call should be allowed to | 118 // Allow specifies a result that the system call should be allowed to |
| 118 // execute normally. | 119 // execute normally. |
| 119 SANDBOX_EXPORT ResultExpr Allow(); | 120 SANDBOX_EXPORT ResultExpr Allow(); |
| 120 | 121 |
| 121 // Error specifies a result that the system call should fail with | 122 // Error specifies a result that the system call should fail with |
| 122 // error number |err|. As a special case, Error(0) will result in the | 123 // error number |err|. As a special case, Error(0) will result in the |
| 123 // system call appearing to have succeeded, but without having any | 124 // system call appearing to have succeeded, but without having any |
| 124 // side effects. | 125 // side effects. |
| 125 SANDBOX_EXPORT ResultExpr Error(int err); | 126 SANDBOX_EXPORT ResultExpr Error(int err); |
| 126 | 127 |
| 127 // Trap specifies a result that the system call should be handled by | 128 // Trap specifies a result that the system call should be handled by |
| 128 // trapping back into userspace and invoking |trap_func|, passing | 129 // trapping back into userspace and invoking |trap_func|, passing |
| 129 // |aux| as the second parameter. | 130 // |aux| as the second parameter. |
| 130 SANDBOX_EXPORT ResultExpr Trap(::sandbox::Trap::TrapFnc trap_func, void* aux); | 131 SANDBOX_EXPORT ResultExpr Trap(Trap::TrapFnc trap_func, void* aux); |
| 131 | 132 |
| 132 template <typename T> | 133 template <typename T> |
| 133 class SANDBOX_EXPORT Arg { | 134 class SANDBOX_EXPORT Arg { |
| 134 public: | 135 public: |
| 135 // Initializes the Arg to represent the |num|th system call | 136 // Initializes the Arg to represent the |num|th system call |
| 136 // argument (indexed from 0), which is of type |T|. | 137 // argument (indexed from 0), which is of type |T|. |
| 137 explicit Arg(int num) : num_(num), mask_(-1) {} | 138 explicit Arg(int num) |
| 139 : num_(num), mask_(std::numeric_limits<uint64_t>::max()) {} |
| 138 | 140 |
| 139 Arg(const Arg& arg) : num_(arg.num_), mask_(arg.mask_) {} | 141 Arg(const Arg& arg) : num_(arg.num_), mask_(arg.mask_) {} |
| 140 | 142 |
| 141 // Returns an Arg representing the current argument, but after | 143 // Returns an Arg representing the current argument, but after |
| 142 // bitwise-and'ing it with |rhs|. | 144 // bitwise-and'ing it with |rhs|. |
| 143 Arg operator&(uint64_t rhs) const { return Arg(num_, mask_ & rhs); } | 145 friend Arg operator&(const Arg& lhs, uint64_t rhs) { |
| 146 return Arg(lhs.num_, lhs.mask_ & rhs); |
| 147 } |
| 144 | 148 |
| 145 // Returns a boolean expression comparing whether the system call | 149 // Returns a boolean expression comparing whether the system call |
| 146 // argument (after applying any bitmasks, if appropriate) equals |rhs|. | 150 // argument (after applying any bitmasks, if appropriate) equals |rhs|. |
| 147 BoolExpr operator==(T rhs) const; | 151 friend BoolExpr operator==(const Arg& lhs, T rhs) { return lhs.EqualTo(rhs); } |
| 148 | 152 |
| 149 private: | 153 private: |
| 150 Arg(int num, uint64_t mask) : num_(num), mask_(mask) {} | 154 Arg(int num, uint64_t mask) : num_(num), mask_(mask) {} |
| 155 |
| 156 BoolExpr EqualTo(T val) const; |
| 157 |
| 151 int num_; | 158 int num_; |
| 152 uint64_t mask_; | 159 uint64_t mask_; |
| 160 |
| 153 DISALLOW_ASSIGN(Arg); | 161 DISALLOW_ASSIGN(Arg); |
| 154 }; | 162 }; |
| 155 | 163 |
| 156 // Various ways to combine boolean expressions into more complex expressions. | 164 // Various ways to combine boolean expressions into more complex expressions. |
| 157 // They follow standard boolean algebra laws. | 165 // They follow standard boolean algebra laws. |
| 158 SANDBOX_EXPORT BoolExpr operator!(BoolExpr cond); | 166 SANDBOX_EXPORT BoolExpr operator!(const BoolExpr& cond); |
| 159 SANDBOX_EXPORT BoolExpr operator&&(BoolExpr lhs, BoolExpr rhs); | 167 SANDBOX_EXPORT BoolExpr operator&&(const BoolExpr& lhs, const BoolExpr& rhs); |
| 160 SANDBOX_EXPORT BoolExpr operator||(BoolExpr lhs, BoolExpr rhs); | 168 SANDBOX_EXPORT BoolExpr operator||(const BoolExpr& lhs, const BoolExpr& rhs); |
| 161 | 169 |
| 162 // If begins a conditional result expression predicated on the | 170 // If begins a conditional result expression predicated on the |
| 163 // specified boolean expression. | 171 // specified boolean expression. |
| 164 SANDBOX_EXPORT Elser If(BoolExpr cond, ResultExpr then_result); | 172 SANDBOX_EXPORT Elser If(const BoolExpr& cond, const ResultExpr& then_result); |
| 165 | 173 |
| 166 class SANDBOX_EXPORT Elser { | 174 class SANDBOX_EXPORT Elser { |
| 167 public: | 175 public: |
| 168 Elser(const Elser& elser); | 176 Elser(const Elser& elser); |
| 169 ~Elser(); | 177 ~Elser(); |
| 170 | 178 |
| 171 // ElseIf extends the conditional result expression with another | 179 // ElseIf extends the conditional result expression with another |
| 172 // "if then" clause, predicated on the specified boolean expression. | 180 // "if then" clause, predicated on the specified boolean expression. |
| 173 Elser ElseIf(BoolExpr cond, ResultExpr then_result) const; | 181 Elser ElseIf(const BoolExpr& cond, const ResultExpr& then_result) const; |
| 174 | 182 |
| 175 // Else terminates a conditional result expression using |else_result| as | 183 // Else terminates a conditional result expression using |else_result| as |
| 176 // the default fallback result expression. | 184 // the default fallback result expression. |
| 177 ResultExpr Else(ResultExpr else_result) const; | 185 ResultExpr Else(const ResultExpr& else_result) const; |
| 178 | 186 |
| 179 private: | 187 private: |
| 180 typedef std::pair<BoolExpr, ResultExpr> Clause; | 188 typedef std::pair<BoolExpr, ResultExpr> Clause; |
| 189 |
| 181 explicit Elser(Cons<Clause>::List clause_list); | 190 explicit Elser(Cons<Clause>::List clause_list); |
| 191 |
| 182 Cons<Clause>::List clause_list_; | 192 Cons<Clause>::List clause_list_; |
| 183 friend Elser If(BoolExpr, ResultExpr); | 193 |
| 194 friend Elser If(const BoolExpr&, const ResultExpr&); |
| 184 DISALLOW_ASSIGN(Elser); | 195 DISALLOW_ASSIGN(Elser); |
| 185 }; | 196 }; |
| 186 | 197 |
| 187 // ===================================================================== | 198 // ===================================================================== |
| 188 // Official API ends here. | 199 // Official API ends here. |
| 189 // ===================================================================== | 200 // ===================================================================== |
| 190 | 201 |
| 191 // Definitions below are necessary here only for C++03 compatibility. | 202 // Definitions below are necessary here only for C++03 compatibility. |
| 192 // Once C++11 is available, they should be moved into bpf_dsl.cc via extern | 203 // Once C++11 is available, they should be moved into bpf_dsl.cc via extern |
| 193 // templates. | 204 // templates. |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 228 private: | 239 private: |
| 229 friend class base::RefCounted<ResultExprImpl>; | 240 friend class base::RefCounted<ResultExprImpl>; |
| 230 DISALLOW_COPY_AND_ASSIGN(ResultExprImpl); | 241 DISALLOW_COPY_AND_ASSIGN(ResultExprImpl); |
| 231 }; | 242 }; |
| 232 | 243 |
| 233 } // namespace internal | 244 } // namespace internal |
| 234 | 245 |
| 235 // Definition requires ArgEq to have been declared. Moved out-of-line | 246 // Definition requires ArgEq to have been declared. Moved out-of-line |
| 236 // to minimize how much internal clutter users have to ignore while | 247 // to minimize how much internal clutter users have to ignore while |
| 237 // reading the header documentation. | 248 // reading the header documentation. |
| 249 // |
| 250 // Additionally, we use this helper member function to avoid linker errors |
| 251 // caused by defining operator== out-of-line. For a more detailed explanation, |
| 252 // see http://www.parashift.com/c++-faq-lite/template-friends.html. |
| 238 template <typename T> | 253 template <typename T> |
| 239 BoolExpr Arg<T>::operator==(T rhs) const { | 254 BoolExpr Arg<T>::EqualTo(T val) const { |
| 240 return internal::ArgEq(num_, sizeof(T), mask_, static_cast<uint64_t>(rhs)); | 255 return internal::ArgEq(num_, sizeof(T), mask_, static_cast<uint64_t>(val)); |
| 241 } | 256 } |
| 242 | 257 |
| 243 } // namespace bpf_dsl | 258 } // namespace bpf_dsl |
| 244 } // namespace sandbox | 259 } // namespace sandbox |
| 245 | 260 |
| 246 #endif // SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ | 261 #endif // SANDBOX_LINUX_BPF_DSL_BPF_DSL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
