| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" | 5 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 | 8 |
| 9 #include <limits> | 9 #include <limits> |
| 10 | 10 |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 } | 42 } |
| 43 | 43 |
| 44 private: | 44 private: |
| 45 virtual ~ErrorResultExprImpl() {} | 45 virtual ~ErrorResultExprImpl() {} |
| 46 | 46 |
| 47 int err_; | 47 int err_; |
| 48 | 48 |
| 49 DISALLOW_COPY_AND_ASSIGN(ErrorResultExprImpl); | 49 DISALLOW_COPY_AND_ASSIGN(ErrorResultExprImpl); |
| 50 }; | 50 }; |
| 51 | 51 |
| 52 class KillResultExprImpl : public internal::ResultExprImpl { |
| 53 public: |
| 54 explicit KillResultExprImpl(const char* msg) : msg_(msg) { DCHECK(msg_); } |
| 55 |
| 56 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { |
| 57 return sb->Kill(msg_); |
| 58 } |
| 59 |
| 60 private: |
| 61 virtual ~KillResultExprImpl() {} |
| 62 |
| 63 const char* msg_; |
| 64 |
| 65 DISALLOW_COPY_AND_ASSIGN(KillResultExprImpl); |
| 66 }; |
| 67 |
| 68 class TraceResultExprImpl : public internal::ResultExprImpl { |
| 69 public: |
| 70 TraceResultExprImpl(uint16_t aux) : aux_(aux) {} |
| 71 |
| 72 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { |
| 73 return ErrorCode(ErrorCode::ERR_TRACE + aux_); |
| 74 } |
| 75 |
| 76 private: |
| 77 virtual ~TraceResultExprImpl() {} |
| 78 |
| 79 uint16_t aux_; |
| 80 |
| 81 DISALLOW_COPY_AND_ASSIGN(TraceResultExprImpl); |
| 82 }; |
| 83 |
| 52 class TrapResultExprImpl : public internal::ResultExprImpl { | 84 class TrapResultExprImpl : public internal::ResultExprImpl { |
| 53 public: | 85 public: |
| 54 TrapResultExprImpl(Trap::TrapFnc func, void* arg) : func_(func), arg_(arg) { | 86 TrapResultExprImpl(Trap::TrapFnc func, const void* arg) |
| 87 : func_(func), arg_(arg) { |
| 55 DCHECK(func_); | 88 DCHECK(func_); |
| 56 } | 89 } |
| 57 | 90 |
| 58 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { | 91 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { |
| 59 return sb->Trap(func_, arg_); | 92 return sb->Trap(func_, arg_); |
| 60 } | 93 } |
| 61 | 94 |
| 62 private: | 95 private: |
| 63 virtual ~TrapResultExprImpl() {} | 96 virtual ~TrapResultExprImpl() {} |
| 64 | 97 |
| 65 Trap::TrapFnc func_; | 98 Trap::TrapFnc func_; |
| 66 void* arg_; | 99 const void* arg_; |
| 67 | 100 |
| 68 DISALLOW_COPY_AND_ASSIGN(TrapResultExprImpl); | 101 DISALLOW_COPY_AND_ASSIGN(TrapResultExprImpl); |
| 69 }; | 102 }; |
| 70 | 103 |
| 104 class UnsafeTrapResultExprImpl : public internal::ResultExprImpl { |
| 105 public: |
| 106 UnsafeTrapResultExprImpl(Trap::TrapFnc func, const void* arg) |
| 107 : func_(func), arg_(arg) { |
| 108 DCHECK(func_); |
| 109 } |
| 110 |
| 111 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { |
| 112 return sb->UnsafeTrap(func_, arg_); |
| 113 } |
| 114 |
| 115 private: |
| 116 virtual ~UnsafeTrapResultExprImpl() {} |
| 117 |
| 118 Trap::TrapFnc func_; |
| 119 const void* arg_; |
| 120 |
| 121 DISALLOW_COPY_AND_ASSIGN(UnsafeTrapResultExprImpl); |
| 122 }; |
| 123 |
| 71 class IfThenResultExprImpl : public internal::ResultExprImpl { | 124 class IfThenResultExprImpl : public internal::ResultExprImpl { |
| 72 public: | 125 public: |
| 73 IfThenResultExprImpl(const BoolExpr& cond, | 126 IfThenResultExprImpl(const BoolExpr& cond, |
| 74 const ResultExpr& then_result, | 127 const ResultExpr& then_result, |
| 75 const ResultExpr& else_result) | 128 const ResultExpr& else_result) |
| 76 : cond_(cond), then_result_(then_result), else_result_(else_result) {} | 129 : cond_(cond), then_result_(then_result), else_result_(else_result) {} |
| 77 | 130 |
| 78 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { | 131 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { |
| 79 return cond_->Compile( | 132 return cond_->Compile( |
| 80 sb, then_result_->Compile(sb), else_result_->Compile(sb)); | 133 sb, then_result_->Compile(sb), else_result_->Compile(sb)); |
| (...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 221 } // namespace internal | 274 } // namespace internal |
| 222 | 275 |
| 223 ResultExpr Allow() { | 276 ResultExpr Allow() { |
| 224 return ResultExpr(new const AllowResultExprImpl()); | 277 return ResultExpr(new const AllowResultExprImpl()); |
| 225 } | 278 } |
| 226 | 279 |
| 227 ResultExpr Error(int err) { | 280 ResultExpr Error(int err) { |
| 228 return ResultExpr(new const ErrorResultExprImpl(err)); | 281 return ResultExpr(new const ErrorResultExprImpl(err)); |
| 229 } | 282 } |
| 230 | 283 |
| 231 ResultExpr Trap(Trap::TrapFnc trap_func, void* aux) { | 284 ResultExpr Kill(const char* msg) { |
| 285 return ResultExpr(new const KillResultExprImpl(msg)); |
| 286 } |
| 287 |
| 288 ResultExpr Trace(uint16_t aux) { |
| 289 return ResultExpr(new const TraceResultExprImpl(aux)); |
| 290 } |
| 291 |
| 292 ResultExpr Trap(Trap::TrapFnc trap_func, const void* aux) { |
| 232 return ResultExpr(new const TrapResultExprImpl(trap_func, aux)); | 293 return ResultExpr(new const TrapResultExprImpl(trap_func, aux)); |
| 233 } | 294 } |
| 234 | 295 |
| 296 ResultExpr UnsafeTrap(Trap::TrapFnc trap_func, const void* aux) { |
| 297 return ResultExpr(new const UnsafeTrapResultExprImpl(trap_func, aux)); |
| 298 } |
| 299 |
| 235 BoolExpr BoolConst(bool value) { | 300 BoolExpr BoolConst(bool value) { |
| 236 return BoolExpr(new const ConstBoolExprImpl(value)); | 301 return BoolExpr(new const ConstBoolExprImpl(value)); |
| 237 } | 302 } |
| 238 | 303 |
| 239 BoolExpr operator!(const BoolExpr& cond) { | 304 BoolExpr operator!(const BoolExpr& cond) { |
| 240 return BoolExpr(new const NegateBoolExprImpl(cond)); | 305 return BoolExpr(new const NegateBoolExprImpl(cond)); |
| 241 } | 306 } |
| 242 | 307 |
| 243 BoolExpr operator&&(const BoolExpr& lhs, const BoolExpr& rhs) { | 308 BoolExpr operator&&(const BoolExpr& lhs, const BoolExpr& rhs) { |
| 244 return BoolExpr(new const AndBoolExprImpl(lhs, rhs)); | 309 return BoolExpr(new const AndBoolExprImpl(lhs, rhs)); |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 304 | 369 |
| 305 ErrorCode SandboxBPFDSLPolicy::EvaluateSyscall(SandboxBPF* sb, | 370 ErrorCode SandboxBPFDSLPolicy::EvaluateSyscall(SandboxBPF* sb, |
| 306 int sysno) const { | 371 int sysno) const { |
| 307 return EvaluateSyscall(sysno)->Compile(sb); | 372 return EvaluateSyscall(sysno)->Compile(sb); |
| 308 } | 373 } |
| 309 | 374 |
| 310 ErrorCode SandboxBPFDSLPolicy::InvalidSyscall(SandboxBPF* sb) const { | 375 ErrorCode SandboxBPFDSLPolicy::InvalidSyscall(SandboxBPF* sb) const { |
| 311 return InvalidSyscall()->Compile(sb); | 376 return InvalidSyscall()->Compile(sb); |
| 312 } | 377 } |
| 313 | 378 |
| 314 ResultExpr SandboxBPFDSLPolicy::Trap(Trap::TrapFnc trap_func, void* aux) { | 379 ResultExpr SandboxBPFDSLPolicy::Trap(Trap::TrapFnc trap_func, const void* aux) { |
| 315 return bpf_dsl::Trap(trap_func, aux); | 380 return bpf_dsl::Trap(trap_func, aux); |
| 316 } | 381 } |
| 317 | 382 |
| 318 } // namespace bpf_dsl | 383 } // namespace bpf_dsl |
| 319 } // namespace sandbox | 384 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 559653004:
Convert sandbox_bpf_unittest.cc to use bpf_dsl (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master