Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(853)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf/sandbox_bpf.h

Issue 568053005: Split AssembleFilter into comprehensible chunks (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Respond to jln feedback Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | sandbox/linux/seccomp-bpf/sandbox_bpf.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__ 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__
6 #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__ 6 #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__
7 7
8 #include <stddef.h> 8 #include <stddef.h>
9 #include <sys/types.h> 9 #include <sys/types.h>
10 #include <sys/wait.h> 10 #include <sys/wait.h>
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after
239 // any other policies. 239 // any other policies.
240 bool KernelSupportSeccompBPF(); 240 bool KernelSupportSeccompBPF();
241 241
242 // Verify that the current policy passes some basic sanity checks. 242 // Verify that the current policy passes some basic sanity checks.
243 void PolicySanityChecks(SandboxBPFPolicy* policy); 243 void PolicySanityChecks(SandboxBPFPolicy* policy);
244 244
245 // Assembles and installs a filter based on the policy that has previously 245 // Assembles and installs a filter based on the policy that has previously
246 // been configured with SetSandboxPolicy(). 246 // been configured with SetSandboxPolicy().
247 void InstallFilter(bool must_sync_threads); 247 void InstallFilter(bool must_sync_threads);
248 248
249 // Compile the configured policy into a complete instruction sequence.
250 // (See MaybeAddEscapeHatch for |has_unsafe_traps|.)
251 Instruction* CompilePolicy(CodeGen* gen, bool* has_unsafe_traps);
252
253 // Return an instruction sequence that checks the
254 // arch_seccomp_data's "arch" field is valid, and then passes
255 // control to |passed| if so.
256 Instruction* CheckArch(CodeGen* gen, Instruction* passed);
257
258 // If the |rest| instruction sequence contains any unsafe traps,
259 // then sets |*has_unsafe_traps| to true and returns an instruction
260 // sequence that allows all system calls from Syscall::Call(), and
261 // otherwise passes control to |rest|.
262 //
263 // If |rest| contains no unsafe traps, then |rest| is returned
264 // directly and |*has_unsafe_traps| is set to false.
265 Instruction* MaybeAddEscapeHatch(CodeGen* gen,
266 bool* has_unsafe_traps,
267 Instruction* rest);
268
269 // Return an instruction sequence that loads and checks the system
270 // call number, performs a binary search, and then dispatches to an
271 // appropriate instruction sequence compiled from the current
272 // policy.
273 Instruction* DispatchSyscall(CodeGen* gen);
274
275 // Return an instruction sequence that checks the system call number
276 // (expected to be loaded in register A) and if valid, passes
277 // control to |passed| (with register A still valid).
278 Instruction* CheckSyscallNumber(CodeGen* gen, Instruction* passed);
279
249 // Verify the correctness of a compiled program by comparing it against the 280 // Verify the correctness of a compiled program by comparing it against the
250 // current policy. This function should only ever be called by unit tests and 281 // current policy. This function should only ever be called by unit tests and
251 // by the sandbox internals. It should not be used by production code. 282 // by the sandbox internals. It should not be used by production code.
252 void VerifyProgram(const Program& program, bool has_unsafe_traps); 283 void VerifyProgram(const Program& program, bool has_unsafe_traps);
253 284
254 // Finds all the ranges of system calls that need to be handled. Ranges are 285 // Finds all the ranges of system calls that need to be handled. Ranges are
255 // sorted in ascending order of system call numbers. There are no gaps in the 286 // sorted in ascending order of system call numbers. There are no gaps in the
256 // ranges. System calls with identical ErrorCodes are coalesced into a single 287 // ranges. System calls with identical ErrorCodes are coalesced into a single
257 // range. 288 // range.
258 void FindRanges(Ranges* ranges); 289 void FindRanges(Ranges* ranges);
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
291 scoped_ptr<const SandboxBPFPolicy> policy_; 322 scoped_ptr<const SandboxBPFPolicy> policy_;
292 Conds* conds_; 323 Conds* conds_;
293 bool sandbox_has_started_; 324 bool sandbox_has_started_;
294 325
295 DISALLOW_COPY_AND_ASSIGN(SandboxBPF); 326 DISALLOW_COPY_AND_ASSIGN(SandboxBPF);
296 }; 327 };
297 328
298 } // namespace sandbox 329 } // namespace sandbox
299 330
300 #endif // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__ 331 #endif // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__
OLDNEW
« no previous file with comments | « no previous file | sandbox/linux/seccomp-bpf/sandbox_bpf.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698