sandbox/linux/seccomp-bpf/sandbox_bpf.cc - Issue 576673003: Decouple CodeGen from ErrorCode

Side by Side Diff: sandbox/linux/seccomp-bpf/sandbox_bpf.cc

Issue 576673003: Decouple CodeGen from ErrorCode (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"	5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"

6	6

7 // Some headers on Android are missing cdefs: crbug.com/172337.	7 // Some headers on Android are missing cdefs: crbug.com/172337.

8 // (We can't use OS_ANDROID here since build_config.h is not included).	8 // (We can't use OS_ANDROID here since build_config.h is not included).

9 #if defined(ANDROID)	9 #if defined(ANDROID)

10 #include <sys/cdefs.h>	10 #include <sys/cdefs.h>

(...skipping 868 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
879 // this range object. If it is greater or equal, it might be inside.	879 // this range object. If it is greater or equal, it might be inside.

880 Ranges::const_iterator mid = start + (stop - start) / 2;	880 Ranges::const_iterator mid = start + (stop - start) / 2;

881	881

882 // Sub-divide the list of ranges and continue recursively.	882 // Sub-divide the list of ranges and continue recursively.

883 Instruction* jf = AssembleJumpTable(gen, start, mid);	883 Instruction* jf = AssembleJumpTable(gen, start, mid);

884 Instruction* jt = AssembleJumpTable(gen, mid, stop);	884 Instruction* jt = AssembleJumpTable(gen, mid, stop);

885 return gen->MakeInstruction(BPF_JMP + BPF_JGE + BPF_K, mid->from, jt, jf);	885 return gen->MakeInstruction(BPF_JMP + BPF_JGE + BPF_K, mid->from, jt, jf);

886 }	886 }

887	887

888 Instruction* SandboxBPF::RetExpression(CodeGen* gen, const ErrorCode& err) {	888 Instruction* SandboxBPF::RetExpression(CodeGen* gen, const ErrorCode& err) {

889 if (err.error_type_ == ErrorCode::ET_COND) {	889 switch (err.error_type()) {

	890 case ErrorCode::ET_COND:

890 return CondExpression(gen, err);	891 return CondExpression(gen, err);
	rickyz (no longer on Chrome) 2014/09/16 22:36:46 nit: fix indent nit: fix indent mdempsky 2014/09/16 22:41:30 Oops, done. Show quoted text On 2014/09/16 22:36:46, rickyz wrote: > nit: fix indent Oops, done.
891 } else {	892 case ErrorCode::ET_SIMPLE:

892 return gen->MakeInstruction(BPF_RET + BPF_K, err);	893 case ErrorCode::ET_TRAP:

	894 return gen->MakeInstruction(BPF_RET + BPF_K, err.err());

	895 default:

	896 SANDBOX_DIE("ErrorCode is not suitable for returning from a BPF program");
	jln (very slow on Chromium) 2014/09/16 22:42:29 Will this work with all compilers? I think there a Will this work with all compilers? I think there are cases where this is not considered noreturn, so you may need to return NULL here. mdempsky 2014/09/16 22:47:44 I think so. There are other functions in this fil Show quoted text On 2014/09/16 22:42:29, jln wrote: > Will this work with all compilers? I think so. There are other functions in this file (e.g., BPFFailure) that call SANDBOX_DIE() and don't have any return statements.
893 }	897 }

894 }	898 }

895	899

896 Instruction* SandboxBPF::CondExpression(CodeGen* gen, const ErrorCode& cond) {	900 Instruction* SandboxBPF::CondExpression(CodeGen* gen, const ErrorCode& cond) {

897 // Sanity check that \|cond\| makes sense.	901 // Sanity check that \|cond\| makes sense.

898 if (cond.argno_ < 0 \|\| cond.argno_ >= 6) {	902 if (cond.argno_ < 0 \|\| cond.argno_ >= 6) {

899 SANDBOX_DIE("sandbox_bpf: invalid argument number");	903 SANDBOX_DIE("sandbox_bpf: invalid argument number");

900 }	904 }

901 if (cond.width_ != ErrorCode::TP_32BIT &&	905 if (cond.width_ != ErrorCode::TP_32BIT &&

902 cond.width_ != ErrorCode::TP_64BIT) {	906 cond.width_ != ErrorCode::TP_64BIT) {

(...skipping 227 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1130 }	1134 }

1131 }	1135 }

1132	1136

1133 ErrorCode SandboxBPF::Kill(const char* msg) {	1137 ErrorCode SandboxBPF::Kill(const char* msg) {

1134 return Trap(BPFFailure, const_cast<char*>(msg));	1138 return Trap(BPFFailure, const_cast<char*>(msg));

1135 }	1139 }

1136	1140

1137 SandboxBPF::SandboxStatus SandboxBPF::status_ = STATUS_UNKNOWN;	1141 SandboxBPF::SandboxStatus SandboxBPF::status_ = STATUS_UNKNOWN;

1138	1142

1139 } // namespace sandbox	1143 } // namespace sandbox

OLD	NEW

« sandbox/linux/seccomp-bpf/codegen.h ('K') | « sandbox/linux/seccomp-bpf/codegen_unittest.cc ('k') | no next file » | no next file with comments »