| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ | 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ |
| 6 #define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ | 6 #define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <iterator> |
| 11 |
| 10 #include "base/macros.h" | 12 #include "base/macros.h" |
| 11 #include "sandbox/sandbox_export.h" | 13 #include "sandbox/sandbox_export.h" |
| 12 | 14 |
| 13 namespace sandbox { | 15 namespace sandbox { |
| 14 | 16 |
| 15 // TODO(mdempsky): Rename this header to syscall_set.h. | 17 // TODO(mdempsky): Rename this header to syscall_set.h. |
| 16 | 18 |
| 17 // Iterates over the entire system call range from 0..0xFFFFFFFFu. This | 19 // Iterates over the entire system call range from 0..0xFFFFFFFFu. This |
| 18 // iterator is aware of how system calls look like and will skip quickly | 20 // iterator is aware of how system calls look like and will skip quickly |
| 19 // over ranges that can't contain system calls. It iterates more slowly | 21 // over ranges that can't contain system calls. It iterates more slowly |
| (...skipping 14 matching lines...) Expand all Loading... |
| 34 SyscallSet(const SyscallSet& ss) : set_(ss.set_) {} | 36 SyscallSet(const SyscallSet& ss) : set_(ss.set_) {} |
| 35 ~SyscallSet() {} | 37 ~SyscallSet() {} |
| 36 | 38 |
| 37 Iterator begin() const; | 39 Iterator begin() const; |
| 38 Iterator end() const; | 40 Iterator end() const; |
| 39 | 41 |
| 40 // All returns a SyscallSet that contains both valid and invalid | 42 // All returns a SyscallSet that contains both valid and invalid |
| 41 // system call numbers. | 43 // system call numbers. |
| 42 static SyscallSet All() { return SyscallSet(Set::ALL); } | 44 static SyscallSet All() { return SyscallSet(Set::ALL); } |
| 43 | 45 |
| 46 // ValidOnly returns a SyscallSet that contains only valid system |
| 47 // call numbers. |
| 48 static SyscallSet ValidOnly() { return SyscallSet(Set::VALID_ONLY); } |
| 49 |
| 44 // InvalidOnly returns a SyscallSet that contains only invalid | 50 // InvalidOnly returns a SyscallSet that contains only invalid |
| 45 // system call numbers, but still omits numbers in the middle of a | 51 // system call numbers, but still omits numbers in the middle of a |
| 46 // range of invalid system call numbers. | 52 // range of invalid system call numbers. |
| 47 static SyscallSet InvalidOnly() { return SyscallSet(Set::INVALID_ONLY); } | 53 static SyscallSet InvalidOnly() { return SyscallSet(Set::INVALID_ONLY); } |
| 48 | 54 |
| 49 // IsValid returns whether |num| specifies a valid system call | 55 // IsValid returns whether |num| specifies a valid system call |
| 50 // number. | 56 // number. |
| 51 static bool IsValid(uint32_t num); | 57 static bool IsValid(uint32_t num); |
| 52 | 58 |
| 53 private: | 59 private: |
| 54 enum class Set { ALL, INVALID_ONLY }; | 60 enum class Set { ALL, VALID_ONLY, INVALID_ONLY }; |
| 55 | 61 |
| 56 explicit SyscallSet(Set set) : set_(set) {} | 62 explicit SyscallSet(Set set) : set_(set) {} |
| 57 | 63 |
| 58 Set set_; | 64 Set set_; |
| 59 | 65 |
| 60 friend bool operator==(const SyscallSet&, const SyscallSet&); | 66 friend bool operator==(const SyscallSet&, const SyscallSet&); |
| 61 DISALLOW_ASSIGN(SyscallSet); | 67 DISALLOW_ASSIGN(SyscallSet); |
| 62 }; | 68 }; |
| 63 | 69 |
| 64 SANDBOX_EXPORT bool operator==(const SyscallSet& lhs, const SyscallSet& rhs); | 70 SANDBOX_EXPORT bool operator==(const SyscallSet& lhs, const SyscallSet& rhs); |
| 65 | 71 |
| 66 // Iterator provides C++ input iterator semantics for traversing a | 72 // Iterator provides C++ input iterator semantics for traversing a |
| 67 // SyscallSet. | 73 // SyscallSet. |
| 68 class SyscallSet::Iterator { | 74 class SyscallSet::Iterator |
| 75 : public std::iterator<std::input_iterator_tag, uint32_t> { |
| 69 public: | 76 public: |
| 70 Iterator(const Iterator& it) | 77 Iterator(const Iterator& it) |
| 71 : set_(it.set_), done_(it.done_), num_(it.num_) {} | 78 : set_(it.set_), done_(it.done_), num_(it.num_) {} |
| 72 ~Iterator() {} | 79 ~Iterator() {} |
| 73 | 80 |
| 74 uint32_t operator*() const; | 81 uint32_t operator*() const; |
| 75 Iterator& operator++(); | 82 Iterator& operator++(); |
| 76 | 83 |
| 77 private: | 84 private: |
| 78 Iterator(Set set, bool done); | 85 Iterator(Set set, bool done); |
| 79 | 86 |
| 87 uint32_t NextSyscall() const; |
| 88 |
| 80 Set set_; | 89 Set set_; |
| 81 bool done_; | 90 bool done_; |
| 82 uint32_t num_; | 91 uint32_t num_; |
| 83 | 92 |
| 84 friend SyscallSet; | 93 friend SyscallSet; |
| 85 friend bool operator==(const Iterator&, const Iterator&); | 94 friend bool operator==(const Iterator&, const Iterator&); |
| 86 DISALLOW_ASSIGN(Iterator); | 95 DISALLOW_ASSIGN(Iterator); |
| 87 }; | 96 }; |
| 88 | 97 |
| 89 SANDBOX_EXPORT bool operator==(const SyscallSet::Iterator& lhs, | 98 SANDBOX_EXPORT bool operator==(const SyscallSet::Iterator& lhs, |
| 90 const SyscallSet::Iterator& rhs); | 99 const SyscallSet::Iterator& rhs); |
| 91 SANDBOX_EXPORT bool operator!=(const SyscallSet::Iterator& lhs, | 100 SANDBOX_EXPORT bool operator!=(const SyscallSet::Iterator& lhs, |
| 92 const SyscallSet::Iterator& rhs); | 101 const SyscallSet::Iterator& rhs); |
| 93 | 102 |
| 94 } // namespace sandbox | 103 } // namespace sandbox |
| 95 | 104 |
| 96 #endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ | 105 #endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 657893006:
SyscallSet: add ValidOnly (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master