sandbox/linux/seccomp-bpf/syscall.h - Issue 101773003: Linux sandbox: cleanup sandbox-bpf naming.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: sandbox/linux/seccomp-bpf/syscall.h

Issue 101773003: Linux sandbox: cleanup sandbox-bpf naming. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Address nits. Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_H__	5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_H__

6 #define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_H__	6 #define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_H__

7	7

8 #include <stdint.h>	8 #include <stdint.h>

9	9

10 namespace playground2 {	10 namespace sandbox {

11	11

12 // We have to make sure that we have a single "magic" return address for	12 // We have to make sure that we have a single "magic" return address for

13 // our system calls, which we can check from within a BPF filter. This	13 // our system calls, which we can check from within a BPF filter. This

14 // works by writing a little bit of asm() code that a) enters the kernel, and	14 // works by writing a little bit of asm() code that a) enters the kernel, and

15 // that also b) can be invoked in a way that computes this return address.	15 // that also b) can be invoked in a way that computes this return address.

16 // Passing "nr" as "-1" computes the "magic" return address. Passing any	16 // Passing "nr" as "-1" computes the "magic" return address. Passing any

17 // other value invokes the appropriate system call.	17 // other value invokes the appropriate system call.

18 intptr_t SandboxSyscall(int nr,	18 intptr_t SandboxSyscall(int nr,

19 intptr_t p0,	19 intptr_t p0,

20 intptr_t p1,	20 intptr_t p1,

(...skipping 105 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
126 return SandboxSyscall(nr, p0, 0, 0, 0, 0, 0);	126 return SandboxSyscall(nr, p0, 0, 0, 0, 0, 0);

127 }	127 }

128	128

129 inline intptr_t SandboxSyscall(int nr) __attribute__((always_inline));	129 inline intptr_t SandboxSyscall(int nr) __attribute__((always_inline));

130 inline intptr_t SandboxSyscall(int nr) {	130 inline intptr_t SandboxSyscall(int nr) {

131 return SandboxSyscall(nr, 0, 0, 0, 0, 0, 0);	131 return SandboxSyscall(nr, 0, 0, 0, 0, 0, 0);

132 }	132 }

133	133

134 #endif // Pre-C++11	134 #endif // Pre-C++11

135	135

136 } // namespace	136 } // namespace
	Robert Sesek 2013/12/10 21:15:26 "namespace sandbox" "namespace sandbox" jln (very slow on Chromium) 2013/12/10 21:36:38 Done. Show quoted text On 2013/12/10 21:15:26, rsesek wrote: > "namespace sandbox" Done.
137	137

138 #endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_H__	138 #endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_H__

OLD	NEW