Linux sandbox: cleanup sandbox-bpf naming.

sandbox/linux/seccomp-bpf/sandbox_bpf.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__
 #define SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__
 
 #include <stddef.h>
 #include <sys/types.h>
 #include <sys/wait.h>
 
 #include <algorithm>
 #include <limits>
 #include <map>
 #include <set>
 #include <utility>
 #include <vector>
 
 #include "base/memory/scoped_ptr.h"
 #include "sandbox/linux/seccomp-bpf/die.h"
 #include "sandbox/linux/seccomp-bpf/errorcode.h"
 #include "sandbox/linux/seccomp-bpf/linux_seccomp.h"
 
-namespace playground2 {
+namespace sandbox {
 
 struct arch_seccomp_data {
   int nr;
   uint32_t arch;
   uint64_t instruction_pointer;
   uint64_t args[6];
 };
 
 struct arch_sigsys {
   void* ip;
   int nr;
   unsigned int arch;
 };
 
 class CodeGen;
+class SandboxBPFPolicy;
 class SandboxUnittestHelper;
-class SandboxBpfPolicy;
 struct Instruction;
 
-class Sandbox {
+class SandboxBPF {
  public:
   enum SandboxStatus {
     STATUS_UNKNOWN,      // Status prior to calling supportsSeccompSandbox()
     STATUS_UNSUPPORTED,  // The kernel does not appear to support sandboxing
     STATUS_UNAVAILABLE,  // Currently unavailable but might work again later
     STATUS_AVAILABLE,    // Sandboxing is available but not currently active
     STATUS_ENABLED       // The sandbox is now active
   };
 
   // When calling setSandboxPolicy(), the caller can provide an arbitrary
   // pointer in |aux|. This pointer will then be forwarded to the sandbox
   // policy each time a call is made through an EvaluateSyscall function
   // pointer.  One common use case would be to pass the "aux" pointer as an
   // argument to Trap() functions.
-  typedef ErrorCode (*EvaluateSyscall)(Sandbox* sandbox_compiler,
+  typedef ErrorCode (*EvaluateSyscall)(SandboxBPF* sandbox_compiler,
                                        int system_call_number,
                                        void* aux);
   typedef std::vector<std::pair<EvaluateSyscall, void*> > Evaluators;
   // A vector of BPF instructions that need to be installed as a filter
   // program in the kernel.
   typedef std::vector<struct sock_filter> Program;
 
   // Constructors and destructors.
   // NOTE: Setting a policy and starting the sandbox is a one-way operation.
   //       The kernel does not provide any option for unloading a loaded
   //       sandbox. Strictly speaking, that means we should disallow calling
   //       the destructor, if StartSandbox() has ever been called. In practice,
   //       this makes it needlessly complicated to operate on "Sandbox"
   //       objects. So, we instead opted to allow object destruction. But it
   //       should be noted that during its lifetime, the object probably made
   //       irreversible state changes to the runtime environment. These changes
   //       stay in effect even after the destructor has been run.
-  Sandbox();
-  ~Sandbox();
+  SandboxBPF();
+  ~SandboxBPF();
 
   // Checks whether a particular system call number is valid on the current
   // architecture. E.g. on ARM there's a non-contiguous range of private
   // system calls.
   static bool IsValidSyscallNumber(int sysnum);
 
   // There are a lot of reasons why the Seccomp sandbox might not be available.
   // This could be because the kernel does not support Seccomp mode, or it
   // could be because another sandbox is already active.
   // "proc_fd" should be a file descriptor for "/proc", or -1 if not
@@ skipping 16 matching lines @@
   // evaluator. There are different possible uses for this data, but one of the
   // use cases would be for the policy to then forward this pointer to a Trap()
   // handler. In this case, of course, the data that is pointed to must remain
   // valid for the entire time that Trap() handlers can be called; typically,
   // this would be the lifetime of the program.
   // DEPRECATED: use the policy interface below.
   void SetSandboxPolicyDeprecated(EvaluateSyscall syscallEvaluator, void* aux);
 
   // Set the BPF policy as |policy|. Ownership of |policy| is transfered here
   // to the sandbox object.
-  void SetSandboxPolicy(SandboxBpfPolicy* policy);
+  void SetSandboxPolicy(SandboxBPFPolicy* policy);
 
   // We can use ErrorCode to request calling of a trap handler. This method
   // performs the required wrapping of the callback function into an
   // ErrorCode object.
   // The "aux" field can carry a pointer to arbitrary data. See EvaluateSyscall
   // for a description of how to pass data from SetSandboxPolicy() to a Trap()
   // handler.
   ErrorCode Trap(Trap::TrapFnc fnc, const void* aux);
 
   // Calls a user-space trap handler and disables all sandboxing for system
@@ skipping 91 matching lines @@
                            EvaluateSyscall syscall_evaluator,
                            void* aux);
 
   // Performs a couple of sanity checks to verify that the kernel supports the
   // features that we need for successful sandboxing.
   // The caller has to make sure that "this" has not yet been initialized with
   // any other policies.
   bool KernelSupportSeccompBPF();
 
   // Verify that the current policy passes some basic sanity checks.
-  void PolicySanityChecks(SandboxBpfPolicy* policy);
+  void PolicySanityChecks(SandboxBPFPolicy* policy);
 
   // Assembles and installs a filter based on the policy that has previously
   // been configured with SetSandboxPolicy().
   void InstallFilter();
 
   // Verify the correctness of a compiled program by comparing it against the
   // current policy. This function should only ever be called by unit tests and
   // by the sandbox internals. It should not be used by production code.
   void VerifyProgram(const Program& program, bool has_unsafe_traps);
 
@@ skipping 19 matching lines @@
   // Returns a BPF program that evaluates the conditional expression in
   // "cond" and returns the appropriate value from the BPF filter program.
   // This function recursively calls RetExpression(); it should only ever be
   // called from RetExpression().
   Instruction* CondExpression(CodeGen* gen, const ErrorCode& cond);
 
   static SandboxStatus status_;
 
   bool quiet_;
   int proc_fd_;
-  scoped_ptr<const SandboxBpfPolicy> policy_;
+  scoped_ptr<const SandboxBPFPolicy> policy_;
   Conds* conds_;
   bool sandbox_has_started_;
 
-  DISALLOW_COPY_AND_ASSIGN(Sandbox);
+  DISALLOW_COPY_AND_ASSIGN(SandboxBPF);
 };
 
-}  // namespace
+}  // namespace sandbox
 
 #endif  // SANDBOX_LINUX_SECCOMP_BPF_SANDBOX_BPF_H__