Simplified unit testing of sandboxing code.

sandbox/linux/seccomp-bpf/die.h

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef SANDBOX_LINUX_SECCOMP_BPF_DIE_H__
+#define SANDBOX_LINUX_SECCOMP_BPF_DIE_H__
+
+#include <vector>

[jln (very slow on Chromium), 2012/08/24 00:49:06]

I think this include can go.

+

[jln (very slow on Chromium), 2012/08/23 22:53:09]

Nit: remove the extra line.

+
+namespace playground2 {
+
+class Die {
+ public:
+  // We use macros so that the pre-processor can insert appropriate file names
+  // and line numbers, when outputting error messages.
+  #if defined(SECCOMP_BPF_STANDALONE)
+  #define SECCOMP_BPF_FAIL_MACRO(m)                                           \
+    do {                                                                      \
+      Die::LogToStderr(m, __FILE__, __LINE__);                                \
+    } while (false)
+  #else
+  #define SECCOMP_BPF_FAIL_MACRO(m) LOG(FATAL) << (m)
+  #endif
+
+  // This is the main API for using this file. Prints a error message and
+  // exits with a fatal error.
+  #define SANDBOX_DIE(m)                                                      \
+    do {                                                                      \
+      const char *msg = (m);                                                  \
+      if (Die::simple_exit()) {                                               \
+        Die::LogToStderr(msg, __FILE__, __LINE__);                            \
+      } else {                                                                \
+        SECCOMP_BPF_FAIL_MACRO(msg);                                          \
+      }                                                                       \
+      Die::ExitGroup();                                                       \
+    } while (false)

[jln (very slow on Chromium), 2012/08/23 22:53:09]

Could you:
1. Inline the above macros.
2. Make this a SandboxDie(const string&, const string&, const string&) function.
3. Reduce the macro to a call to Die::SandboxDie(m, __FILE__, __LINE__)
4. Get rid of simple_exit() accessor because now you can read it directly from
the member function.

+
+  // Terminate the program, even if the current sandbox policy prevents some
+  // of the more commonly used functions used for exiting.
+  static void ExitGroup() __attribute__((noreturn));
+
+  // Writes a message to stderr. Used as a fall-back choice, if we don't have
+  // any other way to report an error.
+  static void LogToStderr(const char *msg, const char *file, int line);
+
+  // We generally want to run all exit handler. This means, on SANDBOX_DIE()
+  // we should be calling LOG(FATAL). But there are some situations where
+  // we just need to print a message and then terminate. This would typically
+  // happen in cases where we consume the error message internally (e.g. in
+  // unit tests or in the supportsSeccompSandbox() method).
+  static void enableSimpleExit() { simple_exit_ = true; }

[jln (very slow on Chromium), 2012/08/23 22:53:09]

Nit: EnableSimpleExit(), capital E.

+  static bool simple_exit() { return simple_exit_; }
+
+ private:
+  static bool simple_exit_;
+
+  DISALLOW_IMPLICIT_CONSTRUCTORS(Die);
+};
+
+}  // namespace
+
+#endif  // SANDBOX_LINUX_SECCOMP_BPF_DIE_H__