Add a platform-specific syscall number iterator.

sandbox/linux/seccomp-bpf/syscall_iterator.h

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
+#define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
+
+#include <stdint.h>
+
+#include <base/logging.h>
+
+namespace playground2 {
+
+// Iterates over the entire system call range from 0..0xFFFFFFFFu. This
+// iterator is aware of how system calls look like and will skip quickly
+// over ranges that can't contain system calls. It iterates more slowly
+// whenever it reaches a range that is potentially problematic, returning
+// the last invalid value before a valid range of system calls, and the
+// first invalid value after a valid range of syscalls. It iterates over
+// individual values whenever it is in the normal range for system calls
+// (typically MIN_SYSCALL..MAX_SYSCALL).
+// If |invalid_only| is true, this iterator will only return invalid
+// syscall numbers, but will still skip quickly over invalid ranges,
+// returning the first invalid value in the range and then skipping
+// to the last invalid value in the range.
+//
+// Example usage:
+//   for (SyscallIterator iter(false); !iter.Done(); ) {
+//     uint32_t sysnum = iter.Next();
+//     // Do something with sysnum.
+//   }
+//
+// TODO(markus): Make this a classic C++ iterator.
+class SyscallIterator {
+ public:
+  explicit SyscallIterator(bool invalid_only)
+      : invalid_only_(invalid_only),

[jln (very slow on Chromium), 2012/10/13 17:44:55]

Yeah the indent is right, for some reason the review tool was showing me 6
indents before for this line (but strangely not the others).

[Jorge Lucangeli Obes, 2012/10/15 17:25:36]

Done.

+        done_(false),
+        num_(MIN_SYSCALL) {}

[jln (very slow on Chromium), 2012/10/13 17:44:55]

I'm sorry I'm being picky about the details, but this should really be 0 here.

The interface states that we'll start at 0. The fact that 0 is also MIN_SYSCALL
is also a convenient detail that we take advantage off in the implementation.

[Jorge Lucangeli Obes, 2012/10/15 17:25:36]

Done. It's clear now what you meant.

+
+  bool Done() const { return done_; }
+  uint32_t Next();
+  static bool IsValid(uint32_t num);
+
+ private:
+  static bool IsArmPrivate(uint32_t num);
+
+  bool     invalid_only_;
+  bool     done_;
+  uint32_t num_;
+
+  DISALLOW_COPY_AND_ASSIGN(SyscallIterator);
+};
+
+}  // namespace playground2
+
+#endif  // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
+