Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(83)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf/die.h

Issue 11363212: Added support for greylisting of system calls. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Now with more meat Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« sandbox/linux/seccomp-bpf/codegen.cc ('K') | « sandbox/linux/seccomp-bpf/codegen.cc ('k') | sandbox/linux/seccomp-bpf/die.cc » ('j') | sandbox/linux/seccomp-bpf/sandbox_bpf.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_DIE_H__ 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_DIE_H__
6 #define SANDBOX_LINUX_SECCOMP_BPF_DIE_H__ 6 #define SANDBOX_LINUX_SECCOMP_BPF_DIE_H__
7 7
8 namespace playground2 { 8 namespace playground2 {
9 9
10 class Die { 10 class Die {
11 public: 11 public:
12 // This is the main API for using this file. Prints a error message and 12 // This is the main API for using this file. Prints a error message and
13 // exits with a fatal error. 13 // exits with a fatal error.
14 #define SANDBOX_DIE(m) Die::SandboxDie(m, __FILE__, __LINE__) 14 #define SANDBOX_DIE(m) Die::SandboxDie(m, __FILE__, __LINE__)
15 15
16 // Adds an informational message to the log file or stderr as appropriate.
17 #define SANDBOX_INFO(m) Die::SandboxInfo(m, __FILE__, __LINE__)
18
16 // Terminate the program, even if the current sandbox policy prevents some 19 // Terminate the program, even if the current sandbox policy prevents some
17 // of the more commonly used functions used for exiting. 20 // of the more commonly used functions used for exiting.
18 // Most users would want to call SANDBOX_DIE() instead, as it logs extra 21 // Most users would want to call SANDBOX_DIE() instead, as it logs extra
19 // information. But calling ExitGroup() is correct and in some rare cases 22 // information. But calling ExitGroup() is correct and in some rare cases
20 // preferable. So, we make it part of the public API. 23 // preferable. So, we make it part of the public API.
21 static void ExitGroup() __attribute__((noreturn)); 24 static void ExitGroup() __attribute__((noreturn));
22 25
23 // This method gets called by SANDBOX_DIE(). There is normally no reason 26 // This method gets called by SANDBOX_DIE(). There is normally no reason
24 // to call it directly unless you are defining your own exiting macro. 27 // to call it directly unless you are defining your own exiting macro.
25 static void SandboxDie(const char *msg, const char *file, int line) 28 static void SandboxDie(const char *msg, const char *file, int line)
26 __attribute__((noreturn)); 29 __attribute__((noreturn));
27 30
31 // This method gets called by SANDBOX_INFO(). There is normally no reason
32 // to call it directly unless you are defining your own logging macro.
33 static void SandboxInfo(const char *msg, const char *file, int line);
34
28 // Writes a message to stderr. Used as a fall-back choice, if we don't have 35 // Writes a message to stderr. Used as a fall-back choice, if we don't have
29 // any other way to report an error. 36 // any other way to report an error.
30 static void LogToStderr(const char *msg, const char *file, int line); 37 static void LogToStderr(const char *msg, const char *file, int line);
31 38
32 // We generally want to run all exit handlers. This means, on SANDBOX_DIE() 39 // We generally want to run all exit handlers. This means, on SANDBOX_DIE()
33 // we should be calling LOG(FATAL). But there are some situations where 40 // we should be calling LOG(FATAL). But there are some situations where
34 // we just need to print a message and then terminate. This would typically 41 // we just need to print a message and then terminate. This would typically
35 // happen in cases where we consume the error message internally (e.g. in 42 // happen in cases where we consume the error message internally (e.g. in
36 // unit tests or in the supportsSeccompSandbox() method). 43 // unit tests or in the supportsSeccompSandbox() method).
37 static void EnableSimpleExit() { simple_exit_ = true; } 44 static void EnableSimpleExit() { simple_exit_ = true; }
38 45
46 // Sometimes we need to disable all informational messages (e.g. from within
47 // unittests).
48 static void SuppressInfoMessages(bool flag) { suppress_info_ = flag; }
49
39 private: 50 private:
40 static bool simple_exit_; 51 static bool simple_exit_;
52 static bool suppress_info_;
41 53
42 DISALLOW_IMPLICIT_CONSTRUCTORS(Die); 54 DISALLOW_IMPLICIT_CONSTRUCTORS(Die);
43 }; 55 };
44 56
45 } // namespace 57 } // namespace
46 58
47 #endif // SANDBOX_LINUX_SECCOMP_BPF_DIE_H__ 59 #endif // SANDBOX_LINUX_SECCOMP_BPF_DIE_H__
OLDNEW
« sandbox/linux/seccomp-bpf/codegen.cc ('K') | « sandbox/linux/seccomp-bpf/codegen.cc ('k') | sandbox/linux/seccomp-bpf/die.cc » ('j') | sandbox/linux/seccomp-bpf/sandbox_bpf.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698