sandbox/linux/seccomp-bpf/bpf_tests.h - Issue 11411254: SECCOMP-BPF: Added supported for inspection system call arguments from BPF filters.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/seccomp-bpf/bpf_tests.h

Issue 11411254: SECCOMP-BPF: Added supported for inspection system call arguments from BPF filters. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Changelist is ready for initial review; still needs a few TODO()s to be resolved, though. Created 8 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/linux/seccomp-bpf/bpf_tests.h

diff --git a/sandbox/linux/seccomp-bpf/bpf_tests.h b/sandbox/linux/seccomp-bpf/bpf_tests.h

index 8da25f99a5f8b9f0617b51d9f7043d803465b02d..1a0645109bf4ed0f76a80b6722b57c83487e897c 100644

--- a/sandbox/linux/seccomp-bpf/bpf_tests.h

+++ b/sandbox/linux/seccomp-bpf/bpf_tests.h

@@ -64,24 +64,24 @@ class BpfTests : public UnitTests {

static void TestWrapper(void *void_arg) {

TestArgs *arg = reinterpret_cast<TestArgs *>(void_arg);

playground2::Die::EnableSimpleExit();

- if (playground2::Sandbox::supportsSeccompSandbox(-1) ==

+ if (playground2::Sandbox::SupportsSeccompSandbox(-1) ==

playground2::Sandbox::STATUS_AVAILABLE) {

// Ensure the the sandbox is actually available at this time

int proc_fd;

BPF_ASSERT((proc_fd = open("/proc", O_RDONLY|O_DIRECTORY)) >= 0);

- BPF_ASSERT(playground2::Sandbox::supportsSeccompSandbox(proc_fd) ==

+ BPF_ASSERT(playground2::Sandbox::SupportsSeccompSandbox(proc_fd) ==

playground2::Sandbox::STATUS_AVAILABLE);

// Initialize and then start the sandbox with our custom policy

- playground2::Sandbox::setProcFd(proc_fd);

- playground2::Sandbox::setSandboxPolicy(arg->policy(), &arg->aux_);

- playground2::Sandbox::startSandbox();

+ playground2::Sandbox::SetProcFd(proc_fd);

+ playground2::Sandbox::SetSandboxPolicy(arg->policy(), &arg->aux_);

+ playground2::Sandbox::StartSandbox();

arg->test()(arg->aux_);

} else {

// TODO(markus): (crbug.com/141545) Call the compiler and verify the

// policy. That's the least we can do, if we don't have kernel support.

- playground2::Sandbox::setSandboxPolicy(arg->policy(), NULL);

+ playground2::Sandbox::SetSandboxPolicy(arg->policy(), NULL);

}

« sandbox/linux/sandbox_linux.gypi ('K') | « sandbox/linux/sandbox_linux.gypi ('k') | sandbox/linux/seccomp-bpf/demo.cc » ('j') | sandbox/linux/seccomp-bpf/sandbox_bpf.h » ('J')