Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(119)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf/codegen.h

Issue 11419121: SECCOMP-BPF: Added support for greylisting of system calls. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Simplified sandbox policy in unittest Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp-bpf/Makefile ('k') | sandbox/linux/seccomp-bpf/codegen.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_CODEGEN_H__ 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_CODEGEN_H__
6 #define SANDBOX_LINUX_SECCOMP_BPF_CODEGEN_H__ 6 #define SANDBOX_LINUX_SECCOMP_BPF_CODEGEN_H__
7 7
8 #include <map> 8 #include <map>
9 #include <set> 9 #include <set>
10 #include <vector> 10 #include <vector>
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 Instruction *next = NULL); 70 Instruction *next = NULL);
71 Instruction *MakeInstruction(uint16_t code, const ErrorCode& err); 71 Instruction *MakeInstruction(uint16_t code, const ErrorCode& err);
72 Instruction *MakeInstruction(uint16_t code, uint32_t k, 72 Instruction *MakeInstruction(uint16_t code, uint32_t k,
73 Instruction *jt, Instruction *jf); 73 Instruction *jt, Instruction *jf);
74 74
75 // Join two (sequences of) instructions. This is useful, if the "next" 75 // Join two (sequences of) instructions. This is useful, if the "next"
76 // parameter had not originally been given in the call to MakeInstruction(), 76 // parameter had not originally been given in the call to MakeInstruction(),
77 // or if a (conditional) jump still has an unsatisfied target. 77 // or if a (conditional) jump still has an unsatisfied target.
78 void JoinInstructions(Instruction *head, Instruction *tail); 78 void JoinInstructions(Instruction *head, Instruction *tail);
79 79
80 // Traverse the graph of instructions and visit each instruction once.
81 // Traversal order is implementation-defined. It is acceptable to make
82 // changes to the graph from within the callback function. These changes
83 // do not affect traversal.
84 // The "fnc" function gets called with both the instruction and the opaque
85 // "aux" pointer.
86 void Traverse(Instruction *, void (*fnc)(Instruction *, void *aux),
87 void *aux);
88
80 // Compiles the graph of instructions into a BPF program that can be passed 89 // Compiles the graph of instructions into a BPF program that can be passed
81 // to the kernel. Please note that this function modifies the graph in place 90 // to the kernel. Please note that this function modifies the graph in place
82 // and must therefore only be called once per graph. 91 // and must therefore only be called once per graph.
83 void Compile(Instruction *instructions, Sandbox::Program *program); 92 void Compile(Instruction *instructions, Sandbox::Program *program);
84 93
85 private: 94 private:
86 friend class CodeGenUnittestHelper; 95 friend class CodeGenUnittestHelper;
87 96
88 // Find all the instructions that are the target of BPF_JMPs. 97 // Find all the instructions that are the target of BPF_JMPs.
89 void FindBranchTargets(const Instruction& instructions, 98 void FindBranchTargets(const Instruction& instructions,
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
138 BasicBlocks basic_blocks_; 147 BasicBlocks basic_blocks_;
139 148
140 // Compile() must only ever be called once as it makes destructive changes 149 // Compile() must only ever be called once as it makes destructive changes
141 // to the DAG. 150 // to the DAG.
142 bool compiled_; 151 bool compiled_;
143 }; 152 };
144 153
145 } // namespace 154 } // namespace
146 155
147 #endif // SANDBOX_LINUX_SECCOMP_BPF_CODEGEN_H__ 156 #endif // SANDBOX_LINUX_SECCOMP_BPF_CODEGEN_H__
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp-bpf/Makefile ('k') | sandbox/linux/seccomp-bpf/codegen.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698