SECCOMP-BPF: Refactor the BPF sandbox API to use fewer "static" fields and methods.

sandbox/linux/seccomp-bpf/errorcode.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__
 #define SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__
 
+#include "sandbox/linux/seccomp-bpf/linux_seccomp.h"
 #include "sandbox/linux/seccomp-bpf/trap.h"
 
 namespace playground2 {
 
 struct arch_seccomp_data;
 
 // This class holds all the possible values that can be returned by a sandbox
 // policy.
 // We can either wrap a symbolic ErrorCode (i.e. ERR_XXX enum values), an
 // errno value (in the range 0..4095), a pointer to a TrapFnc callback
@@ skipping 70 matching lines @@
     // The "ALL_BITS" variant performs this test: "arg & mask == mask"
     // This implies that a mask of zero always results in a passing test.
     // The "ANY_BITS" variant performs this test: "arg & mask != 0"
     // This implies that a mask of zero always results in a failing test.
     OP_HAS_ALL_BITS, OP_HAS_ANY_BITS,
 
     // Total number of operations.
     OP_NUM_OPS,
   };
 
+  enum ErrorType {
+    ET_INVALID, ET_SIMPLE, ET_TRAP, ET_COND,
+  };
+
   // We allow the default constructor, as it makes the ErrorCode class
   // much easier to use. But if we ever encounter an invalid ErrorCode
   // when compiling a BPF filter, we deliberately generate an invalid
   // program that will get flagged both by our Verifier class and by
   // the Linux kernel.
   ErrorCode() :
       error_type_(ET_INVALID),
       err_(SECCOMP_RET_INVALID) {
   }
   explicit ErrorCode(int err);
 
   // For all practical purposes, ErrorCodes are treated as if they were
   // structs. The copy constructor and assignment operator are trivial and
   // we do not need to explicitly specify them.
   // Most notably, it is in fact perfectly OK to directly copy the passed_ and
   // failed_ field. They only ever get set by our private constructor, and the
   // callers handle life-cycle management for these objects.
 
   // Destructor
   ~ErrorCode() { }
 
   bool Equals(const ErrorCode& err) const;
   bool LessThan(const ErrorCode& err) const;
 
   uint32_t err() const { return err_; }
+  ErrorType error_type() const { return error_type_; }
+
+  bool safe() const { return safe_; }
+
+  uint64_t value() const { return value_; }
+  int argno() const { return argno_; }
+  ArgType width() const { return width_; }
+  Operation op() const { return op_; }
+  const ErrorCode *passed() const { return passed_; }
+  const ErrorCode *failed() const { return failed_; }
 
   struct LessThan {
     bool operator()(const ErrorCode& a, const ErrorCode& b) const {
       return a.LessThan(b);
     }
   };
 
  private:
   friend class CodeGen;
   friend class Sandbox;
   friend class Trap;
-  friend class Verifier;
-
-  enum ErrorType {
-    ET_INVALID, ET_SIMPLE, ET_TRAP, ET_COND,
-  };
 
   // If we are wrapping a callback, we must assign a unique id. This id is
   // how the kernel tells us which one of our different SECCOMP_RET_TRAP
   // cases has been triggered.
   ErrorCode(Trap::TrapFnc fnc, const void *aux, bool safe, uint16_t id);
 
   // Some system calls require inspection of arguments. This constructor
   // allows us to specify additional constraints.
   ErrorCode(int argno, ArgType width, Operation op, uint64_t value,
             const ErrorCode *passed, const ErrorCode *failed);
@@ skipping 22 matching lines @@
   // 32bit field used for all possible types of ErrorCode values. This is
   // the value that uniquely identifies any ErrorCode and it (typically) can
   // be emitted directly into a BPF filter program.
   uint32_t err_;
 
 };
 
 }  // namespace
 
 #endif  // SANDBOX_LINUX_SECCOMP_BPF_ERRORCODE_H__