sandbox/linux/seccomp-bpf/verifier.h - Issue 12223109: SECCOMP-BPF: Refactor the BPF sandbox API to use fewer "static" fields and methods.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/seccomp-bpf/verifier.h

Issue 12223109: SECCOMP-BPF: Refactor the BPF sandbox API to use fewer "static" fields and methods. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase (now, that the bitmask change has landed in the tree) Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/linux/seccomp-bpf/verifier.h

diff --git a/sandbox/linux/seccomp-bpf/verifier.h b/sandbox/linux/seccomp-bpf/verifier.h

index 8fcb9f22075495236db8e15480344c5012c43299..3e99a0818b9043e3634ae1ad8fdb9936f91c476d 100644

--- a/sandbox/linux/seccomp-bpf/verifier.h

+++ b/sandbox/linux/seccomp-bpf/verifier.h

@@ -10,8 +10,6 @@

#include <utility>

#include <vector>

-#include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"

namespace playground2 {

@@ -24,7 +22,8 @@ class Verifier {

// set by the "evaluators".

// Upon success, "err" is set to NULL. Upon failure, it contains a static

// error message that does not need to be free()'d.

- static bool VerifyBPF(const std::vector<struct sock_filter>& program,

+ static bool VerifyBPF(Sandbox *sandbox,

+ const std::vector<struct sock_filter>& program,

const Sandbox::Evaluators& evaluators,

const char **err);

@@ -41,40 +40,6 @@ class Verifier {

const char **err);

private:

- struct State {

- State(const std::vector<struct sock_filter>& p,

- const struct arch_seccomp_data& d) :

- program(p),

- data(d),

- ip(0),

- accumulator(0),

- acc_is_valid(false) {

- }

- const std::vector<struct sock_filter>& program;

- const struct arch_seccomp_data& data;

- unsigned int ip;

- uint32_t accumulator;

- bool acc_is_valid;

- private:

- DISALLOW_IMPLICIT_CONSTRUCTORS(State);

- };

- static uint32_t EvaluateErrorCode(const ErrorCode& code,

- const struct arch_seccomp_data& data);

- static bool VerifyErrorCode(const std::vector<struct sock_filter>& prg,

- struct arch_seccomp_data *data,

- const ErrorCode& root_code,

- const ErrorCode& code, const char **err);

- static void Ld (State *state, const struct sock_filter& insn,

- const char **err);

- static void Jmp(State *state, const struct sock_filter& insn,

- const char **err);

- static uint32_t Ret(State *state, const struct sock_filter& insn,

- const char **err);

- static void Alu(State *state, const struct sock_filter& insn,

- const char **err);

DISALLOW_IMPLICIT_CONSTRUCTORS(Verifier);

};

« sandbox/linux/seccomp-bpf/sandbox_bpf.cc ('K') | « sandbox/linux/seccomp-bpf/util.cc ('k') | sandbox/linux/seccomp-bpf/verifier.cc » ('j') | sandbox/linux/seccomp-bpf/verifier.cc » ('J')