sandbox/linux/seccomp-bpf/errorcode.h - Issue 530133003: bpf_dsl: support arbitrary (arg & mask) == val expressions

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/seccomp-bpf/errorcode.h

Issue 530133003: bpf_dsl: support arbitrary (arg & mask) == val expressions (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Reorder function definitions slightly Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/linux/seccomp-bpf/errorcode.h

diff --git a/sandbox/linux/seccomp-bpf/errorcode.h b/sandbox/linux/seccomp-bpf/errorcode.h

index 2cc001c9cb52f2e1d37adc11faf94a6c5bd92b9a..a70be89580d332f7c183258f40d4095403c25f0d 100644

--- a/sandbox/linux/seccomp-bpf/errorcode.h

+++ b/sandbox/linux/seccomp-bpf/errorcode.h

@@ -87,19 +87,11 @@ class SANDBOX_EXPORT ErrorCode {

TP_64BIT,

};

+ // Deprecated.

enum Operation {

// Test whether the system call argument is equal to the operand.

OP_EQUAL,

- // Test whether the system call argument is greater (or equal) to the

- // operand. Please note that all tests always operate on unsigned

- // values. You can generally emulate signed tests, if that's what you

- // need.

- // TODO(markus): Check whether we should automatically emulate signed

- // operations.

- OP_GREATER_UNSIGNED,

- OP_GREATER_EQUAL_UNSIGNED,

// Tests a system call argument against a bit mask.

// The "ALL_BITS" variant performs this test: "arg & mask == mask"

// This implies that a mask of zero always results in a passing test.

@@ -107,9 +99,6 @@ class SANDBOX_EXPORT ErrorCode {

// This implies that a mask of zero always results in a failing test.

OP_HAS_ALL_BITS,

OP_HAS_ANY_BITS,

- // Total number of operations.

- OP_NUM_OPS,

};

enum ErrorType {

@@ -145,10 +134,10 @@ class SANDBOX_EXPORT ErrorCode {

bool safe() const { return safe_; }

+ uint64_t mask() const { return mask_; }

uint64_t value() const { return value_; }

int argno() const { return argno_; }

ArgType width() const { return width_; }

- Operation op() const { return op_; }

const ErrorCode* passed() const { return passed_; }

const ErrorCode* failed() const { return failed_; }

@@ -172,7 +161,7 @@ class SANDBOX_EXPORT ErrorCode {

// allows us to specify additional constraints.

ErrorCode(int argno,

ArgType width,

- Operation op,

+ uint64_t mask,

uint64_t value,

const ErrorCode* passed,

const ErrorCode* failed);

@@ -189,10 +178,10 @@ class SANDBOX_EXPORT ErrorCode {

// Fields needed when inspecting additional arguments.

struct {

+ uint64_t mask_; // Mask that we are comparing under.

uint64_t value_; // Value that we are comparing with.

int argno_; // Syscall arg number that we are inspecting.

ArgType width_; // Whether we are looking at a 32/64bit value.

- Operation op_; // Comparison operation.

const ErrorCode* passed_; // Value to be returned if comparison passed,

const ErrorCode* failed_; // or if it failed.

};

« no previous file with comments | « sandbox/linux/bpf_dsl/bpf_dsl_unittest.cc ('k') | sandbox/linux/seccomp-bpf/errorcode.cc » ('j') | sandbox/linux/seccomp-bpf/sandbox_bpf.cc » ('J')