1 files changed, 28 insertions, 23 deletions

diff --git a/sandbox/linux/seccomp-bpf/errorcode.h b/sandbox/linux/seccomp-bpf/errorcode.h
index 61ec110..182fadb 100644
--- a/sandbox/linux/seccomp-bpf/errorcode.h
+++ b/sandbox/linux/seccomp-bpf/errorcode.h
@@ -27,7 +27,7 @@ class ErrorCode {
     // completely arbitrary. But we want to pick it so that is is unlikely
     // to be passed in accidentally, when the user intended to return an
     // "errno" (see below) value instead.
-    ERR_ALLOWED   = 0x04000000,
+    ERR_ALLOWED = 0x04000000,
 
     // Deny the system call with a particular "errno" value.
     // N.B.: It is also possible to return "0" here. That would normally
@@ -85,21 +85,26 @@ class ErrorCode {
     // need.
     // TODO(markus): Check whether we should automatically emulate signed
     //               operations.
-    OP_GREATER_UNSIGNED, OP_GREATER_EQUAL_UNSIGNED,
+    OP_GREATER_UNSIGNED,
+    OP_GREATER_EQUAL_UNSIGNED,
 
     // Tests a system call argument against a bit mask.
     // The "ALL_BITS" variant performs this test: "arg & mask == mask"
     // This implies that a mask of zero always results in a passing test.
     // The "ANY_BITS" variant performs this test: "arg & mask != 0"
     // This implies that a mask of zero always results in a failing test.
-    OP_HAS_ALL_BITS, OP_HAS_ANY_BITS,
+    OP_HAS_ALL_BITS,
+    OP_HAS_ANY_BITS,
 
     // Total number of operations.
     OP_NUM_OPS,
   };
 
   enum ErrorType {
-    ET_INVALID, ET_SIMPLE, ET_TRAP, ET_COND,
+    ET_INVALID,
+    ET_SIMPLE,
+    ET_TRAP,
+    ET_COND,
   };
 
   // We allow the default constructor, as it makes the ErrorCode class
@@ -107,10 +112,7 @@ class ErrorCode {
   // when compiling a BPF filter, we deliberately generate an invalid
   // program that will get flagged both by our Verifier class and by
   // the Linux kernel.
-  ErrorCode() :
-      error_type_(ET_INVALID),
-      err_(SECCOMP_RET_INVALID) {
-  }
+  ErrorCode() : error_type_(ET_INVALID), err_(SECCOMP_RET_INVALID) {}
   explicit ErrorCode(int err);
 
   // For all practical purposes, ErrorCodes are treated as if they were
@@ -121,7 +123,7 @@ class ErrorCode {
   // callers handle life-cycle management for these objects.
 
   // Destructor
-  ~ErrorCode() { }
+  ~ErrorCode() {}
 
   bool Equals(const ErrorCode& err) const;
   bool LessThan(const ErrorCode& err) const;
@@ -135,8 +137,8 @@ class ErrorCode {
   int argno() const { return argno_; }
   ArgType width() const { return width_; }
   Operation op() const { return op_; }
-  const ErrorCode *passed() const { return passed_; }
-  const ErrorCode *failed() const { return failed_; }
+  const ErrorCode* passed() const { return passed_; }
+  const ErrorCode* failed() const { return failed_; }
 
   struct LessThan {
     bool operator()(const ErrorCode& a, const ErrorCode& b) const {
@@ -152,31 +154,35 @@ class ErrorCode {
   // If we are wrapping a callback, we must assign a unique id. This id is
   // how the kernel tells us which one of our different SECCOMP_RET_TRAP
   // cases has been triggered.
-  ErrorCode(Trap::TrapFnc fnc, const void *aux, bool safe, uint16_t id);
+  ErrorCode(Trap::TrapFnc fnc, const void* aux, bool safe, uint16_t id);
 
   // Some system calls require inspection of arguments. This constructor
   // allows us to specify additional constraints.
-  ErrorCode(int argno, ArgType width, Operation op, uint64_t value,
-            const ErrorCode *passed, const ErrorCode *failed);
+  ErrorCode(int argno,
+            ArgType width,
+            Operation op,
+            uint64_t value,
+            const ErrorCode* passed,
+            const ErrorCode* failed);
 
   ErrorType error_type_;
 
   union {
     // Fields needed for SECCOMP_RET_TRAP callbacks
     struct {
-      Trap::TrapFnc fnc_;        // Callback function and arg, if trap was
-      void          *aux_;       //   triggered by the kernel's BPF filter.
-      bool          safe_;       // Keep sandbox active while calling fnc_()
+      Trap::TrapFnc fnc_;  // Callback function and arg, if trap was
+      void* aux_;          //   triggered by the kernel's BPF filter.
+      bool safe_;          // Keep sandbox active while calling fnc_()
     };
 
     // Fields needed when inspecting additional arguments.
     struct {
-      uint64_t  value_;          // Value that we are comparing with.
-      int       argno_;          // Syscall arg number that we are inspecting.
-      ArgType   width_;          // Whether we are looking at a 32/64bit value.
+      uint64_t value_;           // Value that we are comparing with.
+      int argno_;                // Syscall arg number that we are inspecting.
+      ArgType width_;            // Whether we are looking at a 32/64bit value.
       Operation op_;             // Comparison operation.
-      const ErrorCode *passed_;  // Value to be returned if comparison passed,
-      const ErrorCode *failed_;  //   or if it failed.
+      const ErrorCode* passed_;  // Value to be returned if comparison passed,
+      const ErrorCode* failed_;  //   or if it failed.
     };
   };
 
@@ -184,7 +190,6 @@ class ErrorCode {
   // the value that uniquely identifies any ErrorCode and it (typically) can
   // be emitted directly into a BPF filter program.
   uint32_t err_;
-
 };
 
 }  // namespace