sandbox/linux/seccomp-bpf/die.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef SANDBOX_LINUX_SECCOMP_BPF_DIE_H__
#define SANDBOX_LINUX_SECCOMP_BPF_DIE_H__

#include "sandbox/linux/seccomp-bpf/port.h"


namespace playground2 {

class Die {
 public:
  // This is the main API for using this file. Prints a error message and
  // exits with a fatal error.
  #define SANDBOX_DIE(m) playground2::Die::SandboxDie(m, __FILE__, __LINE__)

  // Adds an informational message to the log file or stderr as appropriate.
  #define SANDBOX_INFO(m) playground2::Die::SandboxInfo(m, __FILE__, __LINE__)

  // Terminate the program, even if the current sandbox policy prevents some
  // of the more commonly used functions used for exiting.
  // Most users would want to call SANDBOX_DIE() instead, as it logs extra
  // information. But calling ExitGroup() is correct and in some rare cases
  // preferable. So, we make it part of the public API.
  static void ExitGroup() __attribute__((noreturn));

  // This method gets called by SANDBOX_DIE(). There is normally no reason
  // to call it directly unless you are defining your own exiting macro.
  static void SandboxDie(const char *msg, const char *file, int line)
    __attribute__((noreturn));

  // This method gets called by SANDBOX_INFO(). There is normally no reason
  // to call it directly unless you are defining your own logging macro.
  static void SandboxInfo(const char *msg, const char *file, int line);

  // Writes a message to stderr. Used as a fall-back choice, if we don't have
  // any other way to report an error.
  static void LogToStderr(const char *msg, const char *file, int line);

  // We generally want to run all exit handlers. This means, on SANDBOX_DIE()
  // we should be calling LOG(FATAL). But there are some situations where
  // we just need to print a message and then terminate. This would typically
  // happen in cases where we consume the error message internally (e.g. in
  // unit tests or in the supportsSeccompSandbox() method).
  static void EnableSimpleExit() { simple_exit_ = true; }

  // Sometimes we need to disable all informational messages (e.g. from within
  // unittests).
  static void SuppressInfoMessages(bool flag) { suppress_info_ = flag; }

 private:
  static bool simple_exit_;
  static bool suppress_info_;

  DISALLOW_IMPLICIT_CONSTRUCTORS(Die);
};

}  // namespace

#endif  // SANDBOX_LINUX_SECCOMP_BPF_DIE_H__