blob: 39568d8f121897cfbfb2389eb76a5c55e50dd572 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
#define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
#include <stdint.h>
#include <base/logging.h>
namespace playground2 {
// Iterates over the entire system call range from 0..0xFFFFFFFFu. This
// iterator is aware of how system calls look like and will skip quickly
// over ranges that can't contain system calls. It iterates more slowly
// whenever it reaches a range that is potentially problematic, returning
// the last invalid value before a valid range of system calls, and the
// first invalid value after a valid range of syscalls. It iterates over
// individual values whenever it is in the normal range for system calls
// (typically MIN_SYSCALL..MAX_SYSCALL).
// If |invalid_only| is true, this iterator will only return invalid
// syscall numbers, but will still skip quickly over invalid ranges,
// returning the first invalid value in the range and then skipping
// to the last invalid value in the range.
//
// Example usage:
// for (SyscallIterator iter(false); !iter.Done(); ) {
// uint32_t sysnum = iter.Next();
// // Do something with sysnum.
// }
//
// TODO(markus): Make this a classic C++ iterator.
class SyscallIterator {
public:
explicit SyscallIterator(bool invalid_only)
: invalid_only_(invalid_only),
done_(false),
num_(0) {}
bool Done() const { return done_; }
uint32_t Next();
static bool IsValid(uint32_t num);
private:
static bool IsArmPrivate(uint32_t num);
bool invalid_only_;
bool done_;
uint32_t num_;
DISALLOW_COPY_AND_ASSIGN(SyscallIterator);
};
} // namespace playground2
#endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
|