1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ 6#define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ 7 8#include <stdint.h> 9 10namespace playground2 { 11 12// Iterates over the entire system call range from 0..0xFFFFFFFFu. This 13// iterator is aware of how system calls look like and will skip quickly 14// over ranges that can't contain system calls. It iterates more slowly 15// whenever it reaches a range that is potentially problematic, returning 16// the last invalid value before a valid range of system calls, and the 17// first invalid value after a valid range of syscalls. It iterates over 18// individual values whenever it is in the normal range for system calls 19// (typically MIN_SYSCALL..MAX_SYSCALL). 20// If |invalid_only| is true, this iterator will only return invalid 21// syscall numbers, but will still skip quickly over invalid ranges, 22// returning the first invalid value in the range and then skipping 23// to the last invalid value in the range. 24// 25// Example usage: 26// for (SyscallIterator iter(false); !iter.Done(); ) { 27// uint32_t sysnum = iter.Next(); 28// // Do something with sysnum. 29// } 30// 31// TODO(markus): Make this a classic C++ iterator. 32class SyscallIterator { 33 public: 34 explicit SyscallIterator(bool invalid_only) 35 : invalid_only_(invalid_only), 36 done_(false), 37 num_(0) {} 38 39 bool Done() const { return done_; } 40 uint32_t Next(); 41 static bool IsValid(uint32_t num); 42 43 private: 44 static bool IsArmPrivate(uint32_t num); 45 46 bool invalid_only_; 47 bool done_; 48 uint32_t num_; 49 50 DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallIterator); 51}; 52 53} // namespace playground2 54 55#endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ 56 57