1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ 6#define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ 7 8#include <stdint.h> 9 10#include "base/macros.h" 11#include "sandbox/sandbox_export.h" 12 13namespace sandbox { 14 15// Iterates over the entire system call range from 0..0xFFFFFFFFu. This 16// iterator is aware of how system calls look like and will skip quickly 17// over ranges that can't contain system calls. It iterates more slowly 18// whenever it reaches a range that is potentially problematic, returning 19// the last invalid value before a valid range of system calls, and the 20// first invalid value after a valid range of syscalls. It iterates over 21// individual values whenever it is in the normal range for system calls 22// (typically MIN_SYSCALL..MAX_SYSCALL). 23// If |invalid_only| is true, this iterator will only return invalid 24// syscall numbers, but will still skip quickly over invalid ranges, 25// returning the first invalid value in the range and then skipping 26// to the last invalid value in the range. 27// 28// Example usage: 29// for (SyscallIterator iter(false); !iter.Done(); ) { 30// uint32_t sysnum = iter.Next(); 31// // Do something with sysnum. 32// } 33// 34// TODO(markus): Make this a classic C++ iterator. 35class SANDBOX_EXPORT SyscallIterator { 36 public: 37 explicit SyscallIterator(bool invalid_only) 38 : invalid_only_(invalid_only), done_(false), num_(0) {} 39 40 bool Done() const { return done_; } 41 uint32_t Next(); 42 static bool IsValid(uint32_t num); 43 44 private: 45 static bool IsArmPrivate(uint32_t num); 46 47 bool invalid_only_; 48 bool done_; 49 uint32_t num_; 50 51 DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallIterator); 52}; 53 54} // namespace sandbox 55 56#endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__ 57