linux/seccomp-bpf/syscall_iterator.h

5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved.
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file.
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <stdint.h>
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci#include "base/macros.h"
cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#include "sandbox/sandbox_export.h"
f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)namespace sandbox {
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Iterates over the entire system call range from 0..0xFFFFFFFFu. This
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// iterator is aware of how system calls look like and will skip quickly
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// over ranges that can't contain system calls. It iterates more slowly
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// whenever it reaches a range that is potentially problematic, returning
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// the last invalid value before a valid range of system calls, and the
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// first invalid value after a valid range of syscalls. It iterates over
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// individual values whenever it is in the normal range for system calls
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// (typically MIN_SYSCALL..MAX_SYSCALL).
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// If |invalid_only| is true, this iterator will only return invalid
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// syscall numbers, but will still skip quickly over invalid ranges,
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// returning the first invalid value in the range and then skipping
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// to the last invalid value in the range.
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Example usage:
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//   for (SyscallIterator iter(false); !iter.Done(); ) {
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//     uint32_t sysnum = iter.Next();
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//     // Do something with sysnum.
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//   }
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// TODO(markus): Make this a classic C++ iterator.
c5cede9ae108bb15f6b7a8aea21c7e1fefa2834cBen Murdochclass SANDBOX_EXPORT SyscallIterator {
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public:
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  explicit SyscallIterator(bool invalid_only)
f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)      : invalid_only_(invalid_only), done_(false), num_(0) {}
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  bool Done() const { return done_; }
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  uint32_t Next();
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  static bool IsValid(uint32_t num);
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private:
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  static bool IsArmPrivate(uint32_t num);
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  bool invalid_only_;
f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  bool done_;
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  uint32_t num_;
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
2a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)  DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallIterator);
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)};
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)}  // namespace sandbox
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif  // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__