1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/linux/seccomp-bpf/die.h"
6 #include "sandbox/linux/seccomp-bpf/errorcode.h"
10 ErrorCode::ErrorCode(int err
) {
13 err_
= SECCOMP_RET_ALLOW
;
14 error_type_
= ET_SIMPLE
;
16 case ERR_MIN_ERRNO
... ERR_MAX_ERRNO
:
17 err_
= SECCOMP_RET_ERRNO
+ err
;
18 error_type_
= ET_SIMPLE
;
21 if ((err
& ~SECCOMP_RET_DATA
) == ERR_TRACE
) {
22 err_
= SECCOMP_RET_TRACE
+ (err
& SECCOMP_RET_DATA
);
23 error_type_
= ET_SIMPLE
;
26 SANDBOX_DIE("Invalid use of ErrorCode object");
30 ErrorCode::ErrorCode(Trap::TrapFnc fnc
, const void* aux
, bool safe
, uint16_t id
)
31 : error_type_(ET_TRAP
),
33 aux_(const_cast<void*>(aux
)),
35 err_(SECCOMP_RET_TRAP
+ id
) {}
37 ErrorCode::ErrorCode(int argno
,
41 const ErrorCode
* passed
,
42 const ErrorCode
* failed
)
43 : error_type_(ET_COND
),
50 err_(SECCOMP_RET_INVALID
) {
51 if (op
< 0 || op
>= OP_NUM_OPS
) {
52 SANDBOX_DIE("Invalid opcode in BPF sandbox rules");
56 bool ErrorCode::Equals(const ErrorCode
& err
) const {
57 if (error_type_
== ET_INVALID
|| err
.error_type_
== ET_INVALID
) {
58 SANDBOX_DIE("Dereferencing invalid ErrorCode");
60 if (error_type_
!= err
.error_type_
) {
63 if (error_type_
== ET_SIMPLE
|| error_type_
== ET_TRAP
) {
64 return err_
== err
.err_
;
65 } else if (error_type_
== ET_COND
) {
66 return value_
== err
.value_
&& argno_
== err
.argno_
&&
67 width_
== err
.width_
&& op_
== err
.op_
&&
68 passed_
->Equals(*err
.passed_
) && failed_
->Equals(*err
.failed_
);
70 SANDBOX_DIE("Corrupted ErrorCode");
74 bool ErrorCode::LessThan(const ErrorCode
& err
) const {
75 // Implementing a "LessThan()" operator allows us to use ErrorCode objects
76 // as keys in STL containers; most notably, it also allows us to put them
77 // into std::set<>. Actual ordering is not important as long as it is
79 if (error_type_
== ET_INVALID
|| err
.error_type_
== ET_INVALID
) {
80 SANDBOX_DIE("Dereferencing invalid ErrorCode");
82 if (error_type_
!= err
.error_type_
) {
83 return error_type_
< err
.error_type_
;
85 if (error_type_
== ET_SIMPLE
|| error_type_
== ET_TRAP
) {
86 return err_
< err
.err_
;
87 } else if (error_type_
== ET_COND
) {
88 if (value_
!= err
.value_
) {
89 return value_
< err
.value_
;
90 } else if (argno_
!= err
.argno_
) {
91 return argno_
< err
.argno_
;
92 } else if (width_
!= err
.width_
) {
93 return width_
< err
.width_
;
94 } else if (op_
!= err
.op_
) {
96 } else if (!passed_
->Equals(*err
.passed_
)) {
97 return passed_
->LessThan(*err
.passed_
);
98 } else if (!failed_
->Equals(*err
.failed_
)) {
99 return failed_
->LessThan(*err
.failed_
);
104 SANDBOX_DIE("Corrupted ErrorCode");
109 } // namespace sandbox