// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef SANDBOX_LINUX_SECCOMP_BPF_TRAP_H__ #define SANDBOX_LINUX_SECCOMP_BPF_TRAP_H__ #include <stddef.h> #include <stdint.h> #include <map> #include "base/memory/raw_ptr_exclusion.h" #include "sandbox/linux/bpf_dsl/trap_registry.h" #include "sandbox/linux/system_headers/linux_signal.h" #include "sandbox/sandbox_export.h" namespace sandbox { // The Trap class allows a BPF filter program to branch out to user space by // raising a SIGSYS signal. // N.B.: This class does not perform any synchronization operations. If // modifications are made to any of the traps, it is the caller's // responsibility to ensure that this happens in a thread-safe fashion. // Preferably, that means that no other threads should be running at that // time. For the purposes of our sandbox, this assertion should always be // true. Threads are incompatible with the seccomp sandbox anyway. class SANDBOX_EXPORT Trap : public bpf_dsl::TrapRegistry { … }; } // namespace sandbox #endif // SANDBOX_LINUX_SECCOMP_BPF_TRAP_H__
Codebase Browser
chromium