// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "sandbox/policy/linux/bpf_base_policy_linux.h" #include <errno.h> #include "base/check.h" #include "sandbox/linux/bpf_dsl/bpf_dsl.h" #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h" #include "sandbox/linux/system_headers/linux_syscalls.h" #if BUILDFLAG(IS_ANDROID) #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy_android.h" #endif Allow; ResultExpr; namespace sandbox { namespace policy { namespace { // The errno used for denied file system access system calls, such as open(2). static const int kFSDeniedErrno = …; } // namespace. #if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) BPFBasePolicy::BPFBasePolicy() : … { … } #elif BUILDFLAG(IS_ANDROID) BPFBasePolicy::BPFBasePolicy( const BaselinePolicyAndroid::RuntimeOptions& options) : baseline_policy_(std::make_unique<BaselinePolicyAndroid>(options)) {} #endif BPFBasePolicy::~BPFBasePolicy() = default; ResultExpr BPFBasePolicy::EvaluateSyscall(int system_call_number) const { … } ResultExpr BPFBasePolicy::InvalidSyscall() const { … } int BPFBasePolicy::GetFSDeniedErrno() { … } } // namespace policy } // namespace sandbox.
Codebase Browser
chromium