1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
6 #define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
10 #include "base/macros.h"
11 #include "sandbox/sandbox_export.h"
15 // Iterates over the entire system call range from 0..0xFFFFFFFFu. This
16 // iterator is aware of how system calls look like and will skip quickly
17 // over ranges that can't contain system calls. It iterates more slowly
18 // whenever it reaches a range that is potentially problematic, returning
19 // the last invalid value before a valid range of system calls, and the
20 // first invalid value after a valid range of syscalls. It iterates over
21 // individual values whenever it is in the normal range for system calls
22 // (typically MIN_SYSCALL..MAX_SYSCALL).
23 // If |invalid_only| is true, this iterator will only return invalid
24 // syscall numbers, but will still skip quickly over invalid ranges,
25 // returning the first invalid value in the range and then skipping
26 // to the last invalid value in the range.
29 // for (SyscallIterator iter(false); !iter.Done(); ) {
30 // uint32_t sysnum = iter.Next();
31 // // Do something with sysnum.
34 // TODO(markus): Make this a classic C++ iterator.
35 class SANDBOX_EXPORT SyscallIterator {
37 explicit SyscallIterator(bool invalid_only)
38 : invalid_only_(invalid_only), done_(false), num_(0) {}
40 bool Done() const { return done_; }
42 static bool IsValid(uint32_t num);
45 static bool IsArmPrivate(uint32_t num);
51 DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallIterator);
54 } // namespace sandbox
56 #endif // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__