}
}
-Trap* Trap::GetInstance() {
+bpf_dsl::TrapRegistry* Trap::Registry() {
// Note: This class is not thread safe. It is the caller's responsibility
// to avoid race conditions. Normally, this is a non-issue as the sandbox
// can only be initialized if there are no other threads present.
}
uint16_t Trap::MakeTrap(TrapFnc fnc, const void* aux, bool safe) {
- return GetInstance()->MakeTrapImpl(fnc, aux, safe);
+ return Registry()->Add(fnc, aux, safe);
}
-uint16_t Trap::MakeTrapImpl(TrapFnc fnc, const void* aux, bool safe) {
+uint16_t Trap::Add(TrapFnc fnc, const void* aux, bool safe) {
if (!safe && !SandboxDebuggingAllowedByUser()) {
// Unless the user set the CHROME_SANDBOX_DEBUGGING environment variable,
// we never return an ErrorCode that is marked as "unsafe". This also
}
bool Trap::EnableUnsafeTrapsInSigSysHandler() {
- Trap* trap = GetInstance();
- if (!trap->has_unsafe_traps_) {
+ return Registry()->EnableUnsafeTraps();
+}
+
+bool Trap::EnableUnsafeTraps() {
+ if (!has_unsafe_traps_) {
// Unsafe traps are a one-way fuse. Once enabled, they can never be turned
// off again.
// We only allow enabling unsafe traps, if the user explicitly set an
// appropriate environment variable. This prevents bugs that accidentally
// disable all sandboxing for all users.
- if (trap->SandboxDebuggingAllowedByUser()) {
+ if (SandboxDebuggingAllowedByUser()) {
// We only ever print this message once, when we enable unsafe traps the
// first time.
SANDBOX_INFO("WARNING! Disabling sandbox for debugging purposes");
- trap->has_unsafe_traps_ = true;
+ has_unsafe_traps_ = true;
} else {
SANDBOX_INFO(
"Cannot disable sandbox and use unsafe traps unless "
}
}
// Returns the, possibly updated, value of has_unsafe_traps_.
- return trap->has_unsafe_traps_;
-}
-
-bool Trap::IsSafeTrapId(uint16_t id) {
- if (global_trap_ && id > 0 && id <= global_trap_->trap_array_size_) {
- return global_trap_->trap_array_[id - 1].safe;
- }
- return false;
+ return has_unsafe_traps_;
}
Trap* Trap::global_trap_;