sandbox/linux/bpf_dsl/codegen.h - chromium/src - Git at Google

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef SANDBOX_LINUX_BPF_DSL_CODEGEN_H__
 #define SANDBOX_LINUX_BPF_DSL_CODEGEN_H__

 #include <stddef.h>
 #include <stdint.h>

 #include <map>
 #include <tuple>
 #include <vector>

 #include "base/macros.h"
 #include "sandbox/sandbox_export.h"

 struct sock_filter;

 namespace sandbox {

 // The code generator implements a basic assembler that can convert a
 // graph of BPF instructions into a well-formed array of BPF
 // instructions. Most notably, it ensures that jumps are always
 // forward and don't exceed the limit of 255 instructions imposed by
 // the instruction set.
 //
 // Callers would typically create a new CodeGen object and then use it
 // to build a DAG of instruction nodes. They'll eventually call
 // Compile() to convert this DAG to a Program.
 //
 //   CodeGen gen;
 //   CodeGen::Node allow, branch, dag;
 //
 //   allow =
 //     gen.MakeInstruction(BPF_RET+BPF_K,
 //                         ErrorCode(ErrorCode::ERR_ALLOWED).err()));
 //   branch =
 //     gen.MakeInstruction(BPF_JMP+BPF_EQ+BPF_K, __NR_getpid,
 //                         Trap(GetPidHandler, NULL), allow);
 //   dag =
 //     gen.MakeInstruction(BPF_LD+BPF_W+BPF_ABS,
 //                         offsetof(struct arch_seccomp_data, nr), branch);
 //
 //   // Simplified code follows; in practice, it is important to avoid calling
 //   // any C++ destructors after starting the sandbox.
 //   CodeGen::Program program = gen.Compile(dag);
 //   const struct sock_fprog prog = {
 //     static_cast<unsigned short>(program.size()), &program[0] };
 //   prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog);
 //
 class SANDBOX_EXPORT CodeGen {
  public:
   // A vector of BPF instructions that need to be installed as a filter
   // program in the kernel.
   typedef std::vector<struct sock_filter> Program;

   // Node represents a node within the instruction DAG being compiled.
   using Node = Program::size_type;

   // kNullNode represents the "null" node; i.e., the reserved node
   // value guaranteed to not equal any actual nodes.
   static const Node kNullNode = -1;

   CodeGen();
   ~CodeGen();

   // MakeInstruction creates a node representing the specified
   // instruction, or returns and existing equivalent node if one
   // exists. For details on the possible parameters refer to
   // https://www.kernel.org/doc/Documentation/networking/filter.txt.
   // TODO(mdempsky): Reconsider using default arguments here.
   Node MakeInstruction(uint16_t code,
                        uint32_t k,
                        Node jt = kNullNode,
                        Node jf = kNullNode);

   // Compile linearizes the instruction DAG rooted at |head| into a
   // program that can be executed by a BPF virtual machine.
   Program Compile(Node head);

  private:
   using MemoKey = std::tuple<uint16_t, uint32_t, Node, Node>;

   // AppendInstruction adds a new instruction, ensuring that |jt| and
   // |jf| are within range as necessary for |code|.
   Node AppendInstruction(uint16_t code, uint32_t k, Node jt, Node jf);

   // WithinRange returns a node equivalent to |next| that is at most
   // |range| instructions away from the (logical) beginning of the
   // program.
   Node WithinRange(Node next, size_t range);

   // Append appends a new instruction to the physical end (i.e.,
   // logical beginning) of |program_|.
   Node Append(uint16_t code, uint32_t k, size_t jt, size_t jf);

   // Offset returns how many instructions exist in |program_| after |target|.
   size_t Offset(Node target) const;

   // NOTE: program_ is the compiled program in *reverse*, so that
   // indices remain stable as we add instructions.
   Program program_;

   // equivalent_ stores the most recent semantically-equivalent node for each
   // instruction in program_. A node is defined as semantically-equivalent to N
   // if it has the same instruction code and constant as N and its successor
   // nodes (if any) are semantically-equivalent to N's successor nodes, or
   // if it's an unconditional jump to a node semantically-equivalent to N.
   std::vector<Node> equivalent_;

   std::map<MemoKey, Node> memos_;

   DISALLOW_COPY_AND_ASSIGN(CodeGen);
 };

 }  // namespace sandbox

 #endif  // SANDBOX_LINUX_BPF_DSL_CODEGEN_H__
	// Copyright (c) 2012 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef SANDBOX_LINUX_BPF_DSL_CODEGEN_H__
	#define SANDBOX_LINUX_BPF_DSL_CODEGEN_H__

	#include <stddef.h>
	#include <stdint.h>

	#include <map>
	#include <tuple>
	#include <vector>

	#include "base/macros.h"
	#include "sandbox/sandbox_export.h"

	struct sock_filter;

	namespace sandbox {

	// The code generator implements a basic assembler that can convert a
	// graph of BPF instructions into a well-formed array of BPF
	// instructions. Most notably, it ensures that jumps are always
	// forward and don't exceed the limit of 255 instructions imposed by
	// the instruction set.
	//
	// Callers would typically create a new CodeGen object and then use it
	// to build a DAG of instruction nodes. They'll eventually call
	// Compile() to convert this DAG to a Program.
	//
	// CodeGen gen;
	// CodeGen::Node allow, branch, dag;
	//
	// allow =
	// gen.MakeInstruction(BPF_RET+BPF_K,
	// ErrorCode(ErrorCode::ERR_ALLOWED).err()));
	// branch =
	// gen.MakeInstruction(BPF_JMP+BPF_EQ+BPF_K, __NR_getpid,
	// Trap(GetPidHandler, NULL), allow);
	// dag =
	// gen.MakeInstruction(BPF_LD+BPF_W+BPF_ABS,
	// offsetof(struct arch_seccomp_data, nr), branch);
	//
	// // Simplified code follows; in practice, it is important to avoid calling
	// // any C++ destructors after starting the sandbox.
	// CodeGen::Program program = gen.Compile(dag);
	// const struct sock_fprog prog = {
	// static_cast<unsigned short>(program.size()), &program[0] };
	// prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog);
	//
	class SANDBOX_EXPORT CodeGen {
	public:
	// A vector of BPF instructions that need to be installed as a filter
	// program in the kernel.
	typedef std::vector<struct sock_filter> Program;

	// Node represents a node within the instruction DAG being compiled.
	using Node = Program::size_type;

	// kNullNode represents the "null" node; i.e., the reserved node
	// value guaranteed to not equal any actual nodes.
	static const Node kNullNode = -1;

	CodeGen();
	~CodeGen();

	// MakeInstruction creates a node representing the specified
	// instruction, or returns and existing equivalent node if one
	// exists. For details on the possible parameters refer to
	// https://www.kernel.org/doc/Documentation/networking/filter.txt.
	// TODO(mdempsky): Reconsider using default arguments here.
	Node MakeInstruction(uint16_t code,
	uint32_t k,
	Node jt = kNullNode,
	Node jf = kNullNode);

	// Compile linearizes the instruction DAG rooted at \|head\| into a
	// program that can be executed by a BPF virtual machine.
	Program Compile(Node head);

	private:
	using MemoKey = std::tuple<uint16_t, uint32_t, Node, Node>;

	// AppendInstruction adds a new instruction, ensuring that \|jt\| and
	// \|jf\| are within range as necessary for \|code\|.
	Node AppendInstruction(uint16_t code, uint32_t k, Node jt, Node jf);

	// WithinRange returns a node equivalent to \|next\| that is at most
	// \|range\| instructions away from the (logical) beginning of the
	// program.
	Node WithinRange(Node next, size_t range);

	// Append appends a new instruction to the physical end (i.e.,
	// logical beginning) of \|program_\|.
	Node Append(uint16_t code, uint32_t k, size_t jt, size_t jf);

	// Offset returns how many instructions exist in \|program_\| after \|target\|.
	size_t Offset(Node target) const;

	// NOTE: program_ is the compiled program in reverse, so that
	// indices remain stable as we add instructions.
	Program program_;

	// equivalent_ stores the most recent semantically-equivalent node for each
	// instruction in program_. A node is defined as semantically-equivalent to N
	// if it has the same instruction code and constant as N and its successor
	// nodes (if any) are semantically-equivalent to N's successor nodes, or
	// if it's an unconditional jump to a node semantically-equivalent to N.
	std::vector<Node> equivalent_;

	std::map<MemoKey, Node> memos_;

	DISALLOW_COPY_AND_ASSIGN(CodeGen);
	};

	} // namespace sandbox

	#endif // SANDBOX_LINUX_BPF_DSL_CODEGEN_H__