1/*
2 * Copyright (C) 2013 Intel Corporation. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 *    notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 *    notice, this list of conditions and the following disclaimer in the
11 *    documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23 * THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#ifndef SyscallPolicy_h
27#define SyscallPolicy_h
28
29#if ENABLE(SECCOMP_FILTERS)
30
31#include <wtf/HashMap.h>
32#include <wtf/text/StringHash.h>
33#include <wtf/text/WTFString.h>
34
35namespace WebKit {
36
37class WebProcessCreationParameters;
38
39class SyscallPolicy {
40public:
41    enum Permission {
42        NotAllowed   = 0,
43        Read         = 1,
44        Write        = 1 << 1,
45        ReadAndWrite = Read | Write
46    };
47
48    bool hasPermissionForPath(const char* path, Permission) const;
49
50    void addFilePermission(const String& path, Permission);
51    void addDirectoryPermission(const String& path, Permission);
52
53    void addDefaultWebProcessPolicy(const WebProcessCreationParameters&);
54
55private:
56    typedef HashMap<String, int> PermissionMap;
57    PermissionMap m_filePermission;
58    PermissionMap m_directoryPermission;
59};
60
61} // namespace WebKit
62
63#endif // ENABLE(SECCOMP_FILTERS)
64
65#endif // SyscallPolicy_h
66