Lines Matching refs:Policy
20 class Policy;
23 // This class can be used to apply a syscall sandboxing policy expressed in a
24 // bpf_dsl::Policy object to the current process.
34 // Ownership of |policy| is transfered here to the sandbox object.
36 explicit SandboxBPF(bpf_dsl::Policy* policy);
37 // NOTE: Setting a policy and starting the sandbox is a one-way operation.
62 // a new policy requires making system calls, that might already be
65 // combined policy. So, it should only be used if there are no alternatives.
98 // Assembles a BPF filter program from the current policy. After calling this
102 // Assembles and installs a filter based on the policy that has previously
108 std::unique_ptr<bpf_dsl::Policy> policy_;
