NotForReview: Implement zero/one-copy texture for ozone freon using Intel DRM

sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
 
 #include <errno.h>
 #include <fcntl.h>
 #include <fcntl.h>
 #include <linux/net.h>
@@ skipping 19 matching lines @@
 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
 #include "sandbox/linux/system_headers/linux_futex.h"
 #include "sandbox/linux/system_headers/linux_syscalls.h"
 #include "sandbox/linux/system_headers/linux_time.h"
 
 // PNaCl toolchain does not provide sys/ioctl.h header.
 #if !defined(OS_NACL_NONSFI)
 #include <sys/ioctl.h>
 #if defined(USE_OZONE)
 #include <drm.h>
+#include <libdrm/i915_drm.h>
 #endif
 #endif
 
 #if defined(OS_ANDROID)
 
 #if !defined(F_DUPFD_CLOEXEC)
 #define F_DUPFD_CLOEXEC (F_LINUX_SPECIFIC_BASE + 6)
 #endif
 
 // https://android.googlesource.com/platform/bionic/+/lollipop-release/libc/private/bionic_prctl.h
@@ skipping 109 matching lines @@
 #else
   auto reference_type = TCGETS;
 #endif
   const Arg<decltype(reference_type)> request(1);
   return Switch(request)
       .CASES(((decltype(reference_type))TCGETS, FIONREAD), Allow())
 #if defined(USE_OZONE)
       .CASES((DRM_IOCTL_MODE_DESTROY_DUMB, DRM_IOCTL_MODE_MAP_DUMB,
               DRM_IOCTL_PRIME_FD_TO_HANDLE),
              Allow())
+      .CASES((DRM_IOCTL_GEM_CLOSE,
+              DRM_IOCTL_PRIME_FD_TO_HANDLE,
+              DRM_IOCTL_PRIME_HANDLE_TO_FD,
+              DRM_IOCTL_I915_GEM_GET_APERTURE,
+              DRM_IOCTL_I915_GEM_BUSY,
+              DRM_IOCTL_I915_GEM_MADVISE,
+              DRM_IOCTL_I915_GEM_CREATE,
+              DRM_IOCTL_I915_GEM_USERPTR,
+              DRM_IOCTL_GEM_OPEN,
+              DRM_IOCTL_I915_GEM_GET_TILING,
+              DRM_IOCTL_GEM_CLOSE,
+              DRM_IOCTL_I915_GEM_MMAP,
+              DRM_IOCTL_I915_GEM_SET_DOMAIN,
+              DRM_IOCTL_I915_GEM_MMAP_GTT,
+              DRM_IOCTL_I915_GEM_SET_DOMAIN,
+              DRM_IOCTL_I915_GEM_SW_FINISH,
+              DRM_IOCTL_I915_GEM_USERPTR,
+              DRM_IOCTL_I915_GEM_PWRITE,
+              DRM_IOCTL_I915_GET_PIPE_FROM_CRTC_ID,
+              DRM_IOCTL_I915_GEM_PREAD,
+              DRM_IOCTL_I915_GEM_WAIT,
+              DRM_IOCTL_I915_GEM_SET_DOMAIN,
+              DRM_IOCTL_I915_GEM_GET_TILING,
+              DRM_IOCTL_GEM_FLINK,
+              DRM_IOCTL_I915_GETPARAM,
+              DRM_IOCTL_GEM_CLOSE,
+              DRM_IOCTL_MODE_OBJ_GETPROPERTIES), Allow())
+      // Above IOCTL codes were sufficient 3 months ago, but now other codes
+      // are needed. I guess mini GBM implementation began using others.
+      // mini GBM is moving target, so it's difficult for Chromium
+      // to white-list IOCTL codes completely.
+      .Default(Allow());
+#else
+      .Default(CrashSIGSYSIoctl());
 #endif
-      .Default(CrashSIGSYSIoctl());
 }
 
 ResultExpr RestrictMmapFlags() {
   // The flags you see are actually the allowed ones, and the variable is a
   // "denied" mask because of the negation operator.
   // Significantly, we don't permit MAP_HUGETLB, or the newer flags such as
   // MAP_POPULATE.
   // TODO(davidung), remove MAP_DENYWRITE with updated Tegra libraries.
   const uint64_t kAllowedMask = MAP_SHARED | MAP_PRIVATE | MAP_ANONYMOUS |
                                 MAP_STACK | MAP_NORESERVE | MAP_FIXED |
@@ skipping 144 matching lines @@
                  clockid == CLOCK_MONOTONIC ||
                  clockid == CLOCK_MONOTONIC_COARSE ||
                  clockid == CLOCK_PROCESS_CPUTIME_ID ||
                  clockid == CLOCK_REALTIME ||
                  clockid == CLOCK_REALTIME_COARSE ||
                  clockid == CLOCK_THREAD_CPUTIME_ID,
              Allow()).Else(CrashSIGSYS());
 }
 
 }  // namespace sandbox.