ozone: Implement zero/one-copy texture for Ozone GBM.

sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc

Index: sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
index 60c16d37302b880a63db88fcd2ebbbcb97f6a1da..6375ea4fda7bc6e4e66cbfe81dd6bc19d4a58946 100644
--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
@@ -36,6 +36,10 @@
 #include <sys/ioctl.h>
 #endif
 
+#if defined(USE_OZONE_GBM)
+#include <drm.h>
+#endif
+
 #if defined(OS_ANDROID)
 
 #if !defined(F_DUPFD_CLOEXEC)
@@ -149,9 +153,21 @@ ResultExpr RestrictPrctl() {
 }
 
 ResultExpr RestrictIoctl() {
-  const Arg<int> request(1);
-  return Switch(request).CASES((TCGETS, FIONREAD), Allow()).Default(
-      CrashSIGSYSIoctl());
+// The type of DRM_IOCTL_XXX macro is long unsigned int.
+#if defined(USE_OZONE_GBM)
+  auto reference_type = DRM_IOCTL_MODE_MAP_DUMB;
+#else
+  auto reference_type = TCGETS;
+#endif
+  const Arg<decltype(reference_type)> request(1);
+  return Switch(request)
+      .CASES(((decltype(reference_type))TCGETS, FIONREAD), Allow())
+#if defined(USE_OZONE_GBM)
+      .CASES((DRM_IOCTL_GEM_CLOSE, DRM_IOCTL_MODE_DESTROY_DUMB,
+              DRM_IOCTL_MODE_MAP_DUMB, DRM_IOCTL_PRIME_FD_TO_HANDLE),
+             Allow())
+#endif
+      .Default(CrashSIGSYSIoctl());
 }
 
 ResultExpr RestrictMmapFlags() {