Revert of Linux Sandbox: split the GPU policies to their own file.

content/common/sandbox_bpf_base_policy_linux.h

Index: content/common/sandbox_bpf_base_policy_linux.h
diff --git a/content/common/sandbox_bpf_base_policy_linux.h b/content/common/sandbox_bpf_base_policy_linux.h
new file mode 100644
index 0000000000000000000000000000000000000000..8edba1dd37910adb05de734217170020a30cb2d9
--- /dev/null
+++ b/content/common/sandbox_bpf_base_policy_linux.h
@@ -0,0 +1,40 @@
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_COMMON_SANDBOX_BPF_BASE_POLICY_LINUX_H_
+#define CONTENT_COMMON_SANDBOX_BPF_BASE_POLICY_LINUX_H_
+
+#include "base/basictypes.h"
+#include "base/memory/scoped_ptr.h"
+#include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h"
+#include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"
+
+using sandbox::ErrorCode;
+using sandbox::SandboxBPF;
+
+namespace content {
+
+// The "baseline" BPF policy for content/. Any content/ seccomp-bpf policy
+// should inherit from it.
+// It implements the main SandboxBPFPolicy interface. Due to its nature
+// as a "kernel attack surface reduction" layer, it's implementation-defined.
+class SandboxBPFBasePolicy : public sandbox::SandboxBPFPolicy {
+ public:
+  SandboxBPFBasePolicy();
+  virtual ~SandboxBPFBasePolicy();
+
+  virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler,
+                                    int system_call_number) const OVERRIDE;
+  // Get the errno(3) to return for filesystem errors.
+  static int GetFSDeniedErrno();
+
+ private:
+  // Compose the BaselinePolicy from sandbox/.
+  scoped_ptr<sandbox::BaselinePolicy> baseline_policy_;
+  DISALLOW_COPY_AND_ASSIGN(SandboxBPFBasePolicy);
+};
+
+}  // namespace content
+
+#endif  // CONTENT_COMMON_SANDBOX_BPF_BASE_POLICY_LINUX_H_