Index: content/common/sandbox_linux/bpf_renderer_policy_linux.cc |
diff --git a/content/common/sandbox_linux/bpf_renderer_policy_linux.cc b/content/common/sandbox_linux/bpf_renderer_policy_linux.cc |
index 993e2a50d4d4951d5d99239a8607aa11f7ca3f88..e153d730942be02df31d8e4a9196e639008c5fe3 100644 |
--- a/content/common/sandbox_linux/bpf_renderer_policy_linux.cc |
+++ b/content/common/sandbox_linux/bpf_renderer_policy_linux.cc |
@@ -5,6 +5,7 @@ |
#include "content/common/sandbox_linux/bpf_renderer_policy_linux.h" |
#include <errno.h> |
+#include <libdrm/drm.h> |
#include <sys/ioctl.h> |
#include "build/build_config.h" |
@@ -15,10 +16,6 @@ |
#include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" |
#include "sandbox/linux/system_headers/linux_syscalls.h" |
-#if defined(USE_VGEM_MAP) |
-#include <libdrm/vgem_drm.h> |
-#endif |
- |
using sandbox::SyscallSets; |
using sandbox::bpf_dsl::Allow; |
using sandbox::bpf_dsl::Arg; |
@@ -34,13 +31,11 @@ ResultExpr RestrictIoctl() { |
return Switch(request) |
.SANDBOX_BPF_DSL_CASES((static_cast<unsigned long>(TCGETS), FIONREAD), |
Allow()) |
-#if defined(USE_VGEM_MAP) |
// Type of DRM_IOCTL_XXX is unsigned long on IA and unsigned int on ARM. |
.SANDBOX_BPF_DSL_CASES( |
(static_cast<unsigned long>(DRM_IOCTL_GEM_CLOSE), |
- DRM_IOCTL_VGEM_MODE_MAP_DUMB, DRM_IOCTL_PRIME_FD_TO_HANDLE), |
+ DRM_IOCTL_PRIME_FD_TO_HANDLE), |
piman
2016/03/23 21:26:00
Actually, do we still need these in the renderer?
|
Allow()) |
-#endif |
.Default(sandbox::CrashSIGSYSIoctl()); |
} |