Implement DRM Native Pixmap using prime buffer

content/common/sandbox_linux/bpf_renderer_policy_linux.cc

Index: content/common/sandbox_linux/bpf_renderer_policy_linux.cc
diff --git a/content/common/sandbox_linux/bpf_renderer_policy_linux.cc b/content/common/sandbox_linux/bpf_renderer_policy_linux.cc
index 993e2a50d4d4951d5d99239a8607aa11f7ca3f88..e153d730942be02df31d8e4a9196e639008c5fe3 100644
--- a/content/common/sandbox_linux/bpf_renderer_policy_linux.cc
+++ b/content/common/sandbox_linux/bpf_renderer_policy_linux.cc
@@ -5,6 +5,7 @@
 #include "content/common/sandbox_linux/bpf_renderer_policy_linux.h"
 
 #include <errno.h>
+#include <libdrm/drm.h>
 #include <sys/ioctl.h>
 
 #include "build/build_config.h"
@@ -15,10 +16,6 @@
 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
 #include "sandbox/linux/system_headers/linux_syscalls.h"
 
-#if defined(USE_VGEM_MAP)
-#include <libdrm/vgem_drm.h>
-#endif
-
 using sandbox::SyscallSets;
 using sandbox::bpf_dsl::Allow;
 using sandbox::bpf_dsl::Arg;
@@ -34,13 +31,11 @@ ResultExpr RestrictIoctl() {
   return Switch(request)
       .SANDBOX_BPF_DSL_CASES((static_cast<unsigned long>(TCGETS), FIONREAD),
                              Allow())
-#if defined(USE_VGEM_MAP)
       // Type of DRM_IOCTL_XXX is unsigned long on IA and unsigned int on ARM.
       .SANDBOX_BPF_DSL_CASES(
           (static_cast<unsigned long>(DRM_IOCTL_GEM_CLOSE),
-           DRM_IOCTL_VGEM_MODE_MAP_DUMB, DRM_IOCTL_PRIME_FD_TO_HANDLE),
+           DRM_IOCTL_PRIME_FD_TO_HANDLE),

[piman, 2016/03/23 21:26:00]

Actually, do we still need these in the renderer? It sounds like we now directly
mmap the fd.

           Allow())
-#endif
       .Default(sandbox::CrashSIGSYSIoctl());
 }