Index: sandbox/linux/seccomp-bpf/sandbox_bpf.cc |
diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc |
index 6b2327e5452e131c3d054538f933e92f4604b56a..2e2c565c3b4e7bf3104c2423430ca88501f30d23 100644 |
--- a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc |
+++ b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc |
@@ -95,6 +95,7 @@ void TryVsyscallProcess(void) { |
} |
bool IsSingleThreaded(int proc_fd) { |
+ return true; |
Robert Sesek
2014/03/05 18:27:54
Obviously these cannot go in as-is. I can see thre
jln (very slow on Chromium)
2014/03/07 01:30:30
Yes, the sandbox:: seccomp-bpf class should suppor
Robert Sesek
2014/03/25 21:57:17
OK I'll work on that, then. How do you think Suppo
jln (very slow on Chromium)
2014/03/31 19:22:32
We could have StartSandboxWithThreads() return a b
Robert Sesek
2014/03/31 19:45:50
OK, that's also what I was thinking, though probab
|
if (proc_fd < 0) { |
// Cannot determine whether program is single-threaded. Hope for |
// the best... |
@@ -253,6 +254,7 @@ bool SandboxBPF::IsValidSyscallNumber(int sysnum) { |
bool SandboxBPF::RunFunctionInPolicy(void (*code_in_sandbox)(), |
EvaluateSyscall syscall_evaluator, |
void* aux) { |
+ return true; |
// Block all signals before forking a child process. This prevents an |
// attacker from manipulating our test by sending us an unexpected signal. |
sigset_t old_mask, new_mask; |