| Index: content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc
|
| diff --git a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc
|
| index 5f9813f58085aa1e3917b5fbd9e0add6e384dc78..4cd502d8487729950a891e6fc610a0bb946c35c5 100644
|
| --- a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc
|
| +++ b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc
|
| @@ -78,6 +78,7 @@ ResultExpr SandboxBPFBasePolicyAndroid::EvaluateSyscall(int sysno) const {
|
| case __NR_getpriority:
|
| case __NR_ioctl:
|
| case __NR_mremap:
|
| + case __NR_msync:
|
| // File system access cannot be restricted with seccomp-bpf on Android,
|
| // since the JVM classloader and other Framework features require file
|
| // access. It may be possible to restrict the filesystem with SELinux.
|
|
|
Chromium Code Reviews
Issue 1988303003:
[Android] Permit __NR_msync under the seccomp sandbox. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master