Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(228)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc

Issue 2490893002: seccomp-bpf: Allow MADV_FREE in madvise(2) (Closed)
Patch Set: Remove stray comma Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
index af472695e0cf8c53c86656cfa0a60b0e9d636d40..88a932607c010ce7f6f9266f0099e86df9736bc0 100644
--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -174,9 +174,15 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
}
if (sysno == __NR_madvise) {
- // Only allow MADV_DONTNEED (aka MADV_FREE).
+ // Only allow MADV_DONTNEED and MADV_FREE.
const Arg<int> advice(2);
- return If(advice == MADV_DONTNEED, Allow()).Else(Error(EPERM));
+ return If(AnyOf(advice == MADV_DONTNEED
+#if defined(MADV_FREE)
+ // MADV_FREE was introduced in Linux 4.5 and started being
+ // defined in glibc 2.24.
+ , advice == MADV_FREE
+#endif
+ ), Allow()).Else(Error(EPERM));
}
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698