Linux sandbox: allow *kill in the GPU process.

content/common/sandbox_linux/bpf_gpu_policy_linux.cc

Index: content/common/sandbox_linux/bpf_gpu_policy_linux.cc
diff --git a/content/common/sandbox_linux/bpf_gpu_policy_linux.cc b/content/common/sandbox_linux/bpf_gpu_policy_linux.cc
index 8ea2600a7ed9a20695b921f4a652bb947f50917b..1570114c012ac4dc5ddd563c6a4286ba5e6b1f82 100644
--- a/content/common/sandbox_linux/bpf_gpu_policy_linux.cc
+++ b/content/common/sandbox_linux/bpf_gpu_policy_linux.cc
@@ -185,6 +185,10 @@ ErrorCode GpuProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox,
       DCHECK(broker_process_);
       return sandbox->Trap(GpuSIGSYS_Handler, broker_process_);
     default:
+      // Allow *kill from the GPU process temporarily until fork()
+      // is denied here.
+      if (SyscallSets::IsKill(sysno))
+        return ErrorCode(ErrorCode::ERR_ALLOWED);
       if (SyscallSets::IsEventFd(sysno))
         return ErrorCode(ErrorCode::ERR_ALLOWED);