Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1138)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/common/sandbox_linux/bpf_gpu_policy_linux.cc

Issue 315383003: Linux sandbox: restrict prctl in the baseline. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Android header workaround. Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | content/common/sandbox_linux/bpf_ppapi_policy_linux.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/sandbox_linux/bpf_gpu_policy_linux.cc
diff --git a/content/common/sandbox_linux/bpf_gpu_policy_linux.cc b/content/common/sandbox_linux/bpf_gpu_policy_linux.cc
index e54cb210909d11b6ec2ee8cc3a3cbbe8564d4de8..d6b54f8ef55abd7bd96b4565eaa0c153e6ed39cd 100644
--- a/content/common/sandbox_linux/bpf_gpu_policy_linux.cc
+++ b/content/common/sandbox_linux/bpf_gpu_policy_linux.cc
@@ -179,6 +179,8 @@ ErrorCode GpuProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox,
// We also hit this on the linux_chromeos bot but don't yet know what
// weird flags were involved.
case __NR_mprotect:
+ // TODO(jln): restrict prctl.
+ case __NR_prctl:
case __NR_sched_getaffinity:
case __NR_sched_setaffinity:
case __NR_setpriority:
« no previous file with comments | « no previous file | content/common/sandbox_linux/bpf_ppapi_policy_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698