Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(552)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc

Issue 493603003: sandbox: Update known syscalls to kernel 3.17 (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | sandbox/linux/seccomp-bpf-helpers/syscall_sets.h » ('j') | sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
index 7f4d5590cf86616b006ccc4b04571710deb9c939..333be6f9a18db8f7d61214aaa65b484b914fcb1c 100644
--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -52,7 +52,8 @@ bool IsBaselinePolicyAllowed(int sysno) {
#if defined(__mips__)
SyscallSets::IsMipsPrivate(sysno) ||
#endif
- SyscallSets::IsAllowedOperationOnFd(sysno);
+ SyscallSets::IsAllowedOperationOnFd(sysno) ||
+ SyscallSets::IsSeccomp(sysno);
jln (very slow on Chromium) 2014/08/21 23:38:01 We should not allow this system call in general. T
leecam 2014/08/21 23:57:13 Yeah I guess once its set we shouldn't allow it ag
}
// System calls that will trigger the crashing SIGSYS handler.
« no previous file with comments | « no previous file | sandbox/linux/seccomp-bpf-helpers/syscall_sets.h » ('j') | sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698