| Index: sandbox/linux/seccomp-bpf/sandbox_bpf.h
|
| diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf.h b/sandbox/linux/seccomp-bpf/sandbox_bpf.h
|
| index 51f2f2469fffe4530fbdf5a9213fc34ad882eeb2..870e8a0d9cabde1bdfa159bb6dec19662e9f0775 100644
|
| --- a/sandbox/linux/seccomp-bpf/sandbox_bpf.h
|
| +++ b/sandbox/linux/seccomp-bpf/sandbox_bpf.h
|
| @@ -130,6 +130,10 @@ class SANDBOX_EXPORT SandboxBPF {
|
| // entire sandbox should be considered compromised.
|
| ErrorCode UnsafeTrap(Trap::TrapFnc fnc, const void* aux);
|
|
|
| + // UnsafeTraps require some syscalls to always be allowed.
|
| + // This helper function returns true for these calls.
|
| + static bool IsRequiredForUnsafeTrap(int sysno);
|
| +
|
| // From within an UnsafeTrap() it is often useful to be able to execute
|
| // the system call that triggered the trap. The ForwardSyscall() method
|
| // makes this easy. It is more efficient than calling glibc's syscall()
|
|
|
Chromium Code Reviews
Issue 524603002:
sandbox: Fix RedirectToUserSpacePolicyWrapper (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master