Add namespace sandbox status to LinuxSandbox::GetStatus.

content/common/sandbox_linux/sandbox_linux.cc

Index: content/common/sandbox_linux/sandbox_linux.cc
diff --git a/content/common/sandbox_linux/sandbox_linux.cc b/content/common/sandbox_linux/sandbox_linux.cc
index 480b2654f3df2bf79eea18923bfbcbee6c262002..998a0fe0b49fda8f1fac98a425d01f800cef2d6b 100644
--- a/content/common/sandbox_linux/sandbox_linux.cc
+++ b/content/common/sandbox_linux/sandbox_linux.cc
@@ -32,6 +32,7 @@
 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/sandbox_linux.h"
+#include "sandbox/linux/services/namespace_sandbox.h"
 #include "sandbox/linux/services/proc_util.h"
 #include "sandbox/linux/services/thread_helpers.h"
 #include "sandbox/linux/services/yama.h"
@@ -115,8 +116,7 @@ LinuxSandbox::LinuxSandbox()
       seccomp_bpf_with_tsync_supported_(false),
       yama_is_enforcing_(false),
       initialize_sandbox_ran_(false),
-      setuid_sandbox_client_(sandbox::SetuidSandboxClient::Create())
-{
+      setuid_sandbox_client_(sandbox::SetuidSandboxClient::Create()) {
   if (setuid_sandbox_client_ == NULL) {
     LOG(FATAL) << "Failed to instantiate the setuid sandbox client.";
   }
@@ -213,6 +213,12 @@ int LinuxSandbox::GetStatus() {
         sandbox_status_flags_ |= kSandboxLinuxPIDNS;
       if (setuid_sandbox_client_->IsInNewNETNamespace())
         sandbox_status_flags_ |= kSandboxLinuxNetNS;
+    } else if (sandbox::NamespaceSandbox::InNewUserNamespace()) {
+      sandbox_status_flags_ |= kSandboxLinuxUserNS;
+      if (sandbox::NamespaceSandbox::InNewPidNamespace())
+        sandbox_status_flags_ |= kSandboxLinuxPIDNS;
+      if (sandbox::NamespaceSandbox::InNewNetNamespace())
+        sandbox_status_flags_ |= kSandboxLinuxNetNS;
     }
 
     // We report whether the sandbox will be activated when renderers, workers