Add an initial Linux GPU sandbox using the seccomp filter framework.

content/gpu/gpu_main.cc

Index: content/gpu/gpu_main.cc
===================================================================
--- content/gpu/gpu_main.cc	(revision 131872)
+++ content/gpu/gpu_main.cc	(working copy)
@@ -10,6 +10,7 @@
 
 #include "base/environment.h"
 #include "base/message_loop.h"
+#include "base/rand_util.h"
 #include "base/stringprintf.h"
 #include "base/threading/platform_thread.h"
 #include "base/win/scoped_com_initializer.h"
@@ -37,6 +38,10 @@
 #include "ui/gfx/gtk_util.h"
 #endif
 
+#if defined(OS_LINUX)
+#include "content/public/common/sandbox_init.h"
+#endif
+
 // Main function for starting the Gpu process.
 int GpuMain(const content::MainFunctionParams& parameters) {
   base::Time start_time = base::Time::Now();
@@ -100,6 +105,18 @@
     dead_on_arrival = true;
   }
 
+#if defined(OS_LINUX)
+  // TODO(cevans): eventually this will be removed when we have tested all
+  // cards and drivers.
+  if (gpu_info.vendor_id == 0x1002) {  // ATI

[Will Drewry, 2012/04/12 01:08:56]

Any chance we can get intel in here?

[Chris Evans, 2012/04/12 18:42:49]

Yes, and imminently, but not for this first patch. I'm going to test each card
before throwing it in :)
Ideally, someone with a CrOS device + patched kernel could test this. Happy to
add a command line flag if it would help.

+    // Warm up the random system before sandboxing. The numbers are arbitrary.
+    (void) base::RandInt(0, 1337);

[apatrick_chromium, 2012/04/12 18:36:46]

We warm up rand on windows as well. Maybe just do it on all platforms?

+    // Initialize the sandbox here because it's after the card has been
+    // opened ("privileged" operation) but before we've kicked off any threads.
+    content::InitializeSandbox();
+  }
+#endif
+
   base::win::ScopedCOMInitializer com_initializer;
 
 #if defined(OS_WIN)