Make a small change to the API. Instead of passing in a file

sandbox_impl.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef SANDBOX_IMPL_H__
 #define SANDBOX_IMPL_H__
 
 #include <asm/ldt.h>
 #include <errno.h>
 #include <fcntl.h>
@@ skipping 54 matching lines @@
 class Sandbox {
   // TODO(markus): restrict access to our private file handles
  public:
   enum { kMaxThreads = 100 };
 
 
   // There are a lot of reasons why the Seccomp sandbox might not be available.
   // This could be because the kernel does not support Seccomp mode, or it
   // could be because we fail to successfully rewrite all system call entry
   // points.
-  // "proc_fd" should be a file descriptor for "/proc", or -1 if not provided
-  // by the caller.
-  static int supportsSeccompSandbox(int proc_fd)
+  // "proc_self" should be a file descriptor for "/proc/self", or -1 if not
+  // provided by the caller.
+  static int supportsSeccompSandbox(int proc_self)
                                          asm("SupportsSeccompSandbox");
 
   // The sandbox needs to be able to access "/proc/self/maps". If this file
   // is not accessible when "startSandbox()" gets called, the caller can
-  // provide an already opened file descriptor by calling "setProcSelfMaps()".
+  // provide an already opened file descriptor by calling "setProcSelf()".
   // The sandbox becomes the newer owner of this file descriptor and will
-  // eventually close it when "startSandbox()" executes.
-  static void setProcSelfMaps(int proc_self_maps)
-                                         asm("SeccompSandboxSetProcSelfMaps");
+  // eventually close it when "startSandbox()" executes. But if the caller
+  // never ends up calling startSandbox(), then the caller must close the
+  // file descriptor.
+  static void setProcSelf(int proc_self) asm("SeccompSandboxSetProcSelf");
 
   // This is the main public entry point. It finds all system calls that
   // need rewriting, sets up the resources needed by the sandbox, and
   // enters Seccomp mode.
   static void startSandbox()             asm("StartSeccompSandbox");
 
   // TODO(mseaborn): Consider re-instating this declaration.
   // private:
 
   struct RequestHeader {
@@ skipping 538 matching lines @@
                                                      __attribute__((noreturn));
 
   // Fork()s of the trusted process.
   static SecureMem::Args* createTrustedProcess(int processFdPub, int sandboxFd,
                                                int cloneFdPub, int cloneFd);
 
   // Creates the trusted thread for the initial thread, then enables
   // Seccomp mode.
   static void  createTrustedThread(SecureMem::Args* secureMem);
 
+  static int   proc_self_;
   static int   proc_self_maps_;
   static enum SandboxStatus {
     STATUS_UNKNOWN, STATUS_UNSUPPORTED, STATUS_AVAILABLE, STATUS_ENABLED
   }            status_;
   static int   pid_;
   static int   processFdPub_;
   static int   cloneFdPub_ asm("playground$cloneFdPub") INTERNAL;
 
   #ifdef __i386__
   struct SocketCallArgInfo;
@@ skipping 25 matching lines @@
 extern struct SandboxPolicy g_policy;
 
 typedef void (*CreateTrustedThreadFunc)(SecureMem::Args* secureMem);
 extern CreateTrustedThreadFunc g_create_trusted_thread;
 
 } // namespace
 
 using playground::Sandbox;
 
 #endif // SANDBOX_IMPL_H__