Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(40)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 10389201: Change the sandbox API to require passing in a copy of /proc instead of (Closed)

Created:
8 years, 7 months ago by Markus (顧孟勤)
Modified:
8 years, 7 months ago
CC:
chromium-reviews, Markus (顧孟勤), Mark Seaborn
Visibility:
Public.

Description

Change the sandbox API to require passing in a copy of /proc instead of /proc/self. This allows "SupportsSeccompSandbox()" to work correctly, even after it had to "fork()". Otherwise, the old "/proc/self" would point to the parent process, and some kernels don't allow accessing it from the child (even though it is still a valid file descriptor; it just stops working). BUG=n/a TEST=make test Committed: https://code.google.com/p/seccompsandbox/source/detail?r=184

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+18 lines, -18 lines) Patch
M sandbox.h View 1 chunk +2 lines, -2 lines 0 comments Download
M sandbox.cc View 5 chunks +11 lines, -11 lines 0 comments Download
M sandbox_impl.h View 3 chunks +5 lines, -5 lines 0 comments Download

Messages

Total messages: 2 (0 generated)
Markus (顧孟勤)
This is a changelist in preparation for support BPF filters. We want to make sure ...
8 years, 7 months ago (2012-05-18 01:08:27 UTC) #1
jln (very slow on Chromium)
8 years, 7 months ago (2012-05-18 01:30:35 UTC) #2 
On 2012/05/18 01:08:27, Markus (顧孟勤) wrote:
> This is a changelist in preparation for support BPF filters. We want to make
> sure we have the same API for both the old and the new sandbox.

LGTM

Powered by Google App Engine
This is Rietveld 408576698