Create a class for seccomp-bpf sandboxing in content.

content/common/sandbox_seccomp_bpf_linux.h

Index: content/common/sandbox_seccomp_bpf_linux.h
diff --git a/content/common/sandbox_seccomp_bpf_linux.h b/content/common/sandbox_seccomp_bpf_linux.h
new file mode 100644
index 0000000000000000000000000000000000000000..694797d3e98796692d220680bbda917303de7683
--- /dev/null
+++ b/content/common/sandbox_seccomp_bpf_linux.h
@@ -0,0 +1,31 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_COMMON_SANDBOX_SECCOMP_BPF_LINUX_H_
+#define CONTENT_COMMON_SANDBOX_SECCOMP_BPF_LINUX_H_
+
+#include "base/basictypes.h"
+
+namespace content {
+
+class SandboxSeccompBpf {
+ public:
+  // Is the sandbox globally enabled, can anything use it at all ?
+  static bool IsSeccompBpfDesired();
+  // Should the sandbox be enabled for process_type ?
+  static bool ShouldEnableSeccompBpf(const std::string& process_type);
+  // Check if the kernel supports this sandbox. It's useful to "prewarm"
+  // this, part of the result will be cached.
+  static bool SupportsSandbox();
+  // Start the sandbox and apply the policy for process_type.
+  static bool StartSandbox(const std::string& process_type);
+
+ private:
+  DISALLOW_IMPLICIT_CONSTRUCTORS(SandboxSeccompBpf);
+};
+
+}  // namespace content
+
+#endif  // CONTENT_COMMON_SANDBOX_SECCOMP_BPF_LINUX_H_
+