Chromium Code Reviews Chromium Code Reviews
Issue 117803002:
Make building seccomp-bpf a GYP condition (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: components/nacl/loader/nacl_sandbox_linux.cc |
| diff --git a/components/nacl/loader/nacl_sandbox_linux.cc b/components/nacl/loader/nacl_sandbox_linux.cc |
| index 14ba18ff53ebc76ef88f31ac424ab0908bbb9544..4cddf5034e9927af61b97e0340d0b1a3e92709be 100644 |
| --- a/components/nacl/loader/nacl_sandbox_linux.cc |
| +++ b/components/nacl/loader/nacl_sandbox_linux.cc |
| @@ -13,6 +13,8 @@ |
| #include "base/compiler_specific.h" |
| #include "base/logging.h" |
| #include "build/build_config.h" |
| + |
| +#if defined(USE_SECCOMP_BPF) |
| #include "content/public/common/sandbox_init.h" |
| #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" |
| @@ -151,12 +153,22 @@ void RunSandboxSanityChecks() { |
| } // namespace |
| +#else |
| + |
| +#if !defined(ARCH_CPU_MIPS_FAMILY) |
| +#error "Seccomp-bpf disabled on supported architecture!" |
| +#endif // !!defined(ARCH_CPU_MIPS_FAMILY) |
|
Mark Seaborn
2013/12/18 08:10:21
Nit: Just "!defined" (but a closing comment is rat
jln (very slow on Chromium)
2013/12/19 00:00:19
Done.
|
| + |
| +#endif // defined(USE_SECCOMP_BPF) |
| + |
| bool InitializeBPFSandbox() { |
| +#if defined(USE_SECCOMP_BPF) |
| bool sandbox_is_initialized = content::InitializeSandbox( |
| scoped_ptr<SandboxBPFPolicy>(new NaClBPFSandboxPolicy())); |
| if (sandbox_is_initialized) { |
| RunSandboxSanityChecks(); |
| return true; |
| } |
| +#endif // defined(USE_SECCOMP_BPF) |
| return false; |
|
Mark Seaborn
2013/12/18 08:10:21
Hmm, as an aside (which does not affect this chang
jln (very slow on Chromium)
2013/12/19 00:00:19
No, and it was a clear TODO (crbug.com/270914), bu
|
| } |
