Index: content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
diff --git a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
index 6335dfc081761655905a4d6dd2aa00ca89a487b2..b7bd3fa195e78aeed945fa25794d8908054cfa10 100644 |
--- a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
+++ b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
@@ -21,6 +21,8 @@ sandbox::ErrorCode SandboxBPFBasePolicyAndroid::EvaluateSyscall( |
bool override_and_allow = false; |
switch (sysno) { |
+ // TODO(rsesek): restrict clone parameters. |
+ case __NR_clone: |
case __NR_epoll_pwait: |
case __NR_flock: |
case __NR_getpriority: |