Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(133)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc

Issue 759473002: Linux sandbox: change seccomp detection and initialization. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@refactor_startsandbox
Patch Set: Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc ('k') | sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc » ('j') | sandbox/linux/seccomp-bpf/sandbox_bpf.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc
diff --git a/content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc b/content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc
index 6646e8235c21c545dfe4372b6aba94bf64553093..f9d24a29200ed667f290b564621b55573dd6ede5 100644
--- a/content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc
+++ b/content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc
@@ -158,7 +158,7 @@ void StartSandboxWithPolicy(sandbox::bpf_dsl::Policy* policy,
sandbox.SetSandboxPolicy(policy);
sandbox.set_proc_task_fd(proc_task_fd.release());
- CHECK(sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED));
+ CHECK(sandbox.StartSandbox(SandboxBPF::SECCOMP_SINGLE_THREADED));
}
// nacl_helper needs to be tiny and includes only part of content/
@@ -253,9 +253,8 @@ bool SandboxSeccompBPF::ShouldEnableSeccompBPF(
bool SandboxSeccompBPF::SupportsSandbox() {
#if defined(USE_SECCOMP_BPF)
- SandboxBPF::SandboxStatus bpf_sandbox_status =
- SandboxBPF::SupportsSeccompSandbox();
- if (bpf_sandbox_status == SandboxBPF::STATUS_AVAILABLE) {
+ int bpf_sandbox_status = SandboxBPF::SupportsSeccompSandbox();
+ if (bpf_sandbox_status & SandboxBPF::SECCOMP_SINGLE_THREADED) {
return true;
}
#endif
« no previous file with comments | « components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc ('k') | sandbox/linux/bpf_dsl/bpf_dsl_more_unittest.cc » ('j') | sandbox/linux/seccomp-bpf/sandbox_bpf.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698