diff options
author | rickyz <rickyz@chromium.org> | 2015-10-22 00:45:10 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-10-22 07:46:08 +0000 |
commit | d71e68da4fd871edaad91addf986bb0b40d6fdf8 (patch) | |
tree | c7017014410ec53eb80b2577b958ad4c50170748 /content/common/sandbox_linux | |
parent | 41ac341b13286149e5b9dbe600710b4ae0b60f90 (diff) | |
download | chromium_src-d71e68da4fd871edaad91addf986bb0b40d6fdf8.zip chromium_src-d71e68da4fd871edaad91addf986bb0b40d6fdf8.tar.gz chromium_src-d71e68da4fd871edaad91addf986bb0b40d6fdf8.tar.bz2 |
Allow mremap in utility processes.
mremap was being called from a safebrowsing zip unpacking process,
probably from a realloc of a large heap allocation.
BUG=546204
Review URL: https://codereview.chromium.org/1414573005
Cr-Commit-Position: refs/heads/master@{#355509}
Diffstat (limited to 'content/common/sandbox_linux')
-rw-r--r-- | content/common/sandbox_linux/bpf_utility_policy_linux.cc | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/content/common/sandbox_linux/bpf_utility_policy_linux.cc b/content/common/sandbox_linux/bpf_utility_policy_linux.cc index 56b3813..736aef1 100644 --- a/content/common/sandbox_linux/bpf_utility_policy_linux.cc +++ b/content/common/sandbox_linux/bpf_utility_policy_linux.cc @@ -27,12 +27,6 @@ UtilityProcessPolicy::~UtilityProcessPolicy() { } ResultExpr UtilityProcessPolicy::EvaluateSyscall(int sysno) const { - // TODO(mdempsky): For now, this is just a copy of the renderer - // policy, which happens to work well for utility processes too. It - // should be possible to limit further though. In particular, the - // entries below annotated with bug references are most likely - // unnecessary. - switch (sysno) { case __NR_ioctl: return sandbox::RestrictIoctl(); @@ -45,6 +39,7 @@ ResultExpr UtilityProcessPolicy::EvaluateSyscall(int sysno) const { #if defined(__i386__) || defined(__arm__) case __NR_ugetrlimit: #endif + case __NR_mremap: // https://crbug.com/546204 case __NR_pread64: case __NR_pwrite64: case __NR_sysinfo: |