Allow mremap in utility processes.

mremap was being called from a safebrowsing zip unpacking process,
probably from a realloc of a large heap allocation.

BUG=546204

Review URL: https://codereview.chromium.org/1414573005

Cr-Commit-Position: refs/heads/master@{#355509}

1 files changed, 1 insertions, 6 deletions

diff --git a/content/common/sandbox_linux/bpf_utility_policy_linux.cc b/content/common/sandbox_linux/bpf_utility_policy_linux.cc
index 56b3813..736aef1 100644
--- a/content/common/sandbox_linux/bpf_utility_policy_linux.cc
+++ b/content/common/sandbox_linux/bpf_utility_policy_linux.cc
@@ -27,12 +27,6 @@ UtilityProcessPolicy::~UtilityProcessPolicy() {
 }
 
 ResultExpr UtilityProcessPolicy::EvaluateSyscall(int sysno) const {
-  // TODO(mdempsky): For now, this is just a copy of the renderer
-  // policy, which happens to work well for utility processes too.  It
-  // should be possible to limit further though.  In particular, the
-  // entries below annotated with bug references are most likely
-  // unnecessary.
-
   switch (sysno) {
     case __NR_ioctl:
       return sandbox::RestrictIoctl();
@@ -45,6 +39,7 @@ ResultExpr UtilityProcessPolicy::EvaluateSyscall(int sysno) const {
 #if defined(__i386__) || defined(__arm__)
     case __NR_ugetrlimit:
 #endif
+    case __NR_mremap:  // https://crbug.com/546204
     case __NR_pread64:
     case __NR_pwrite64:
     case __NR_sysinfo: