Revert 149692 - Create a LinuxSandbox class.

r149692 broke ChromiumOS (tegra2) build.

The LinuxSandbox class aims to become the central place for Linux
sandboxing inside content/.

For now, this refactors mostly code from the Zygote.

BUG=
NOTRY=true


Review URL: https://chromiumcodereview.appspot.com/10826093

TBR=jln@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10837081

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149705 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 11 insertions, 1 deletions

diff --git a/content/zygote/zygote_linux.h b/content/zygote/zygote_linux.h
index a093855..859bb37 100644
--- a/content/zygote/zygote_linux.h
+++ b/content/zygote/zygote_linux.h
@@ -10,6 +10,7 @@
 
 #include "base/hash_tables.h"
 #include "base/process.h"
+#include "content/common/seccomp_sandbox.h"
 
 class Pickle;
 class PickleIterator;
@@ -23,8 +24,12 @@ class ZygoteForkDelegate;
 // runs it.
 class Zygote {
  public:
+  // The proc_fd_for_seccomp should be a file descriptor to /proc under the
+  // seccomp sandbox. This is not needed when not using seccomp, and should be
+  // -1 in those cases.
   Zygote(int sandbox_flags,
-         ZygoteForkDelegate* helper);
+         ZygoteForkDelegate* helper,
+         int proc_fd_for_seccomp);
   ~Zygote();
 
   bool ProcessRequests();
@@ -93,6 +98,11 @@ class Zygote {
   const int sandbox_flags_;
   ZygoteForkDelegate* helper_;
 
+#if defined(SECCOMP_SANDBOX)
+  // File descriptor to proc under seccomp, -1 when not using seccomp.
+  int proc_fd_for_seccomp_;
+#endif
+
   // These might be set by helper_->InitialUMA. They supply a UMA enumeration
   // sample we should report on the first fork.
   std::string initial_uma_name_;