summaryrefslogtreecommitdiffstats
path: root/chrome
diff options
context:
space:
mode:
Diffstat (limited to 'chrome')
-rw-r--r--chrome/browser/zygote_main_linux.cc5
-rw-r--r--chrome/nacl/nacl_main_platform_delegate_linux.cc3
-rw-r--r--chrome/renderer/renderer_main_platform_delegate_linux.cc3
3 files changed, 7 insertions, 4 deletions
diff --git a/chrome/browser/zygote_main_linux.cc b/chrome/browser/zygote_main_linux.cc
index 20b0352..b4dd7be 100644
--- a/chrome/browser/zygote_main_linux.cc
+++ b/chrome/browser/zygote_main_linux.cc
@@ -50,9 +50,10 @@
#include "unicode/timezone.h"
-#if defined(ARCH_CPU_X86_FAMILY) && !defined(CHROMIUM_SELINUX)
+#if defined(ARCH_CPU_X86_FAMILY) && !defined(CHROMIUM_SELINUX) && \
+ !defined(__clang__)
// The seccomp sandbox is enabled on all ia32 and x86-64 processor as long as
-// we aren't using SELinux.
+// we aren't using SELinux or clang.
#define SECCOMP_SANDBOX
#endif
diff --git a/chrome/nacl/nacl_main_platform_delegate_linux.cc b/chrome/nacl/nacl_main_platform_delegate_linux.cc
index 0932c08..9e3acef 100644
--- a/chrome/nacl/nacl_main_platform_delegate_linux.cc
+++ b/chrome/nacl/nacl_main_platform_delegate_linux.cc
@@ -34,7 +34,8 @@ void NaClMainPlatformDelegate::EnableSandbox() {
//
// The seccomp sandbox is started in the renderer.
// http://code.google.com/p/seccompsandbox/
-#if defined(ARCH_CPU_X86_FAMILY) && !defined(CHROMIUM_SELINUX)
+#if defined(ARCH_CPU_X86_FAMILY) && !defined(CHROMIUM_SELINUX) && \
+ !defined(__clang__)
// N.b. SupportsSeccompSandbox() returns a cached result, as we already
// called it earlier in the zygote. Thus, it is OK for us to not pass in
// a file descriptor for "/proc".
diff --git a/chrome/renderer/renderer_main_platform_delegate_linux.cc b/chrome/renderer/renderer_main_platform_delegate_linux.cc
index a965ede..ad43330 100644
--- a/chrome/renderer/renderer_main_platform_delegate_linux.cc
+++ b/chrome/renderer/renderer_main_platform_delegate_linux.cc
@@ -36,7 +36,8 @@ bool RendererMainPlatformDelegate::EnableSandbox() {
//
// The seccomp sandbox is started in the renderer.
// http://code.google.com/p/seccompsandbox/
-#if defined(ARCH_CPU_X86_FAMILY) && !defined(CHROMIUM_SELINUX)
+#if defined(ARCH_CPU_X86_FAMILY) && !defined(CHROMIUM_SELINUX) && \
+ !defined(__clang__)
// N.b. SupportsSeccompSandbox() returns a cached result, as we already
// called it earlier in the zygote. Thus, it is OK for us to not pass in
// a file descriptor for "/proc".
generated by cgit v1.1 at 2025-02-13 23:43:15 +0000