diff options
Diffstat (limited to 'components')
| -rw-r--r-- | components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc b/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc index e123523..8071d4f 100644 --- a/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc +++ b/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc @@ -74,6 +74,7 @@ ErrorCode NaClBPFSandboxPolicy::EvaluateSyscall( sandbox::SandboxBPF* sb, int sysno) const { DCHECK(baseline_policy_); switch (sysno) { + case __NR_clone: // TODO(jln): restrict parameters. // TODO(jln): NaCl's GDB debug stub uses the following socket system calls, // see if it can be restricted a bit. #if defined(__x86_64__) || defined(__arm__) |