diff options
Diffstat (limited to 'chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc')
-rw-r--r-- | chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc index 4e0ad046299..d9d18822f67 100644 --- a/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +++ b/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc @@ -35,9 +35,10 @@ bool SyscallSets::IsAllowedGettime(int sysno) { return true; case __NR_adjtimex: // Privileged. case __NR_clock_adjtime: // Privileged. - case __NR_clock_getres: // Could be allowed. - case __NR_clock_gettime: - case __NR_clock_nanosleep: // Could be allowed. + case __NR_clock_getres: // Allowed only on Android with parameters + // filtered by RestrictClokID(). + case __NR_clock_gettime: // Parameters filtered by RestrictClockID(). + case __NR_clock_nanosleep: // Parameters filtered by RestrictClockID(). case __NR_clock_settime: // Privileged. #if defined(__i386__) || \ (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS)) |