summaryrefslogtreecommitdiff
path: root/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
diff options
context:
space:
mode:
Diffstat (limited to 'chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc')
-rw-r--r--chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc7
1 files changed, 4 insertions, 3 deletions
diff --git a/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
index 4e0ad046299..d9d18822f67 100644
--- a/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+++ b/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
@@ -35,9 +35,10 @@ bool SyscallSets::IsAllowedGettime(int sysno) {
return true;
case __NR_adjtimex: // Privileged.
case __NR_clock_adjtime: // Privileged.
- case __NR_clock_getres: // Could be allowed.
- case __NR_clock_gettime:
- case __NR_clock_nanosleep: // Could be allowed.
+ case __NR_clock_getres: // Allowed only on Android with parameters
+ // filtered by RestrictClokID().
+ case __NR_clock_gettime: // Parameters filtered by RestrictClockID().
+ case __NR_clock_nanosleep: // Parameters filtered by RestrictClockID().
case __NR_clock_settime: // Privileged.
#if defined(__i386__) || \
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS))
View Lorry Controller Status