Update To 11.40.268.0

[platform/framework/web/crosswalk.git] / src / content / common / sandbox_linux / bpf_gpu_policy_linux.h

diff --git a/src/content/common/sandbox_linux/bpf_gpu_policy_linux.h b/src/content/common/sandbox_linux/bpf_gpu_policy_linux.h
index 63d0f58..aae79c1 100644 (file)
--- a/src/content/common/sandbox_linux/bpf_gpu_policy_linux.h
+++ b/src/content/common/sandbox_linux/bpf_gpu_policy_linux.h
@@ -20,12 +20,13 @@ namespace content {
 class GpuProcessPolicy : public SandboxBPFBasePolicy {
  public:
   GpuProcessPolicy();
-  virtual ~GpuProcessPolicy();
+  explicit GpuProcessPolicy(bool allow_mincore);
+  ~GpuProcessPolicy() override;
 
-  virtual sandbox::bpf_dsl::ResultExpr EvaluateSyscall(
-      int system_call_number) const OVERRIDE;
+  sandbox::bpf_dsl::ResultExpr EvaluateSyscall(
+      int system_call_number) const override;
 
-  virtual bool PreSandboxHook() OVERRIDE;
+  bool PreSandboxHook() override;
 
  protected:
   // Start a broker process to handle open() inside the sandbox.
@@ -35,8 +36,7 @@ class GpuProcessPolicy : public SandboxBPFBasePolicy {
   // names that should be whitelisted by the broker process, in addition to
   // the basic ones.
   void InitGpuBrokerProcess(
-      sandbox::bpf_dsl::SandboxBPFDSLPolicy* (*broker_sandboxer_allocator)(
-          void),
+      sandbox::bpf_dsl::Policy* (*broker_sandboxer_allocator)(void),
       const std::vector<std::string>& read_whitelist_extra,
       const std::vector<std::string>& write_whitelist_extra);
 
@@ -51,6 +51,10 @@ class GpuProcessPolicy : public SandboxBPFBasePolicy {
   // This is allocated by InitGpuBrokerProcess, called from PreSandboxHook(),
   // which executes iff the sandbox is going to be enabled afterwards.
   sandbox::BrokerProcess* broker_process_;
+
+  // eglCreateWindowSurface() needs mincore().
+  bool allow_mincore_;
+
   DISALLOW_COPY_AND_ASSIGN(GpuProcessPolicy);
 };