-
rickyz authored
Adds a RestrictSchedTarget parameter restriction which only allows sched_* syscalls if the pid argument is the sandboxed process's pid or if the pid is 0, which means the current thread. glibc's pthread implementation sometimes calls these syscalls with pid equal to the current tid. On these calls, the policy triggers a SIGSYS, and the SIGSYS handler reruns the syscall with a pid argument of 0. R=jln@chromium.org BUG=413855 Review URL: https://codereview.chromium.org/590213003 Cr-Commit-Position: refs/heads/master@{#297059}
282ba301
