mirror of
https://github.com/klzgrad/naiveproxy.git
synced 2025-02-26 20:03:26 +03:00
22 lines
939 B
Plaintext
22 lines
939 B
Plaintext
# Copyright 2016 The Chromium Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
import("//build/config/nacl/config.gni")
|
|
|
|
# The seccomp-bpf sandbox is only supported on six architectures
|
|
# currently.
|
|
# Do not disable seccomp_bpf anywhere without talking to
|
|
# security@chromium.org!
|
|
use_seccomp_bpf = (is_linux || is_chromeos || is_android) &&
|
|
(current_cpu == "x86" || current_cpu == "x64" ||
|
|
current_cpu == "arm" || current_cpu == "arm64" ||
|
|
current_cpu == "mipsel" || current_cpu == "mips64el")
|
|
|
|
use_seccomp_bpf = use_seccomp_bpf || is_nacl_nonsfi
|
|
|
|
# SSBD (Speculative Store Bypass Disable) is a mitigation of Spectre Variant 4.
|
|
# As Spectre Variant 4 can be mitigated by site isolation, opt-out SSBD on site
|
|
# isolation fully applied platform.
|
|
disable_seccomp_ssbd = use_seccomp_bpf && !is_android
|