diff -up chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.glibc-clock-nanosleep chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
--- chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc.glibc-clock-nanosleep	2019-12-03 11:36:08.592386976 -0500
+++ chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc	2019-12-03 11:36:34.889947958 -0500
@@ -148,7 +148,7 @@ ResultExpr EvaluateSyscallImpl(int fs_de
     return Allow();
 #endif
 
-  if (sysno == __NR_clock_gettime) {
+  if (sysno == __NR_clock_gettime || sysno == __NR_clock_nanosleep) {
     return RestrictClockID();
   }
 
diff -up chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h.glibc-clock-nanosleep chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h
--- chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h.glibc-clock-nanosleep	2019-12-03 11:36:56.808582039 -0500
+++ chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h	2019-12-03 11:37:34.944945377 -0500
@@ -86,12 +86,13 @@ SANDBOX_EXPORT bpf_dsl::ResultExpr Restr
 // process).
 SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictGetrusage();
 
-// Restrict |clk_id| for clock_getres(), clock_gettime() and clock_settime().
-// We allow accessing only CLOCK_MONOTONIC, CLOCK_PROCESS_CPUTIME_ID,
-// CLOCK_REALTIME, and CLOCK_THREAD_CPUTIME_ID.  In particular, this disallows
-// access to arbitrary per-{process,thread} CPU-time clock IDs (such as those
-// returned by {clock,pthread}_getcpuclockid), which can leak information
-// about the state of the host OS.
+// Restrict |clk_id| for clock_getres(), clock_gettime(), clock_settime(), and
+// clock_nanosleep(). We allow accessing only CLOCK_BOOTTIME,
+// CLOCK_MONOTONIC{,_RAW,_COARSE}, CLOCK_PROCESS_CPUTIME_ID,
+// CLOCK_REALTIME{,_COARSE}, and CLOCK_THREAD_CPUTIME_ID.  In particular, on
+// non-Android platforms this disallows access to arbitrary per-{process,thread}
+// CPU-time clock IDs (such as those returned by {clock,pthread}_getcpuclockid),
+// which can leak information about the state of the host OS.
 SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictClockID();
 
 // Restrict the flags argument to getrandom() to allow only no flags, or
diff -up chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.glibc-clock-nanosleep chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
--- chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc.glibc-clock-nanosleep	2019-12-03 11:37:53.752639332 -0500
+++ chromium-79.0.3945.56/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc	2019-12-03 11:38:32.802051407 -0500
@@ -35,9 +35,10 @@ bool SyscallSets::IsAllowedGettime(int s
       return true;
     case __NR_adjtimex:         // Privileged.
     case __NR_clock_adjtime:    // Privileged.
-    case __NR_clock_getres:     // Could be allowed.
-    case __NR_clock_gettime:
-    case __NR_clock_nanosleep:  // Could be allowed.
+    case __NR_clock_getres:     // Allowed only on Android with parameters
+                                // filtered by RestrictClockID().
+    case __NR_clock_gettime:    // Parameters filtered by RestrictClockID().
+    case __NR_clock_nanosleep:  // Parameters filtered by RestrictClockID().
     case __NR_clock_settime:    // Privileged.
 #if defined(__i386__) || \
     (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS))