Comment 3 for bug 1969141

Limited use for sys_kcmp (aka the kcmp() system call) was added to the base template in https://github.com/snapcore/snapd/pull/12673 - this should be available in snapd >= 2.60 if you want to try testing that snapd version with chromium

The sched_setattr() is a known limitation of the current snapd seccomp sandbox where a snap can set the scheduling policy for a given thread *by that same thread* only - so if some coordinator thread wants to set the policy for a child thread that will be denied unfortunately. But this is usually just noise and does not impact the application in general.

Currently no snapd interface nor the base template itself provides access to the pkey system calls so this is a missing feature of snapd.