--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -709,16 +709,20 @@ public:
     case __NR_writev:
     case __NR_pread64:
 #ifdef DESKTOP
     case __NR_pwrite64:
     case __NR_readahead:
 #endif
       return Allow();
 
+#ifdef MOZ_ALSA
+    case __NR_ioctl:
+      return Allow();
+#else
     case __NR_ioctl: {
       static const unsigned long kTypeMask = _IOC_TYPEMASK << _IOC_TYPESHIFT;
       static const unsigned long kTtyIoctls = TIOCSTI & kTypeMask;
       // On some older architectures (but not x86 or ARM), ioctls are
       // assigned type fields differently, and the TIOC/TC/FIO group
       // isn't all the same type.  If/when we support those archs,
       // this would need to be revised (but really this should be a
       // default-deny policy; see below).
@@ -737,16 +741,17 @@ public:
         // Bug 1408498: libgio uses FIONREAD on inotify fds.
         // (We should stop using inotify: bug 1408497.)
         .ElseIf(request == FIONREAD, Allow())
         // Allow anything that isn't a tty ioctl, for now; bug 1302711
         // will cover changing this to a default-deny policy.
         .ElseIf(shifted_type != kTtyIoctls, Allow())
         .Else(SandboxPolicyCommon::EvaluateSyscall(sysno));
     }
+#endif // !MOZ_ALSA
 
     CASES_FOR_fcntl:
       // Some fcntls have significant side effects like sending
       // arbitrary signals, and there's probably nontrivial kernel
       // attack surface; this should be locked down more if possible.
       return Allow();
 
     case __NR_mprotect: