WIP: Implement seccomp-bpf sandbox for nacl_helper_nonsfi.

sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc

Index: sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
index c081b29cad7a142725b86cb2f39fdff7d27abd5a..1b451de1822421e8309b82d355684b1bbd763c41 100644
--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
@@ -7,11 +7,8 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <fcntl.h>
-#include <linux/futex.h>
-#include <linux/net.h>
 #include <sched.h>
 #include <signal.h>
-#include <sys/ioctl.h>
 #include <sys/mman.h>
 #include <sys/prctl.h>
 #include <sys/resource.h>
@@ -27,11 +24,18 @@
 #include "base/time/time.h"
 #include "build/build_config.h"
 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
-#include "sandbox/linux/bpf_dsl/seccomp_macros.h"
 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
 #include "sandbox/linux/system_headers/linux_syscalls.h"
 
+#if !defined(OS_NACL_NONSFI)
+// TODO
+#include <linux/futex.h>
+#include <linux/net.h>
+#include <sys/ioctl.h>
+#include "sandbox/linux/bpf_dsl/seccomp_macros.h"
+#endif
+
 #if defined(OS_ANDROID)
 
 #include "sandbox/linux/system_headers/android_futex.h"
@@ -52,6 +56,11 @@
 
 #endif  // defined(OS_ANDROID)
 
+#if !defined(PR_SET_NAME)
+// TODO
+#define PR_SET_NAME 15
+#endif
+
 #if defined(__arm__) && !defined(MAP_STACK)
 #define MAP_STACK 0x20000  // Daisy build environment has old headers.
 #endif
@@ -145,6 +154,7 @@ ResultExpr RestrictPrctl() {
       .Default(CrashSIGSYSPrctl());
 }
 
+#if !defined(OS_NACL_NONSFI)
 ResultExpr RestrictIoctl() {
   const Arg<int> request(1);
   return Switch(request).CASES((TCGETS, FIONREAD), Allow()).Default(
@@ -163,6 +173,7 @@ ResultExpr RestrictMmapFlags() {
   const Arg<int> flags(3);
   return If((flags & ~kAllowedMask) == 0, Allow()).Else(CrashSIGSYS());
 }
+#endif
 
 ResultExpr RestrictMprotectFlags() {
   // The flags you see are actually the allowed ones, and the variable is a
@@ -174,6 +185,7 @@ ResultExpr RestrictMprotectFlags() {
   return If((prot & ~kAllowedMask) == 0, Allow()).Else(CrashSIGSYS());
 }
 
+#if !defined(OS_NACL_NONSFI)
 ResultExpr RestrictFcntlCommands() {
   // We also restrict the flags in F_SETFL. We don't want to permit flags with
   // a history of trouble such as O_DIRECT. The flags you see are actually the
@@ -203,8 +215,10 @@ ResultExpr RestrictFcntlCommands() {
             If((long_arg & ~kAllowedMask) == 0, Allow()).Else(CrashSIGSYS()))
       .Default(CrashSIGSYS());
 }
+#endif
 
 #if defined(__i386__) || defined(__mips__)
+#if !defined(OS_NACL_NONSFI)
 ResultExpr RestrictSocketcallCommand() {
   // Unfortunately, we are unable to restrict the first parameter to
   // socketpair(2). Whilst initially sounding bad, it's noteworthy that very
@@ -224,6 +238,7 @@ ResultExpr RestrictSocketcallCommand() {
       .Default(Error(EPERM));
 }
 #endif
+#endif
 
 ResultExpr RestrictKillTarget(pid_t target_pid, int sysno) {
   switch (sysno) {
@@ -240,6 +255,8 @@ ResultExpr RestrictKillTarget(pid_t target_pid, int sysno) {
   }
 }
 
+#if !defined(OS_NACL_NONSFI)
+// TODO
 ResultExpr RestrictFutex() {
   const uint64_t kAllowedFutexFlags = FUTEX_PRIVATE_FLAG | FUTEX_CLOCK_REALTIME;
   const Arg<int> op(1);
@@ -254,7 +271,9 @@ ResultExpr RestrictFutex() {
              Allow())
       .Default(CrashSIGSYSFutex());
 }
+#endif
 
+#if !defined(OS_NACL_NONSFI)
 ResultExpr RestrictGetSetpriority(pid_t target_pid) {
   const Arg<int> which(0);
   const Arg<int> who(1);
@@ -262,6 +281,7 @@ ResultExpr RestrictGetSetpriority(pid_t target_pid) {
             If(who == 0 || who == target_pid, Allow()).Else(Error(EPERM)))
       .Else(CrashSIGSYS());
 }
+#endif
 
 ResultExpr RestrictClockID() {
   static_assert(4 == sizeof(clockid_t), "clockid_t is not 32bit");