Fix duplicate symbol in ARM build of nacl_helper_nonsfi_unittests

components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Sanitizers internally use some syscalls which non-SFI NaCl disallows.
 #if !defined(ADDRESS_SANITIZER) && !defined(THREAD_SANITIZER) && \
     !defined(MEMORY_SANITIZER) && !defined(LEAK_SANITIZER)
 
 #include "components/nacl/loader/nonsfi/nonsfi_sandbox.h"
 
@@ skipping 182 matching lines @@
 }
 
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                  prctl_SET_DUMPABLE,
                  DEATH_SEGV_MESSAGE(
                      sandbox::GetPrctlErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   syscall(__NR_prctl, PR_SET_DUMPABLE, 1UL);
 }
 
-#if defined(OS_NACL_NONSFI)
+#if defined(OS_NACL_NONSFI) || defined(__x86_64__) || defined(__arm__)
 BPF_DEATH_TEST_C(NaClNonsfiSandboxTest,
                  socketpair,

[Mark Seaborn, 2015/05/27 21:40:35]

Rather than your current change...

Maybe rename to socketpair_af_unix_disallowed, to avoid the clash?

[Sam Clegg, 2015/05/27 22:30:20]

Done.

                  DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   int tmp_fds[2];
   socketpair(AF_UNIX, SOCK_STREAM, 0, tmp_fds);
 }
-#else
+#endif
+
+#if !defined(OS_NACL_NONSFI)
 BPF_TEST_C(NaClNonSfiSandboxTest,
            socketcall_allowed,
            nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   base::ScopedFD fds[2];
   struct msghdr msg = {};
   struct iovec iov;
   std::string payload("foo");
   iov.iov_base = &payload[0];
   iov.iov_len = payload.size();
   msg.msg_iov = &iov;
@@ skipping 164 matching lines @@
                  DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
 #if defined(__i386__)
   uintptr_t args[] = {0, 0, 0};
   syscall(__NR_socketcall, SYS_SOCKET, args);
 #else
   syscall(__NR_socket, 0, 0, 0);
 #endif
 }
 
-#if defined(__x86_64__) || defined(__arm__)

[Mark Seaborn, 2015/05/27 21:40:35]

Maybe add comment to explain background:

The arguments to socketpair() are passed in registers on these architectures and
so can be filtered.  We don't apply this check on x86-32 where the arguments are
passed in memory.

[Sam Clegg, 2015/05/27 22:30:20]

Done.

-BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
-                 socketpair,

[Mark Seaborn, 2015/05/27 21:40:35]

Maybe rename to socketpair_af_inet_disallowed, to avoid the clash?

[Sam Clegg, 2015/05/27 22:30:20]

Done.

-                 DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
-                 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
-  int fds[2];
-  socketpair(AF_INET, SOCK_STREAM, 0, fds);
-}
-#endif
-
 BPF_TEST_C(NaClNonSfiSandboxTest,
            fcntl_SETFD_allowed,
            nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   base::ScopedFD fds[2];
   DoPipe(fds);
   BPF_ASSERT_EQ(0, fcntl(fds[0].get(), F_SETFD, FD_CLOEXEC));
 }
 
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                  fcntl_SETFD,
@@ skipping 258 matching lines @@
 RESTRICT_SYSCALL_EPERM_TEST(ptrace);
 RESTRICT_SYSCALL_EPERM_TEST(set_robust_list);
 #if defined(__i386__) || defined(__x86_64__)
 RESTRICT_SYSCALL_EPERM_TEST(time);
 #endif
 
 }  // namespace
 
 #endif  // !ADDRESS_SANITIZER && !THREAD_SANITIZER &&
         // !MEMORY_SANITIZER && !LEAK_SANITIZER