Non-SFI mode: Remove old Non-SFI code.

components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Sanitizers internally use some syscalls which non-SFI NaCl disallows.
 #if !defined(ADDRESS_SANITIZER) && !defined(THREAD_SANITIZER) && \
     !defined(MEMORY_SANITIZER) && !defined(LEAK_SANITIZER)
 
 #include "components/nacl/loader/nonsfi/nonsfi_sandbox.h"
 
@@ skipping 182 matching lines @@
 }
 
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                  prctl_SET_DUMPABLE,
                  DEATH_SEGV_MESSAGE(
                      sandbox::GetPrctlErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   syscall(__NR_prctl, PR_SET_DUMPABLE, 1UL);
 }
 
-#if defined(OS_NACL_NONSFI)
 BPF_DEATH_TEST_C(NaClNonsfiSandboxTest,
                  socketpair_af_unix_disallowed,
                  DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   int tmp_fds[2];
   socketpair(AF_UNIX, SOCK_STREAM, 0, tmp_fds);
 }
-#else
-BPF_TEST_C(NaClNonSfiSandboxTest,
-           socketcall_allowed,
-           nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
-  base::ScopedFD fds[2];
-  struct msghdr msg = {};
-  struct iovec iov;
-  std::string payload("foo");
-  iov.iov_base = &payload[0];
-  iov.iov_len = payload.size();
-  msg.msg_iov = &iov;
-  msg.msg_iovlen = 1;
-  DoSocketpair(fds);
-  BPF_ASSERT_EQ(static_cast<int>(payload.size()),
-                HANDLE_EINTR(sendmsg(fds[1].get(), &msg, 0)));
-  BPF_ASSERT_EQ(static_cast<int>(payload.size()),
-                HANDLE_EINTR(recvmsg(fds[0].get(), &msg, 0)));
-  BPF_ASSERT_EQ(0, shutdown(fds[0].get(), SHUT_RDWR));
-}
-#endif
 
 // On arm and x86_64 the arguments to socketpair are passed in registers,
 // so they can be filtered by seccomp-bpf.  This filter cannot be applied
 // on x86_32 as the arguments are passed in memory.
 #if defined(__x86_64__) || defined(__arm__)
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                  socketpair_af_inet_disallowed,
                  DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   int fds[2];
@@ skipping 198 matching lines @@
                  DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   base::ScopedFD fds[2];
   DoPipe(fds);
   fcntl(fds[0].get(), F_SETFL, O_APPEND);
 }
 
 void DoFcntl(int fd, int cmd) {
   // fcntl in PNaCl toolchain returns an error without calling actual system
   // call for unknown |cmd|. So, instead, here we use syscall().
-#if defined(OS_NACL_NONSFI)
   syscall(__NR_fcntl64, fd, cmd);
-#else
-  fcntl(fd, cmd);
-#endif
 }
 
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                  fcntl_DUPFD,
                  DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   DoFcntl(0, F_DUPFD);
 }
 
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
@@ skipping 32 matching lines @@
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                  FutexWithUnlockPIPrivate,
                  DEATH_SEGV_MESSAGE(
                      sandbox::GetFutexErrorMessageContentForTests()),
                  nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   syscall(__NR_futex, NULL, FUTEX_UNLOCK_PI_PRIVATE, 0, NULL, NULL, 0);
   _exit(1);
 }
 
 void* DoMmap(int prot, int flags) {
-#if defined(OS_NACL_NONSFI)
   // When PROT_EXEC is set, PNaCl toolchain's mmap() system call wrapper uses
   // two system calls mmap2(2) and mprotect(2), so that we cannot test
   // sandbox with the wrapper. Instead, here we use syscall().
   return reinterpret_cast<void*>(
       syscall(__NR_mmap2, NULL, getpagesize(), prot, flags, -1, 0));
-#else
-  return mmap(NULL, getpagesize(), prot, flags, -1, 0);
-#endif
 }
 
 void* DoAllowedAnonymousMmap() {
   return DoMmap(PROT_READ | PROT_WRITE, MAP_ANONYMOUS | MAP_SHARED);
 }
 
 BPF_TEST_C(NaClNonSfiSandboxTest,
            mmap_allowed,
            nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   void* ptr = DoAllowedAnonymousMmap();
@@ skipping 63 matching lines @@
   BPF_ASSERT_NE(MAP_FAILED, ptr);
   mprotect(ptr, getpagesize(), PROT_READ | PROT_GROWSDOWN);
 }
 
 BPF_TEST_C(NaClNonSfiSandboxTest,
            brk,
            nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
   char* next_brk = static_cast<char*>(sbrk(0)) + getpagesize();
   // The kernel interface must return zero for brk.
   BPF_ASSERT_EQ(0, syscall(__NR_brk, next_brk));
   // The libc wrapper translates it to ENOMEM.

[Mark Seaborn, 2015/10/15 18:10:11]

This comment applies to the code being removed, I think, so it can be removed
too.

[hidehiko, 2015/10/19 04:39:18]

Done.

-
-  // Note: PNaCl toolchain does not provide brk() system call wrapper.
-#if !defined(OS_NACL_NONSFI)
-  errno = 0;
-  BPF_ASSERT_EQ(-1, brk(next_brk));
-  BPF_ASSERT_EQ(ENOMEM, errno);
-#endif
 }
 
 // clockid restrictions are mostly tested in sandbox/ with the
 // RestrictClockID() unittests. Some basic tests are duplicated here as
 // a precaution.
 
 void CheckClock(clockid_t clockid) {
   struct timespec ts;
   ts.tv_sec = ts.tv_nsec = -1;
   BPF_ASSERT_EQ(0, clock_gettime(clockid, &ts));
@@ skipping 121 matching lines @@
 RESTRICT_SYSCALL_EPERM_TEST(ptrace);
 RESTRICT_SYSCALL_EPERM_TEST(set_robust_list);
 #if defined(__i386__) || defined(__x86_64__)
 RESTRICT_SYSCALL_EPERM_TEST(time);
 #endif
 
 }  // namespace
 
 #endif  // !ADDRESS_SANITIZER && !THREAD_SANITIZER &&
         // !MEMORY_SANITIZER && !LEAK_SANITIZER