Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(318)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc

Issue 1409633002: Non-SFI mode: Remove old Non-SFI code. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc ('K') | « components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc
diff --git a/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc b/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc
index 4ff1d4c076dcf71f5f7df6013fcc1c9452407843..070d379ca74a565dc2b6250c481701f237baae68 100644
--- a/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc
+++ b/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc
@@ -23,7 +23,6 @@
#include "base/posix/eintr_wrapper.h"
#include "build/build_config.h"
#include "components/nacl/common/nacl_switches.h"
-#include "components/nacl/loader/nonsfi/nonsfi_sandbox.h"
#include "components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h"
#include "content/public/common/content_switches.h"
#include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
@@ -34,6 +33,10 @@
#include "sandbox/linux/services/thread_helpers.h"
#include "sandbox/linux/suid/client/setuid_sandbox_client.h"
+#if defined(OS_NACL_NONSFI)
+#include "components/nacl/loader/nonsfi/nonsfi_sandbox.h"
Mark Seaborn 2015/10/15 18:10:11 Nit: I don't think you need to conditionalise this
hidehiko 2015/10/19 04:39:18 Done.
+#endif
+
namespace nacl {
namespace {
@@ -185,16 +188,14 @@ void NaClSandbox::InitializeLayerTwoSandbox(bool uses_nonsfi_mode) {
// Pass proc_fd_ ownership to the BPF sandbox, which guarantees it will
// be closed. There is no point in keeping it around since the BPF policy
// will prevent its usage.
- if (uses_nonsfi_mode) {
- layer_two_enabled_ = nacl::nonsfi::InitializeBPFSandbox(proc_fd_.Pass());
- layer_two_is_nonsfi_ = true;
- } else {
#if defined(OS_NACL_NONSFI)
- LOG(FATAL) << "nacl_helper_nonsfi can run only Non-SFI plugin.";
+ CHECK(uses_nonsfi_mode) << "nacl_helper_nonsfi can run only Non-SFI plugin.";
Mark Seaborn 2015/10/15 18:10:11 Consistency nit: The #else branch doesn't have a m
hidehiko 2015/10/19 04:39:18 Done.
+ layer_two_enabled_ = nacl::nonsfi::InitializeBPFSandbox(proc_fd_.Pass());
+ layer_two_is_nonsfi_ = true;
#else
- layer_two_enabled_ = nacl::InitializeBPFSandbox(proc_fd_.Pass());
+ CHECK(!uses_nonsfi_mode);
+ layer_two_enabled_ = nacl::InitializeBPFSandbox(proc_fd_.Pass());
#endif
- }
}
void NaClSandbox::SealLayerOneSandbox() {
« components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc ('K') | « components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698