Add seccomp sandbox for non-SFI NaCl

components/nacl/loader/nacl_listener.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/nacl/loader/nacl_listener.h"
 
 #include <errno.h>
 #include <stdlib.h>
 
 #if defined(OS_POSIX)
@@ skipping 250 matching lines @@
 void NaClListener::OnStart(const nacl::NaClStartParams& params) {
 #if defined(OS_LINUX) || defined(OS_MACOSX)
   int urandom_fd = dup(base::GetUrandomFD());
   if (urandom_fd < 0) {
     LOG(ERROR) << "Failed to dup() the urandom FD";
     return;
   }
   NaClChromeMainSetUrandomFd(urandom_fd);
 #endif
 
-  NaClChromeMainInit();
+  if (params.uses_nonsfi_mode)
+    NaClChromeMainInitForNonSfi();

[Mark Seaborn, 2014/03/28 01:38:25]

AFAICT, this function isn't defined, so this change doesn't compile?  I don't
see any trybot results for this change.

However, it would be nice to clean up this function.  It would make sense to
refactor OnStart() so that it checks params.uses_nonsfi_mode right at the start
and only does the minimum required when running in Non-SFI Mode.

[hamaji, 2014/03/28 12:06:10]

Sorry, I forgot to publish this change
(https://codereview.chromium.org/209423004/) for review. As this changes the
native_client repository, I need to wait for the next NaCl roll until try bot
works, I think?

+  else
+    NaClChromeMainInit();
   struct NaClChromeMainArgs *args = NaClChromeMainArgsCreate();
   if (args == NULL) {
     LOG(ERROR) << "NaClChromeMainArgsCreate() failed";
     return;
   }
 
   struct NaClApp *nap = NaClAppCreate();
   if (nap == NULL) {
     LOG(ERROR) << "NaClAppCreate() failed";
     return;
@@ skipping 156 matching lines @@
 
 #if defined(OS_LINUX)
   if (params.uses_nonsfi_mode) {
     nacl::nonsfi::MainStart(args->imc_bootstrap_handle);
     return;
   }
 #endif
   NaClChromeMainStartApp(nap, args);
   NOTREACHED();
 }