Add seccomp sandbox for non-SFI NaCl

components/nacl/loader/nonsfi/nonsfi_sandbox.h

Index: components/nacl/loader/nonsfi/nonsfi_sandbox.h
diff --git a/components/nacl/loader/nonsfi/nonsfi_sandbox.h b/components/nacl/loader/nonsfi/nonsfi_sandbox.h
new file mode 100644
index 0000000000000000000000000000000000000000..152a0eba907e759588f8c72dc3e15cbe2d61abff
--- /dev/null
+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox.h
@@ -0,0 +1,40 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_NACL_LOADER_NONSFI_NONSFI_SANDBOX_H_
+#define COMPONENTS_NACL_LOADER_NONSFI_NONSFI_SANDBOX_H_
+
+#include "base/basictypes.h"
+#include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"
+
+namespace nacl {
+namespace nonsfi {
+
+// The seccomp sandbox policy for NaCl non-SFI mode. Note that this
+// policy must be as strong as possible, as non-SFI mode heavily
+// depends on seccomp sandbox.
+class NaClNonSfiBPFSandboxPolicy : public sandbox::SandboxBPFPolicy {
+ public:
+  explicit NaClNonSfiBPFSandboxPolicy() {
+  }
+  virtual ~NaClNonSfiBPFSandboxPolicy() {}
+
+  virtual sandbox::ErrorCode EvaluateSyscall(sandbox::SandboxBPF* sb,
+                                             int sysno) const OVERRIDE;
+
+  static sandbox::ErrorCode EvaluateSyscallImpl(sandbox::SandboxBPF* sb,
+                                                int sysno, void*);
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(NaClNonSfiBPFSandboxPolicy);
+};
+
+// Initializes seccomp-bpf sandbox for non-SFI NaCl. Returns false on
+// failure.
+bool InitializeBPFSandbox();

[hamaji, 2014/04/11 01:25:58]

I changed the return value from void to bool, as this is more compatible with my
another change: https://codereview.chromium.org/226033002/

+
+}  // namespace nonsfi
+}  // namespace nacl
+
+#endif  // COMPONENTS_NACL_LOADER_NONSFI_NONSFI_SANDBOX_H_