Reland: Non-SFI NaCl: Allow CLOCK_SYSTEM_TRACE on Chrome OS

components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc

Index: components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
diff --git a/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc b/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
index 8d0a4d499a5ad0d1e638a1e4fe5c23617a660b7e..c2d94deb690b23102eca12fa8be0474afb17de34 100644
--- a/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
@@ -31,8 +31,11 @@
 #include "base/files/scoped_file.h"
 #include "base/logging.h"
 #include "base/posix/eintr_wrapper.h"
+#include "base/sys_info.h"
+#include "base/time/time.h"
 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
 #include "sandbox/linux/seccomp-bpf/bpf_tests.h"
+#include "sandbox/linux/services/linux_syscalls.h"
 #include "third_party/lss/linux_syscall_support.h"  // for MAKE_PROCESS_CPUCLOCK
 
 namespace {
@@ -418,6 +421,54 @@ BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
   clock_gettime(CLOCK_MONOTONIC_RAW, &ts);
 }
 
+#if defined(OS_CHROMEOS)
+
+// A custom BPF tester delegate to run IsRunningOnChromeOS() before
+// the sandbox is enabled because we cannot run it with non-SFI BPF
+// sandbox enabled.
+class ClockSystemTesterDelegate : public sandbox::BPFTesterDelegate {
+ public:
+  ClockSystemTesterDelegate()
+    : is_running_on_chromeos_(base::SysInfo::IsRunningOnChromeOS()) {}

[jln (very slow on Chromium), 2014/06/05 17:53:29]

Nit: 2 extra spaces

[hamaji, 2014/06/05 18:21:02]

Done.

+  virtual ~ClockSystemTesterDelegate() {}
+
+  virtual scoped_ptr<sandbox::SandboxBPFPolicy> GetSandboxBPFPolicy()
+    OVERRIDE {

[jln (very slow on Chromium), 2014/06/05 17:53:29]

Nit: shouldn't it be two spaces more? before OVERRIDE

[hamaji, 2014/06/05 18:21:02]

Actually, this line had 80 columns and git cl format concatinated the two lines.

+    return scoped_ptr<sandbox::SandboxBPFPolicy>(
+      new nacl::nonsfi::NaClNonSfiBPFSandboxPolicy());

[jln (very slow on Chromium), 2014/06/05 17:53:29]

nit: two extra spaces

[hamaji, 2014/06/05 18:21:02]

Done.

+  }
+  virtual void RunTestFunction() OVERRIDE {
+    if (is_running_on_chromeos_) {
+      CheckClock(base::TimeTicks::kClockSystemTrace);
+    } else {
+      struct timespec ts;
+      // kClockSystemTrace is 11, which is CLOCK_THREAD_CPUTIME_ID of
+      // the init process (pid=1). If kernel supports this feature,
+      // this may succeed even if this is not running on Chrome OS. We
+      // just check this clock_gettime call does not crash.
+      clock_gettime(base::TimeTicks::kClockSystemTrace, &ts);
+    }
+  }
+
+ private:
+  const bool is_running_on_chromeos_;
+  DISALLOW_COPY_AND_ASSIGN(ClockSystemTesterDelegate);
+};
+
+BPF_TEST_D(BPFTest, BPFTestWithDelegateClass, ClockSystemTesterDelegate);
+
+#else
+
+BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
+                 clock_gettime_crash_system_trace,
+                 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),
+                 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
+  struct timespec ts;
+  clock_gettime(base::TimeTicks::kClockSystemTrace, &ts);
+}
+
+#endif

[jln (very slow on Chromium), 2014/06/05 17:54:28]

Add "// if defined(OS_CHROMEOS)"

[hamaji, 2014/06/05 18:21:02]

Done. It seems "// defined(OS_CHROMEOS)" is more popular in Chrome repo so I
removed if from your suggestion.

+
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                  clock_gettime_crash_cpu_clock,
                  DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),