Non-SFI Mode: Build ipc/ library by PNaCl toolchain for nacl_helper_nonsfi.

Non-SFI Mode: Build ipc/ library by PNaCl toolchain for nacl_helper_nonsfi.

This CL is to build ipc/ for nacl_helper_nonsfi.
The library is similar to ipc_nacl, but slightly different:
- The IPC::Channel should use ChannelPosix rather than ChannelNaCl,
  as it runs under linux directly.
- Some features of ChannelPosix cannot be compiled by PNaCl toolchain for
  Non-SFI build, but these are not necessary for nacl_helper_nonsfi.
  These are dropped by "ifdef" guard.
Note that this library is not used yet, but should be built successfully.

BUG=358465
TEST=Ran trybot. Implement nacl_helper_nonsfi on top of this CL, and made sure it works.

Committed: https://crrev.com/c2eec0d81f92df06e614e104eba8b3e12bbc6030
Cr-Commit-Position: refs/heads/master@{#301037}

[hidehiko, 2014-10-17 08:14:55]

hidehiko@chromium.org changed reviewers:
+ dmichael@chromium.org, mseaborn@chromium.org

[hidehiko, 2014-10-17 08:14:55]

Mark, could you review this from the project point of view?
Dave, could you review as an OWNER of the IPC familiar with NaCl?

I'd appreciate your help,
- hidehiko

[Junichi Uekawa, 2014-10-17 10:31:13]

uekawa@chromium.org changed reviewers:
+ uekawa@chromium.org

[Junichi Uekawa, 2014-10-17 10:31:13]

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel.cc
File ipc/ipc_channel.cc (left):

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel.cc#oldcode13
ipc/ipc_channel.cc:13: #if !defined(OS_NACL)
This is going to introduce a new object in NaCl ?

[hidehiko, 2014-10-20 06:02:28]

PTAL.

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel.cc
File ipc/ipc_channel.cc (left):

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel.cc#oldcode13
ipc/ipc_channel.cc:13: #if !defined(OS_NACL)
On 2014/10/17 10:31:13, Junichi Uekawa wrote:
> This is going to introduce a new object in NaCl ?

This file is NOT built for the SFI NaCl IRT build (i.e., this file is excluded
in gyp config, but we want to include it for nacl_helper_nonsfi).
So, this removal should have no effect for SFI-NaCl.

[hamaji, 2014-10-20 06:37:41]

hamaji@chromium.org changed reviewers:
+ hamaji@chromium.org

[hamaji, 2014-10-20 06:37:41]

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc
File ipc/ipc_channel_posix.cc (right):

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc#new...
ipc/ipc_channel_posix.cc:350: // IPC channels in nacl_helper_nonsfi should not
be NAMED mode.
not be either SERVER mode nor NAMED mode?

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc#new...
ipc/ipc_channel_posix.cc:778: // in the sandbox. In such a situation, calling
GetCurrentProcId() would hit
How about adding "unless --no-sandbox is specified"? This comment sounds like
you can CHECK(global_pid_) here, but actually we cannot?

[hidehiko, 2014-10-20 09:25:29]

Thank you for review. PTAL.

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc
File ipc/ipc_channel_posix.cc (right):

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc#new...
ipc/ipc_channel_posix.cc:350: // IPC channels in nacl_helper_nonsfi should not
be NAMED mode.
On 2014/10/20 06:37:41, hamaji wrote:
> not be either SERVER mode nor NAMED mode?

Done.

https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc#new...
ipc/ipc_channel_posix.cc:778: // in the sandbox. In such a situation, calling
GetCurrentProcId() would hit
On 2014/10/20 06:37:41, hamaji wrote:
> How about adding "unless --no-sandbox is specified"? This comment sounds like
> you can CHECK(global_pid_) here, but actually we cannot?

Slightly refactored. How about this?

[hidehiko, 2014-10-20 19:05:49]

FYI:
Rebased and applied Mark's comment for crrev.com/649183005.

Thanks,
- hidehiko

On 2014/10/20 09:25:29, hidehiko wrote:
> Thank you for review. PTAL.
> 
> https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc
> File ipc/ipc_channel_posix.cc (right):
> 
>
https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc#new...
> ipc/ipc_channel_posix.cc:350: // IPC channels in nacl_helper_nonsfi should not
> be NAMED mode.
> On 2014/10/20 06:37:41, hamaji wrote:
> > not be either SERVER mode nor NAMED mode?
> 
> Done.
> 
>
https://codereview.chromium.org/659243002/diff/1/ipc/ipc_channel_posix.cc#new...
> ipc/ipc_channel_posix.cc:778: // in the sandbox. In such a situation, calling
> GetCurrentProcId() would hit
> On 2014/10/20 06:37:41, hamaji wrote:
> > How about adding "unless --no-sandbox is specified"? This comment sounds
like
> > you can CHECK(global_pid_) here, but actually we cannot?
> 
> Slightly refactored. How about this?

[dmichael (off chromium), 2014-10-20 19:17:20]

dmichael@chromium.org changed reviewers:
+ jam@chromium.org

[dmichael (off chromium), 2014-10-20 19:17:21]

I'm wishing there was a cleaner way to distinguish the cases of:
POSIX, normal/non-NaCl
POSIX, SFI-NaCl
POSIX, non-SFI-NaCl
...but I don't have any better ideas.

+jam, who is a real OWNER here (I only own ipc_channel_nacl)

https://codereview.chromium.org/659243002/diff/40001/ipc/ipc_channel.h
File ipc/ipc_channel.h (right):

https://codereview.chromium.org/659243002/diff/40001/ipc/ipc_channel.h#newcod...
ipc/ipc_channel.h:183: (!defined(OS_NACL) || defined(__native_client_nonsfi__))
This is unfortunately complicated.

I guess the ship has sailed on having OS_NACL defined for the non-SFI build?

I think at a minimum there should be a brief explanatory comment here. Your
average dev who is touching IPC probably doesn't know about non-SFI, and why
OS_NACL is set but we still want to include these functions.

[hidehiko, 2014-10-20 20:22:00]

Thank you for review. PTAL.

https://codereview.chromium.org/659243002/diff/40001/ipc/ipc_channel.h
File ipc/ipc_channel.h (right):

https://codereview.chromium.org/659243002/diff/40001/ipc/ipc_channel.h#newcod...
ipc/ipc_channel.h:183: (!defined(OS_NACL) || defined(__native_client_nonsfi__))
On 2014/10/20 19:17:21, dmichael wrote:
> This is unfortunately complicated.
> 
> I guess the ship has sailed on having OS_NACL defined for the non-SFI build?
> 
> I think at a minimum there should be a brief explanatory comment here. Your
> average dev who is touching IPC probably doesn't know about non-SFI, and why
> OS_NACL is set but we still want to include these functions.

Yes, OS_NACL is defined for both. Actually both are close (or same) in other
libraries, but IPC implementation is the most different point, unfortunately...
Added comment.

[hidehiko, 2014-10-21 19:23:03]

Hi, friendly ping?

On 2014/10/20 20:22:00, hidehiko wrote:
> Thank you for review. PTAL.
> 
> https://codereview.chromium.org/659243002/diff/40001/ipc/ipc_channel.h
> File ipc/ipc_channel.h (right):
> 
>
https://codereview.chromium.org/659243002/diff/40001/ipc/ipc_channel.h#newcod...
> ipc/ipc_channel.h:183: (!defined(OS_NACL) ||
defined(__native_client_nonsfi__))
> On 2014/10/20 19:17:21, dmichael wrote:
> > This is unfortunately complicated.
> > 
> > I guess the ship has sailed on having OS_NACL defined for the non-SFI build?
> > 
> > I think at a minimum there should be a brief explanatory comment here. Your
> > average dev who is touching IPC probably doesn't know about non-SFI, and why
> > OS_NACL is set but we still want to include these functions.
> 
> Yes, OS_NACL is defined for both. Actually both are close (or same) in other
> libraries, but IPC implementation is the most different point,
unfortunately...
> Added comment.

[Mark Seaborn, 2014-10-22 00:35:51]

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel.h
File ipc/ipc_channel.h (right):

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel.h#newcod...
ipc/ipc_channel.h:184: // Here, as for NaCl, the IPC library for NaCl in
SFI-mode is linked into
This comment is rather long...  We shouldn't have to explain the background
about SFI vs. non-SFI NaCl next to every #if. :-)  How about creating a readme
doc (perhaps components/nacl/README or components/nacl/loader/nonsfi/README) to
put this explanation in, and then refer to that here?

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc
File ipc/ipc_channel_posix.cc (right):

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:262: // IPC channels in nacl_helper_nonsfi should not
be NAMED mode.
Nit: "in NAMED mode"?

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:263: NOTREACHED();
How about CHECK(false)?  NOTREACHED is a no-op in release builds.

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:350: // IPC channels in nacl_helper_nonsfi should not
be NAMED or SERVER mode.
Nit: add "in", so "in NAMED or SERVER mode"?

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:351: NOTREACHED();
Also CHECK(false)?  Same below...

It would be confusing for code paths to become no-ops that return success.

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:371: NOTREACHED();
Also CHECK(false)?

Is Connect() used at all in nacl_helper_nonsfi?  If not, should the whole
function body have this #if?

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:649: #if defined(OS_LINUX) ||
defined(__native_client_nonsfi__)
Do we really need SetGlobalPid()?  It would be better if the sandboxed process
does not know its own PID.  Currently we disable getpid().

Does nacl_helper currently initialise global_pid_ before enabling the sandbox?

What does this PID value get used for?  Do the renderer/browser processes
complain if the Non-SFI process doesn't know its own PID?

[hidehiko, 2014-10-22 13:31:06]

Thank you for review. PTAL.

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel.h
File ipc/ipc_channel.h (right):

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel.h#newcod...
ipc/ipc_channel.h:184: // Here, as for NaCl, the IPC library for NaCl in
SFI-mode is linked into
On 2014/10/22 00:35:51, Mark Seaborn wrote:
> This comment is rather long...  We shouldn't have to explain the background
> about SFI vs. non-SFI NaCl next to every #if. :-)  How about creating a readme
> doc (perhaps components/nacl/README or components/nacl/loader/nonsfi/README)
to
> put this explanation in, and then refer to that here?

Indeed. Added comment in components/nacl_nonsfi.gyp and referred it from here,
instead of introducing README. (README is useful for totally new people, but
IMHO people who'll be interested in the topic would be Chrome developer so
they'd be familiar with .gyp. Also, README can be easily stale. So, I thought
.gyp is better to put some comments).

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc
File ipc/ipc_channel_posix.cc (right):

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:262: // IPC channels in nacl_helper_nonsfi should not
be NAMED mode.
On 2014/10/22 00:35:51, Mark Seaborn wrote:
> Nit: "in NAMED mode"?

Done.

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:263: NOTREACHED();
On 2014/10/22 00:35:51, Mark Seaborn wrote:
> How about CHECK(false)?  NOTREACHED is a no-op in release builds.

Done. Replaced by LOG(FATAL).

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:350: // IPC channels in nacl_helper_nonsfi should not
be NAMED or SERVER mode.
On 2014/10/22 00:35:51, Mark Seaborn wrote:
> Nit: add "in", so "in NAMED or SERVER mode"?

Done.

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:351: NOTREACHED();
On 2014/10/22 00:35:51, Mark Seaborn wrote:
> Also CHECK(false)?  Same below...
> 
> It would be confusing for code paths to become no-ops that return success.

Done.

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:371: NOTREACHED();
On 2014/10/22 00:35:51, Mark Seaborn wrote:
> Also CHECK(false)?
> 
> Is Connect() used at all in nacl_helper_nonsfi?  If not, should the whole
> function body have this #if?

Done.

Connect() is actually used from ChannelProxy, which is the based of SyncChannel
used from NonSfiListener and PPAPI IPC channel implementation.

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:649: #if defined(OS_LINUX) ||
defined(__native_client_nonsfi__)
On 2014/10/22 00:35:51, Mark Seaborn wrote:
> Do we really need SetGlobalPid()?  It would be better if the sandboxed process
> does not know its own PID.  Currently we disable getpid().
> 
> Does nacl_helper currently initialise global_pid_ before enabling the sandbox?
> 
> What does this PID value get used for?  Do the renderer/browser processes
> complain if the Non-SFI process doesn't know its own PID?

We need "something" non-null PID for Hello message. It is used in host process's
ChanneProxy to check if the connection is actually established.

Current nacl_helper does not use global_pid, but getpid() (in libc) seems to
cache the pid, so that it works now.
Actually, invocation of getpid() in NonSfiListener::OnStart does not crash,
although it is not allowed in nonsfi_sandbox.

I'm planning to use SetGlobalPid() in nacl_helper_linux, regardless of whether
it is for nacl_helper or nacl_helper_nonsfi, in a following CL.

[Mark Seaborn, 2014-10-23 03:33:49]

LGTM, but can you take out the PID-related parts, please?  (See below.)

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc
File ipc/ipc_channel_posix.cc (right):

https://codereview.chromium.org/659243002/diff/60001/ipc/ipc_channel_posix.cc...
ipc/ipc_channel_posix.cc:649: #if defined(OS_LINUX) ||
defined(__native_client_nonsfi__)
On 2014/10/22 13:31:05, hidehiko wrote:
> On 2014/10/22 00:35:51, Mark Seaborn wrote:
> > Do we really need SetGlobalPid()?  It would be better if the sandboxed
process
> > does not know its own PID.  Currently we disable getpid().
> > 
> > Does nacl_helper currently initialise global_pid_ before enabling the
sandbox?
> > 
> > What does this PID value get used for?  Do the renderer/browser processes
> > complain if the Non-SFI process doesn't know its own PID?
> 
> We need "something" non-null PID for Hello message. It is used in host
process's
> ChanneProxy to check if the connection is actually established.

Ah, you mean the "peer_pid_ == base::kNullProcessId" checks in OnAddFilter() and
OnRemoveFilter()?

Is the PID value passed into any place where its actual numeric value matters? 
I am doubtful that it is really needed.

Maybe (in a future change) you could pass a dummy value, like -1, for the PID? 
(We could use 1, but it's less good as a dummy value since it is a valid process
ID.)

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi.gyp
File components/nacl_nonsfi.gyp (right):

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:18: # This binary is built by the PNaCl toolchain,
but it is native
Subtle nit: "by" -> "using" (since Gyp is involved too)

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:19: # linux binary (translated from a biased pexe)
and will run on Linux
Nit: remove "(translated from a biased pexe)" -- we don't link it as a pexe.

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:26: # Because of the toolchain, in both build,
OS_NACL macro (derived
"in both builds" (plural)

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:28: # compiles for SFI-mode or Non-SFI mode,
__native_client_nonsfi__
"if it compiles for" -> "if it is being compiled for"

Maybe reword to avoid the passive voice.  e.g. "Code can test whether
__native_client_nonsfi__ is #defined in order to determine whether it is being
compiled for SFI mode or Non-SFI mode."

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel_posix.h
File ipc/ipc_channel_posix.h (right):

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel_posix.h...
ipc/ipc_channel_posix.h:88: #if defined(OS_LINUX) ||
defined(__native_client_nonsfi__)
If I understand correctly, these changes to the PID handling won't be needed
until nacl_helper_nonsfi is seccomp-sandboxed.  The non-sandboxed version won't
need these changes.

So would you mind taking out the PID-related changes for now?  It should be
possible to make IPC work without exposing the PID inside the sandbox.

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_nacl.gyp
File ipc/ipc_nacl.gyp (right):

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_nacl.gyp#newcode36
ipc/ipc_nacl.gyp:36: '../native_client/src/public/linux_syscalls',
BTW, I think the DEPS roll has landed that means this isn't required any more.

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_nacl.gyp#newcode50
ipc/ipc_nacl.gyp:50: # because nacl_helper_nonsfi will be running directory on
Linux.
"directly on Linux"

[Junichi Uekawa, 2014-10-23 05:34:24]

lgtm

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel.h
File ipc/ipc_channel.h (right):

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel.h#newco...
ipc/ipc_channel.h:204: #if !defined(OS_NACL) ||
defined(__native_client_nonsfi__)
optional: I wish we had OS_NACL_NONSFI, OS_NACL_SFI, and that way this is less
confusing.

I guess that would mean adding to build/build_config.h:

#if defined(OS_NACL)
#if defined(__native_client_nonsfi__)
#define OS_NACL_NONSFI 1
#else
#define OS_NACL_SFI 1
#endif
#endif

[Mark Seaborn, 2014-10-23 06:32:44]

On 22 October 2014 22:34, <uekawa@chromium.org> wrote:

> lgtm
>
>
> https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel.h
> File ipc/ipc_channel.h (right):
>
> https://codereview.chromium.org/659243002/diff/100001/ipc/
> ipc_channel.h#newcode204
> ipc/ipc_channel.h:204: #if !defined(OS_NACL) ||
> defined(__native_client_nonsfi__)
> optional: I wish we had OS_NACL_NONSFI, OS_NACL_SFI, and that way this
> is less confusing.


I agree; that would be more readable.

Cheers,
Mark

To unsubscribe from this group and stop receiving emails from it, send an email
to chromium-reviews+unsubscribe@chromium.org.

[hamaji, 2014-10-23 08:24:01]

lgtm

[hidehiko, 2014-10-23 09:56:56]

Patchset #7 (id:120001) has been deleted

[hidehiko, 2014-10-23 14:19:10]

Thank you for review. Rebased and addressed Mark's comments.

jam@, could you take a look?

Thanks,
- hidehiko

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi.gyp
File components/nacl_nonsfi.gyp (right):

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:18: # This binary is built by the PNaCl toolchain,
but it is native
On 2014/10/23 03:33:48, Mark Seaborn wrote:
> Subtle nit: "by" -> "using" (since Gyp is involved too)

Done.

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:19: # linux binary (translated from a biased pexe)
and will run on Linux
On 2014/10/23 03:33:48, Mark Seaborn wrote:
> Nit: remove "(translated from a biased pexe)" -- we don't link it as a pexe.

Done.

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:26: # Because of the toolchain, in both build,
OS_NACL macro (derived
On 2014/10/23 03:33:48, Mark Seaborn wrote:
> "in both builds" (plural)

Done.

https://codereview.chromium.org/659243002/diff/100001/components/nacl_nonsfi....
components/nacl_nonsfi.gyp:28: # compiles for SFI-mode or Non-SFI mode,
__native_client_nonsfi__
On 2014/10/23 03:33:48, Mark Seaborn wrote:
> "if it compiles for" -> "if it is being compiled for"
> 
> Maybe reword to avoid the passive voice.  e.g. "Code can test whether
> __native_client_nonsfi__ is #defined in order to determine whether it is being
> compiled for SFI mode or Non-SFI mode."

Done. Thank you for suggestion.

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel.h
File ipc/ipc_channel.h (right):

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel.h#newco...
ipc/ipc_channel.h:204: #if !defined(OS_NACL) ||
defined(__native_client_nonsfi__)
On 2014/10/23 05:34:24, Junichi Uekawa wrote:
> optional: I wish we had OS_NACL_NONSFI, OS_NACL_SFI, and that way this is less
> confusing.
> 
> I guess that would mean adding to build/build_config.h:
> 
> #if defined(OS_NACL)
> #if defined(__native_client_nonsfi__)
> #define OS_NACL_NONSFI 1
> #else
> #define OS_NACL_SFI 1
> #endif
> #endif

Ok, but please let me work on it separately, because it will be spread widely,
while it is not the core goal of this CL.

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel_posix.h
File ipc/ipc_channel_posix.h (right):

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_channel_posix.h...
ipc/ipc_channel_posix.h:88: #if defined(OS_LINUX) ||
defined(__native_client_nonsfi__)
On 2014/10/23 03:33:48, Mark Seaborn wrote:
> If I understand correctly, these changes to the PID handling won't be needed
> until nacl_helper_nonsfi is seccomp-sandboxed.  The non-sandboxed version
won't
> need these changes.
> 
> So would you mind taking out the PID-related changes for now?  It should be
> possible to make IPC work without exposing the PID inside the sandbox.

Ok, reverted. But we need to solve the pid issue.
Please let me start the discussion separately.

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_nacl.gyp
File ipc/ipc_nacl.gyp (right):

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_nacl.gyp#newcode36
ipc/ipc_nacl.gyp:36: '../native_client/src/public/linux_syscalls',
On 2014/10/23 03:33:48, Mark Seaborn wrote:
> BTW, I think the DEPS roll has landed that means this isn't required any more.

Done.

https://codereview.chromium.org/659243002/diff/100001/ipc/ipc_nacl.gyp#newcode50
ipc/ipc_nacl.gyp:50: # because nacl_helper_nonsfi will be running directory on
Linux.
On 2014/10/23 03:33:48, Mark Seaborn wrote:
> "directly on Linux"

Oops... Fixed.

[jam, 2014-10-23 22:46:01]

I'm not a good reviewer here, please use another owner

[dmichael (off chromium), 2014-10-23 22:58:51]

dmichael@chromium.org changed reviewers:
- jam@chromium.org

[dmichael (off chromium), 2014-10-23 22:58:52]

lgtm

[dmichael (off chromium), 2014-10-23 22:59:51]

(but please do follow up later with the suggested pre-compiler defines)

[hidehiko, 2014-10-24 02:12:56]

Thank you for review. Submitting.

On 2014/10/23 22:59:51, dmichael wrote:
> (but please do follow up later with the suggested pre-compiler defines)

Sure. I'll send another follow up CL later.

[hidehiko, 2014-10-24 02:13:02]

The CQ bit was checked by hidehiko@chromium.org

[commit-bot: I haz the power, 2014-10-24 02:14:21]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/659243002/140001

[commit-bot: I haz the power, 2014-10-24 03:49:35]

Committed patchset #7 (id:140001)

[commit-bot: I haz the power, 2014-10-24 03:50:35]

Patchset 7 (id:??) landed as
https://crrev.com/c2eec0d81f92df06e614e104eba8b3e12bbc6030
Cr-Commit-Position: refs/heads/master@{#301037}