Revert "Non-SFI NaCl: Allow CLOCK_SYSTEM_TRACE on Chrome OS"

This reverts commit 8dfdf978. Breaking Linux Chromium OS Tests: http://build.chromium.org/p/chromium.chromiumos/builders/Linux%20ChromiumOS%20Tests%20%281%29/builds/44018 BUG=none TBR=hamaji@chromium.org Review URL: https://codereview.chromium.org/313053004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274810 0039d316-1c4b-4281-b951-d872f2087c98

Revert "Non-SFI NaCl: Allow CLOCK_SYSTEM_TRACE on Chrome OS"
This reverts commit 8dfdf978. Breaking Linux Chromium OS Tests: http://build.chromium.org/p/chromium.chromiumos/builders/Linux%20ChromiumOS%20Tests%20%281%29/builds/44018 BUG=none TBR=hamaji@chromium.org Review URL: https://codereview.chromium.org/313053004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274810 0039d316-1c4b-4281-b951-d872f2087c98
11572c14 · dconnelly@chromium.org · 596dc1bf · 11572c14 · 11572c14 · 11572c14
Commit 11572c14 authored Jun 04, 2014 by dconnelly@chromium.org
4 changed files
--- a/base/time/time.h
+++ b/base/time/time.h
@@ -576,14 +576,6 @@ inline Time TimeDelta::operator+(Time t) const {

 class BASE_EXPORT TimeTicks {
 public:
-  // We define this even without OS_CHROMEOS for seccomp sandbox testing.
-#if defined(OS_LINUX)
-  // Force definition of the system trace clock; it is a chromeos-only api
-  // at the moment and surfacing it in the right place requires mucking
-  // with glibc et al.
-  static const clockid_t kClockSystemTrace = 11;
-#endif
-
  TimeTicks() : ticks_(0) {
  }


--- a/base/time/time_posix.cc
+++ b/base/time/time_posix.cc
@@ -320,19 +320,18 @@ TimeTicks TimeTicks::ThreadNow() {
 #endif
 }

-// NaCl IRT does not support the Chrome OS specific clock
-// ID. build/common.gypi sets OS_CHROMEOS without any other OS_*
-// macros for untrusted NaCl build so we need to check
-// __native_client__ explicitly.
-// TODO(hamaji): Do not specify OS_CHROMEOS for untrusted NaCl build
-// and remove !defined(__native_client__).
-#if defined(OS_CHROMEOS) && !defined(__native_client__)
+#if defined(OS_CHROMEOS)
+// Force definition of the system trace clock; it is a chromeos-only api
+// at the moment and surfacing it in the right place requires mucking
+// with glibc et al.
+#define CLOCK_SYSTEM_TRACE 11
+
 // static
 TimeTicks TimeTicks::NowFromSystemTraceTime() {
  uint64_t absolute_micro;

  struct timespec ts;
-  if (clock_gettime(kClockSystemTrace, &ts) != 0) {
+  if (clock_gettime(CLOCK_SYSTEM_TRACE, &ts) != 0) {
    // NB: fall-back for a chrome os build running on linux
    return HighResNow();
  }
@@ -344,14 +343,14 @@ TimeTicks TimeTicks::NowFromSystemTraceTime() {
  return TimeTicks(absolute_micro);
 }

-#else // !(defined(OS_CHROMEOS) && !defined(__native_client__))
+#else // !defined(OS_CHROMEOS)

 // static
 TimeTicks TimeTicks::NowFromSystemTraceTime() {
  return HighResNow();
 }

-#endif // defined(OS_CHROMEOS) && !defined(__native_client__)
+#endif // defined(OS_CHROMEOS)

 #endif  // !OS_MACOSX


--- a/components/nacl/loader/nonsfi/nonsfi_sandbox.cc
+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox.cc
@@ -15,7 +15,6 @@

 #include "base/basictypes.h"
 #include "base/logging.h"
-#include "base/time/time.h"
 #include "build/build_config.h"
 #include "content/public/common/sandbox_init.h"
 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
@@ -81,26 +80,19 @@ ErrorCode RestrictClockID(SandboxBPF* sb) {
  // returned by {clock,pthread}_getcpuclockid), which can leak information
  // about the state of the host OS.
  COMPILE_ASSERT(4 == sizeof(clockid_t), clockid_is_not_32bit);
-  ErrorCode result = sb->Cond(0, ErrorCode::TP_32BIT,
-                              ErrorCode::OP_EQUAL, CLOCK_MONOTONIC,
-                              ErrorCode(ErrorCode::ERR_ALLOWED),
-                     sb->Cond(0, ErrorCode::TP_32BIT,
-                              ErrorCode::OP_EQUAL, CLOCK_PROCESS_CPUTIME_ID,
-                              ErrorCode(ErrorCode::ERR_ALLOWED),
-                     sb->Cond(0, ErrorCode::TP_32BIT,
-                              ErrorCode::OP_EQUAL, CLOCK_REALTIME,
-                              ErrorCode(ErrorCode::ERR_ALLOWED),
-                     sb->Cond(0, ErrorCode::TP_32BIT,
-                              ErrorCode::OP_EQUAL, CLOCK_THREAD_CPUTIME_ID,
-                              ErrorCode(ErrorCode::ERR_ALLOWED),
-                     sb->Trap(sandbox::CrashSIGSYS_Handler, NULL)))));
-#if defined(OS_CHROMEOS)
-  // Allow the special clock for Chrome OS used by Chrome tracing.
-  result = sb->Cond(0, ErrorCode::TP_32BIT,
-                    ErrorCode::OP_EQUAL, base::TimeTicks::kClockSystemTrace,
-                    ErrorCode(ErrorCode::ERR_ALLOWED), result);
-#endif
-  return result;
+  return sb->Cond(0, ErrorCode::TP_32BIT,
+                  ErrorCode::OP_EQUAL, CLOCK_MONOTONIC,
+                  ErrorCode(ErrorCode::ERR_ALLOWED),
+         sb->Cond(0, ErrorCode::TP_32BIT,
+                  ErrorCode::OP_EQUAL, CLOCK_PROCESS_CPUTIME_ID,
+                  ErrorCode(ErrorCode::ERR_ALLOWED),
+         sb->Cond(0, ErrorCode::TP_32BIT,
+                  ErrorCode::OP_EQUAL, CLOCK_REALTIME,
+                  ErrorCode(ErrorCode::ERR_ALLOWED),
+         sb->Cond(0, ErrorCode::TP_32BIT,
+                  ErrorCode::OP_EQUAL, CLOCK_THREAD_CPUTIME_ID,
+                  ErrorCode(ErrorCode::ERR_ALLOWED),
+         sb->Trap(sandbox::CrashSIGSYS_Handler, NULL)))));
 }

 ErrorCode RestrictClone(SandboxBPF* sb) {

--- a/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc
@@ -31,10 +31,8 @@
 #include "base/files/scoped_file.h"
 #include "base/logging.h"
 #include "base/posix/eintr_wrapper.h"
-#include "base/time/time.h"
 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
 #include "sandbox/linux/seccomp-bpf/bpf_tests.h"
-#include "sandbox/linux/services/linux_syscalls.h"
 #include "third_party/lss/linux_syscall_support.h"  // for MAKE_PROCESS_CPUCLOCK

 namespace {
@@ -410,9 +408,6 @@ BPF_TEST_C(NaClNonSfiSandboxTest,
  CheckClock(CLOCK_PROCESS_CPUTIME_ID);
  CheckClock(CLOCK_REALTIME);
  CheckClock(CLOCK_THREAD_CPUTIME_ID);
-#if defined(OS_CHROMEOS)
-  CheckClock(base::TimeTicks::kClockSystemTrace);
-#endif
 }

 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
@@ -423,16 +418,6 @@ BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
  clock_gettime(CLOCK_MONOTONIC_RAW, &ts);
 }

-#if !defined(OS_CHROMEOS)
-BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
-                 clock_gettime_crash_system_trace,
-                 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),
-                 nacl::nonsfi::NaClNonSfiBPFSandboxPolicy) {
-  struct timespec ts;
-  clock_gettime(base::TimeTicks::kClockSystemTrace, &ts);
-}
-#endif
-
 BPF_DEATH_TEST_C(NaClNonSfiSandboxTest,
                 clock_gettime_crash_cpu_clock,
                 DEATH_MESSAGE(sandbox::GetErrorMessageContentForTests()),