Revert "macOS V2 Sandbox: Report correct sandbox profile for nacl-loader."

This reverts commit 9789adec.

Reason for revert: High NaCl crash rate since this landed.

Original change's description:
> macOS V2 Sandbox: Report correct sandbox profile for nacl-loader.
> 
> The nacl loader process, used only on macOS, currently tries to load an
> invalid profile type under the V2 sandbox. This loads the correct type.
> This also adds necessary IOKit resource access to the nacl sandbox profile.
> 
> Bug: 892554
> Tbr: dschuff@chromium.org
> Change-Id: Ib35c67684bfda9ef052ea62576f8277a97caefd8
> Reviewed-on: https://chromium-review.googlesource.com/c/1292606
> Commit-Queue: Greg Kerr <kerrnel@chromium.org>
> Reviewed-by: Derek Schuff <dschuff@chromium.org>
> Reviewed-by: Robert Sesek <rsesek@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#601332}

TBR=dschuff@chromium.org,kerrnel@chromium.org,rsesek@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: 892554
Change-Id: I1cb2c2b998e3c1286028689b9cdbf2a8dec9519a
Reviewed-on: https://chromium-review.googlesource.com/c/1294692Reviewed-by: Greg Kerr <kerrnel@chromium.org>
Commit-Queue: Greg Kerr <kerrnel@chromium.org>
Cr-Commit-Position: refs/heads/master@{#601759}

components/nacl/loader/DEPS

@@ -9,7 +9,6 @@ include_rules = [
   "+sandbox/linux/services",
   "+sandbox/linux/suid",
   "+sandbox/linux/system_headers",
-  "+sandbox/mac",
   "+sandbox/sandbox_buildflags.h",
   "+sandbox/win/src",
   "+services/service_manager/sandbox",

components/nacl/loader/nacl_main_platform_delegate_mac.mm

@@ -6,22 +6,13 @@
 
 #import <Cocoa/Cocoa.h>
 
-#include "base/command_line.h"
 #include "base/logging.h"
 #include "components/nacl/common/nacl_switches.h"
 #include "content/public/common/sandbox_init.h"
-#include "sandbox/mac/seatbelt.h"
-#include "sandbox/mac/seatbelt_exec.h"
 #include "services/service_manager/sandbox/sandbox_type.h"
 
 void NaClMainPlatformDelegate::EnableSandbox(
     const content::MainFunctionParams& parameters) {
-  if (base::CommandLine::ForCurrentProcess()->HasSwitch(
-          sandbox::switches::kSeatbeltClientName)) {
-    // Make sure the sandbox is actually enabled if the V2 flag is present.
-    CHECK(sandbox::Seatbelt::IsSandboxed());
-  } else {
-    CHECK(content::InitializeSandbox(service_manager::SANDBOX_TYPE_NACL_LOADER))
-        << "Error initializing sandbox for " << switches::kNaClLoaderProcess;
-  }
+  CHECK(content::InitializeSandbox(service_manager::SANDBOX_TYPE_NACL_LOADER))
+      << "Error initializing sandbox for " << switches::kNaClLoaderProcess;
 }

services/service_manager/sandbox/mac/common.sb

@@ -20,12 +20,6 @@
 (define elcap-or-later "ELCAP_OR_LATER")
 (define macos-1013 "MACOS_1013")
 
-; Backwards compatibility for 10.9
-(if (not (defined? 'path))
-  (define path literal))
-(if (not (defined? 'iokit-registry-entry-class))
-  (define iokit-registry-entry-class iokit-user-client-class))
-
 ; Consumes a subpath and appends it to the user's homedir path.
 (define (user-homedir-path subpath)
   (string-append (param homedir-as-literal) subpath))

services/service_manager/sandbox/mac/nacl_loader.sb

@@ -12,10 +12,3 @@
 ; Allow a Native Client application to use semaphores, specifically
 ; sem_init(), et.al.
 (allow ipc-posix-sem)
-
-(allow iokit-get-properties
-  (iokit-registry-entry-class "IORegisterForSystemPower"))
-
-(allow iokit-open
-  (iokit-user-client-class "IOSurfaceSendRight")
-  (iokit-user-client-class "RootDomainUserClient"))

services/service_manager/sandbox/sandbox_type.cc

@@ -126,11 +126,6 @@ SandboxType SandboxTypeFromCommandLine(const base::CommandLine& command_line) {
   if (process_type == switches::kPpapiPluginProcess)
     return SANDBOX_TYPE_PPAPI;
 
-#if defined(OS_MACOSX)
-  if (process_type == switches::kNaClLoaderProcess)
-    return SANDBOX_TYPE_NACL_LOADER;
-#endif
-
   // This is a process which we don't know about.
   return SANDBOX_TYPE_INVALID;
 }

services/service_manager/sandbox/switches.cc

@@ -107,7 +107,6 @@ const char kEnableSandboxLogging[] = "enable-sandbox-logging";
 
 // Flags spied upon from other layers.
 const char kGpuProcess[] = "gpu-process";
-const char kNaClLoaderProcess[] = "nacl-loader";
 const char kPpapiBrokerProcess[] = "ppapi-broker";
 const char kPpapiPluginProcess[] = "ppapi";
 const char kRendererProcess[] = "renderer";

services/service_manager/sandbox/switches.h

@@ -59,7 +59,6 @@ SERVICE_MANAGER_SANDBOX_EXPORT extern const char kEnableSandboxLogging[];
 
 // Flags spied upon from other layers.
 SERVICE_MANAGER_SANDBOX_EXPORT extern const char kGpuProcess[];
-SERVICE_MANAGER_SANDBOX_EXPORT extern const char kNaClLoaderProcess[];
 SERVICE_MANAGER_SANDBOX_EXPORT extern const char kPpapiBrokerProcess[];
 SERVICE_MANAGER_SANDBOX_EXPORT extern const char kPpapiPluginProcess[];
 SERVICE_MANAGER_SANDBOX_EXPORT extern const char kRendererProcess[];