blob: 36913ac854728d974c541b3fcb20db443833f121 [file] [log] [blame]
This is a prototype for plumbing Mojo into the NaCl sandbox. It is
currently insecure (see below), does not provide a stable ABI (IRT
support must be added), and does not support Mojo functions that
return pointers (for example, MojoMapBuffer).
generator/ contains a programmatic description of the
stable Mojo interface. This will need to be updated as the interface
changes. Run generator/ to generate the
bindings that plumb this interface into the NaCl sandbox.
To test: Build "monacl_shell" and "monacl_test". Run monacl_shell
with the IRT as the first argument and the monacl_test as the second
argument. For example, to run a Debug 32-bit Intel build:
cd out/Debug
./monacl_shell irt_core_newlib_x32.nexe monacl_test_newlib_x32.nexe
Security TODO list:
Separate trusted and untrusted Mojo handles.
Validate and copy option structures.
Protect untrusted buffers passed into Mojo:
volatile accesses to untrusted memory (untrusted code could race).
Overflow checking in array bounds validation.